MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

Fix [tidal] exclude empty meta fields

pull/941/head
niclas 2024-03-05 14:41:53 +01:00
parent 8e345c3684
commit 5be77f6c2d
6 changed files with 269 additions and 1102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
clusters/tidal-campaigns.json
View File

@ -13,8 +13,7 @@
"campaign_attack_id": "C0028", "campaign_attack_id": "C0028",
"first_seen": "2015-12-01T05:00:00Z", "first_seen": "2015-12-01T05:00:00Z",
"last_seen": "2016-01-01T05:00:00Z", "last_seen": "2016-01-01T05:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "96e367d0-a744-5b63-85ec-595f505248a3", "uuid": "96e367d0-a744-5b63-85ec-595f505248a3",
@ -26,8 +25,7 @@
"campaign_attack_id": "C0025", "campaign_attack_id": "C0025",
"first_seen": "2016-12-01T05:00:00Z", "first_seen": "2016-12-01T05:00:00Z",
"last_seen": "2016-12-01T05:00:00Z", "last_seen": "2016-12-01T05:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "06197e03-e1c1-56af-ba98-5071f98f91f1", "uuid": "06197e03-e1c1-56af-ba98-5071f98f91f1",
@ -172,8 +170,7 @@
"campaign_attack_id": "C0010", "campaign_attack_id": "C0010",
"first_seen": "2020-12-01T07:00:00Z", "first_seen": "2020-12-01T07:00:00Z",
"last_seen": "2022-08-01T06:00:00Z", "last_seen": "2022-08-01T06:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "a1e33caf-6eb0-442f-b97a-f6042f21df48", "uuid": "a1e33caf-6eb0-442f-b97a-f6042f21df48",
@ -185,8 +182,7 @@
"campaign_attack_id": "C0011", "campaign_attack_id": "C0011",
"first_seen": "2021-12-01T06:00:00Z", "first_seen": "2021-12-01T06:00:00Z",
"last_seen": "2022-07-01T05:00:00Z", "last_seen": "2022-07-01T05:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "4c7386a7-9741-4ae4-8ad9-def03ed77e29", "uuid": "4c7386a7-9741-4ae4-8ad9-def03ed77e29",
@ -245,8 +241,7 @@
"campaign_attack_id": "C0021", "campaign_attack_id": "C0021",
"first_seen": "2018-11-01T05:00:00Z", "first_seen": "2018-11-01T05:00:00Z",
"last_seen": "2018-11-01T05:00:00Z", "last_seen": "2018-11-01T05:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "86bed8da-4cab-55fe-a2d0-9214db1a09cf", "uuid": "86bed8da-4cab-55fe-a2d0-9214db1a09cf",
@ -258,8 +253,7 @@
"campaign_attack_id": "C0026", "campaign_attack_id": "C0026",
"first_seen": "2022-08-01T05:00:00Z", "first_seen": "2022-08-01T05:00:00Z",
"last_seen": "2022-09-01T04:00:00Z", "last_seen": "2022-09-01T04:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "41f283a1-b2ac-547d-98d5-ff907afd08c7", "uuid": "41f283a1-b2ac-547d-98d5-ff907afd08c7",
@ -271,8 +265,7 @@
"campaign_attack_id": "C0027", "campaign_attack_id": "C0027",
"first_seen": "2022-06-01T04:00:00Z", "first_seen": "2022-06-01T04:00:00Z",
"last_seen": "2022-12-01T05:00:00Z", "last_seen": "2022-12-01T05:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "a9719584-4f52-5a5d-b0f7-1059e715c2b8", "uuid": "a9719584-4f52-5a5d-b0f7-1059e715c2b8",
@ -302,8 +295,7 @@
"campaign_attack_id": "C0004", "campaign_attack_id": "C0004",
"first_seen": "2019-10-01T04:00:00Z", "first_seen": "2019-10-01T04:00:00Z",
"last_seen": "2020-11-01T04:00:00Z", "last_seen": "2020-11-01T04:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "fb011ed2-bfb9-4f0f-bd88-8b3fa0cf9b48", "uuid": "fb011ed2-bfb9-4f0f-bd88-8b3fa0cf9b48",
@ -353,8 +345,7 @@
"campaign_attack_id": "C0001", "campaign_attack_id": "C0001",
"first_seen": "2019-01-01T06:00:00Z", "first_seen": "2019-01-01T06:00:00Z",
"last_seen": "2019-04-01T05:00:00Z", "last_seen": "2019-04-01T05:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "2fab9878-8aae-445a-86db-6b47b473f56b", "uuid": "2fab9878-8aae-445a-86db-6b47b473f56b",
@ -366,8 +357,7 @@
"campaign_attack_id": "C0007", "campaign_attack_id": "C0007",
"first_seen": "2018-07-01T05:00:00Z", "first_seen": "2018-07-01T05:00:00Z",
