MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

Initial Json schema

pull/33/head
Raphaël Vinot 2017-02-13 18:32:53 +01:00
parent 6fb89a644f
commit 47ac01ee96
10 changed files with 146 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
.travis.yml
View File

@ -1,17 +1,16 @@
language: bash
language: python
cache: pip
python:
- "3.6"
sudo: required
dist: trusty
install:
- git clone https://github.com/stedolan/jq.git
- pushd jq
- autoreconf -i
- ./configure --disable-maintainer-mode
- make
- sudo make install
- popd
- sudo apt-get update -qq
- sudo apt-get install -y -qq jq moreutils
- pip install jsonschema
script:
- cat */*.json | jq .
- ./validate_all.sh

6
galaxies/exploit-kit.json
View File

@ -1,7 +1,7 @@
{
"type" : "exploit-kit",
"name" : "Exploit-Kit",
"description":"Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits.It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years",
"type": "exploit-kit",
"name": "Exploit-Kit",
"description": "Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits.It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years",
"version": 2,
"uuid": "6ab240ec-bd79-11e6-a4a6-cec0c932ce01"
}

4
galaxies/tds.json
View File

@ -1,6 +1,6 @@
{
"type" : "tds",
"name" : "TDS",
"type": "tds",
"name": "TDS",
"description": "TDS is a list of Traffic Direction System used by adversaries",
"version": 2,
"uuid": "1b9a7d8e-bd7a-11e6-a4a6-cec0c932ce01"

4
galaxies/threat-actor.json
View File

@ -1,6 +1,6 @@
{
"name" : "Threat Actor",
"type" : "threat-actor",
"name": "Threat Actor",
"type": "threat-actor",
"description": "Threat actors are characteristics of malicious actors (or adversaries) representing a cyber attack threat including presumed intent and historically observed behaviour.",
"version": 1,
"uuid": "698774c7-8022-42c4-917f-8d6e4f06ada3"

4
galaxies/tool.json
View File

@ -1,6 +1,6 @@
{
"type" : "tool",
"name" : "Tool",
"type": "tool",
"name": "Tool",
"description": "Threat actors tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
"version": 1,
"uuid": "9b8037f7-bc8f-4de1-a797-37266619bc0b"

13
jq_all_the_things.sh Executable file
View File

@ -0,0 +1,13 @@
#!/bin/bash
set -e
set -x
# Seeds sponge, from moreutils
for dir in galaxies/*.json
do
cat ${dir} | jq . | sponge ${dir}
done
cat schema.json | jq . | sponge schema.json

72
schema.json Normal file
View File

@ -0,0 +1,72 @@
{
"$schema": "http://json-schema.org/schema#",
"title": "Validator for misp-galaxies",
"id": "https://www.github.com/MISP/misp-galaxies/schema.json",
"type": "object",
"additionalProperties": false,
"properties": {
"description": {
"type": "string"
},
"type": {
"type": "string"
},
"version": {
"type": "integer"
},
"name": {
"type": "string"
},
"uuid": {
"type": "string"
},
"source": {
"type": "string"
},
"values": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object",
"additionalProperties": false,
"properties": {
"description": {
"type": "string"
},
"value": {
"type": "string"
},
"type": {
"type": "string"
},
"Possible Issues": {
"type": "string"
},
"meta": {
"type": "object"
}
},
"required": [
"value"
]
}
},
"authors": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "string"
}
}
},
"required": [
"description",
"type",
"version",
"name",
"uuid",
"values",
"authors",
"source"
]
}

21
validate_all.sh Executable file
View File

@ -0,0 +1,21 @@
#!/bin/bash
set -e
set -x
./jq_all_the_things.sh
diffs=`git status --porcelain | wc -l`
if ! [ $diffs -eq 0 ]; then
echo "Please make sure you run ./jq_all_the_things.sh before commiting."
exit 1
fi
for dir in galaxies/*.json
do
echo -n "${dir}: "
jsonschema -i ${dir} schema.json
echo ''
done