"last_seen": "2020-11-01T04:00:00Z", "last_seen": "2020-11-01T04:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "94587edf-0292-445b-8c66-b16629597f1e", "uuid": "94587edf-0292-445b-8c66-b16629597f1e",
@ -397,8 +387,7 @@
"first_seen": "2020-09-20T00:00:00Z", "first_seen": "2020-09-20T00:00:00Z",
"last_seen": "2020-10-20T00:00:00Z", "last_seen": "2020-10-20T00:00:00Z",
"owner": "TidalCyberIan", "owner": "TidalCyberIan",
"source": "Tidal Cyber", "source": "Tidal Cyber"
"tags": []
}, },
"related": [], "related": [],
"uuid": "18cf25b5-ed3a-40f6-bf0a-a3938a4f8da2", "uuid": "18cf25b5-ed3a-40f6-bf0a-a3938a4f8da2",
@ -497,8 +486,7 @@
"campaign_attack_id": "C0002", "campaign_attack_id": "C0002",
"first_seen": "2009-11-01T04:00:00Z", "first_seen": "2009-11-01T04:00:00Z",
"last_seen": "2011-02-01T05:00:00Z", "last_seen": "2011-02-01T05:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "85f136b3-d5a3-4c4c-a37c-40e4418dc989", "uuid": "85f136b3-d5a3-4c4c-a37c-40e4418dc989",
@ -510,8 +498,7 @@
"campaign_attack_id": "C0012", "campaign_attack_id": "C0012",
"first_seen": "2019-12-01T07:00:00Z", "first_seen": "2019-12-01T07:00:00Z",
"last_seen": "2022-05-01T06:00:00Z", "last_seen": "2022-05-01T06:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "81bf4e45-f0d3-4fec-a9d4-1259cf8542a1", "uuid": "81bf4e45-f0d3-4fec-a9d4-1259cf8542a1",
@ -523,8 +510,7 @@
"campaign_attack_id": "C0022", "campaign_attack_id": "C0022",
"first_seen": "2019-09-01T04:00:00Z", "first_seen": "2019-09-01T04:00:00Z",
"last_seen": "2020-08-01T04:00:00Z", "last_seen": "2020-08-01T04:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "9a94e646-cbe5-54a1-8bf6-70ef745e641b", "uuid": "9a94e646-cbe5-54a1-8bf6-70ef745e641b",
@ -536,8 +522,7 @@
"campaign_attack_id": "C0016", "campaign_attack_id": "C0016",
"first_seen": "2010-01-01T07:00:00Z", "first_seen": "2010-01-01T07:00:00Z",
"last_seen": "2016-02-01T06:00:00Z", "last_seen": "2016-02-01T06:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "af0c0f55-dc4f-4cb5-9350-3a2d7c07595f", "uuid": "af0c0f55-dc4f-4cb5-9350-3a2d7c07595f",
@ -549,8 +534,7 @@
"campaign_attack_id": "C0023", "campaign_attack_id": "C0023",
"first_seen": "2013-09-01T04:00:00Z", "first_seen": "2013-09-01T04:00:00Z",
"last_seen": "2019-10-01T04:00:00Z", "last_seen": "2019-10-01T04:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "1fcfe949-5f96-578e-86ad-069ba123c867", "uuid": "1fcfe949-5f96-578e-86ad-069ba123c867",
@ -562,8 +546,7 @@
"campaign_attack_id": "C0006", "campaign_attack_id": "C0006",
"first_seen": "2017-08-01T05:00:00Z", "first_seen": "2017-08-01T05:00:00Z",
"last_seen": "2018-02-01T06:00:00Z", "last_seen": "2018-02-01T06:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "f741ed36-2d52-40ae-bbdc-70722f4071c7", "uuid": "f741ed36-2d52-40ae-bbdc-70722f4071c7",
@ -575,8 +558,7 @@
"campaign_attack_id": "C0013", "campaign_attack_id": "C0013",
"first_seen": "2017-09-01T05:00:00Z", "first_seen": "2017-09-01T05:00:00Z",
"last_seen": "2019-03-01T06:00:00Z", "last_seen": "2019-03-01T06:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "57e858c8-fd0b-4382-a178-0165d03aa8a9", "uuid": "57e858c8-fd0b-4382-a178-0165d03aa8a9",
@ -588,8 +570,7 @@
"campaign_attack_id": "C0005", "campaign_attack_id": "C0005",
"first_seen": "2019-11-01T05:00:00Z", "first_seen": "2019-11-01T05:00:00Z",
"last_seen": "2021-01-01T06:00:00Z", "last_seen": "2021-01-01T06:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "98d3a8ac-6af9-4471-83f6-e880ca70261f", "uuid": "98d3a8ac-6af9-4471-83f6-e880ca70261f",
@ -601,8 +582,7 @@
"campaign_attack_id": "C0014", "campaign_attack_id": "C0014",
"first_seen": "2017-12-01T05:00:00Z", "first_seen": "2017-12-01T05:00:00Z",
"last_seen": "2019-12-01T05:00:00Z", "last_seen": "2019-12-01T05:00:00Z",
"source": "MITRE", "source": "MITRE"
"tags": []
}, },
"related": [], "related": [],
"uuid": "56e4e10f-8c8c-4b7c-8355-7ed89af181be", "uuid": "56e4e10f-8c8c-4b7c-8355-7ed89af181be",

318
clusters/tidal-groups.json
View File

File diff suppressed because it is too large Load Diff

346
clusters/tidal-software.json
View File

File diff suppressed because it is too large Load Diff

42
clusters/tidal-tactic.json
View File

@ -12,8 +12,7 @@
"meta": { "meta": {
"ordinal_position": 1, "ordinal_position": 1,
"source": "MITRE", "source": "MITRE",
"tactic_attack_id": "TA0043", "tactic_attack_id": "TA0043"
"tags": []
}, },
"related": [ "related": [
{ {
@ -201,8 +200,7 @@
"meta": { "meta": {
"ordinal_position": 2, "ordinal_position": 2,
"source": "MITRE", "source": "MITRE",
"tactic_attack_id": "TA0042", "tactic_attack_id": "TA0042"
"tags": []
}, },
"related": [ "related": [
{ {
@ -394,8 +392,7 @@
"meta": { "meta": {
"ordinal_position": 3, "ordinal_position": 3,
"source": "MITRE", "source": "MITRE",
"tactic_attack_id": "TA0001", "tactic_attack_id": "TA0001"
"tags": []
}, },
"related": [ "related": [
{ {
@ -491,8 +488,7 @@
"meta": { "meta": {
"ordinal_position": 4, "ordinal_position": 4,
"source": "MITRE", "source": "MITRE",
"tactic_attack_id": "TA0002", "tactic_attack_id": "TA0002"
"tags": []
}, },
"related": [ "related": [
{ {
@ -648,8 +644,7 @@
"meta": { "meta": {
"ordinal_position": 5, "ordinal_position": 5,
"source": "MITRE", "source": "MITRE",
"tactic_attack_id": "TA0003", "tactic_attack_id": "TA0003"
"tags": []
}, },
"related": [ "related": [
{ {
@ -1121,8 +1116,7 @@
"meta": { "meta": {
"ordinal_position": 6, "ordinal_position": 6,
"source": "MITRE", "source": "MITRE",
"tactic_attack_id": "TA0004", "tactic_attack_id": "TA0004"
"tags": []
}, },
"related": [ "related": [
{ {
@ -1550,8 +1544,7 @@
"meta": { "meta": {
"ordinal_position": 7, "ordinal_position": 7,
"source": "MITRE", "source": "MITRE",
"tactic_attack_id": "TA0005", "tactic_attack_id": "TA0005"
"tags": []
}, },
"related": [ "related": [
{ {
@ -2327,8 +2320,7 @@
"meta": { "meta": {
"ordinal_position": 8, "ordinal_position": 8,
"source": "MITRE", "source": "MITRE",
"tactic_attack_id": "TA0006", "tactic_attack_id": "TA0006"
"tags": []
}, },
"related": [ "related": [
{ {
@ -2596,8 +2588,7 @@
"meta": { "meta": {
"ordinal_position": 9, "ordinal_position": 9,
"source": "MITRE", "source": "MITRE",
"tactic_attack_id": "TA0007", "tactic_attack_id": "TA0007"
"tags": []
}, },
"related": [ "related": [
{ {
@ -2793,8 +2784,7 @@
"meta": { "meta": {
"ordinal_position": 10, "ordinal_position": 10,
"source": "MITRE", "source": "MITRE",
"tactic_attack_id": "TA0008", "tactic_attack_id": "TA0008"
"tags": []
}, },
"related": [ "related": [
{ {
@ -2898,8 +2888,7 @@
"meta": { "meta": {
"ordinal_position": 11, "ordinal_position": 11,
"source": "MITRE", "source": "MITRE",
"tactic_attack_id": "TA0009", "tactic_attack_id": "TA0009"
"tags": []
}, },
"related": [ "related": [
{ {
@ -3059,8 +3048,7 @@
"meta": { "meta": {
"ordinal_position": 12, "ordinal_position": 12,
"source": "MITRE", "source": "MITRE",
"tactic_attack_id": "TA0011", "tactic_attack_id": "TA0011"
"tags": []
}, },
"related": [ "related": [
{ {
@ -3232,8 +3220,7 @@
"meta": { "meta": {
"ordinal_position": 13, "ordinal_position": 13,
"source": "MITRE", "source": "MITRE",
"tactic_attack_id": "TA0010", "tactic_attack_id": "TA0010"
"tags": []
}, },
"related": [ "related": [
{ {
@ -3321,8 +3308,7 @@
"meta": { "meta": {
"ordinal_position": 14, "ordinal_position": 14,
"source": "MITRE", "source": "MITRE",
"tactic_attack_id": "TA0040", "tactic_attack_id": "TA0040"
"tags": []
}, },
"related": [ "related": [
{ {

603
clusters/tidal-technique.json
View File

File diff suppressed because it is too large Load Diff

2
tools/tidal-api/models/cluster.py
View File

@ -99,7 +99,7 @@ class ClusterValue:
def return_value(self): def return_value(self):
value_dict = asdict(self) value_dict = asdict(self)
value_dict["meta"] = { value_dict["meta"] = {
k: v for k, v in asdict(self.meta).items() if v is not None k: v for k, v in asdict(self.meta).items() if v is not None and v != []
} }
return value_dict return value_dict