MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [misp-galaxy] namespace misp added

pull/215/head
Alexandre Dulaunoy 2018-05-18 13:34:55 +02:00
parent 3a7c4e3c57
commit 5f566dd683
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
14 changed files with 42 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
galaxies/android.json
View File

@ -1,8 +1,9 @@
{
"description": "Android malware galaxy based on multiple open sources.",
"type": "android",
"version": 2,
"version": 3,
"name": "Android",
"icon": "android",
"uuid": "84310ba3-fa6a-44aa-b378-b9e3271c58fa"
"uuid": "84310ba3-fa6a-44aa-b378-b9e3271c58fa",
"namespace": "misp"
}

5
galaxies/banker.json
View File

@ -1,8 +1,9 @@
{
"description": "Banking malware galaxy.",
"type": "banker",
"version": 2,
"version": 3,
"name": "Banker",
"icon": "usd",
"uuid": "59f20cce-5420-4084-afd5-0884c0a83832"
"uuid": "59f20cce-5420-4084-afd5-0884c0a83832",
"namespace": "misp"
}

5
galaxies/botnet.json
View File

@ -1,8 +1,9 @@
{
"description": "Botnet galaxy.",
"type": "botnet",
"version": 1,
"version": 2,
"name": "Botnet",
"icon": "sitemap",
"uuid": "90ccdf38-1649-11e8-b8bf-e7326d553087"
"uuid": "90ccdf38-1649-11e8-b8bf-e7326d553087",
"namespace": "misp"
}

5
galaxies/branded_vulnerability.json
View File

@ -1,8 +1,9 @@
{
"description": "List of known vulnerabilities and exploits",
"type": "branded-vulnerability",
"version": 1,
"version": 2,
"name": "Branded Vulnerability",
"icon": "bug",
"uuid": "fda8c7c2-f45a-11e7-9713-e75dac0492df"
"uuid": "fda8c7c2-f45a-11e7-9713-e75dac0492df",
"namespace": "misp"
}

5
galaxies/cert-eu-govsector.json
View File

@ -2,7 +2,8 @@
"type": "cert-seu-gocsector",
"name": "Cert EU GovSector",
"description": "Cert EU GovSector",
"version": 1,
"version": 2,
"icon": "globe",
"uuid": "68858a48-b898-11e7-91ce-bf424ef9b662"
"uuid": "68858a48-b898-11e7-91ce-bf424ef9b662",
"namespace": "misp"
}

5
galaxies/exploit-kit.json
View File

@ -2,7 +2,8 @@
"type": "exploit-kit",
"name": "Exploit-Kit",
"description": "Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits.It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years",
"version": 3,
"version": 4,
"icon": "internet-explorer",
"uuid": "6ab240ec-bd79-11e6-a4a6-cec0c932ce01"
"uuid": "6ab240ec-bd79-11e6-a4a6-cec0c932ce01",
"namespace": "misp"
}

5
galaxies/microsoft-activity-group.json
View File

@ -2,7 +2,8 @@
"name": "Microsoft Activity Group actor",
"type": "microsoft-activity-group",
"description": "Activity groups as described by Microsoft",
"version": 2,
"version": 3,
"icon": "user-secret",
"uuid": "74c869e8-0b8e-4e5f-96e6-cd992e07a505"
"uuid": "74c869e8-0b8e-4e5f-96e6-cd992e07a505",
"namespace": "misp"
}

5
galaxies/preventive-measure.json
View File

@ -2,7 +2,8 @@
"name": "Preventive Measure",
"type": "preventive-measure",
"description": "Preventive measures based on the ransomware document overview as published in https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml# . The preventive measures are quite generic and can fit any standard Windows infrastructure and their security measures.",
"version": 2,
"version": 3,
"icon": "shield",
"uuid": "8168995b-adcd-4684-9e37-206c5771505a"
"uuid": "8168995b-adcd-4684-9e37-206c5771505a",
"namespace": "misp"
}

5
galaxies/ransomware.json
View File

@ -1,8 +1,9 @@
{
"description": "Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml",
"type": "ransomware",
"version": 3,
"version": 4,
"name": "Ransomware",
"icon": "btc",
"uuid": "3f44af2e-1480-4b6b-9aa8-f9bb21341078"
"uuid": "3f44af2e-1480-4b6b-9aa8-f9bb21341078",
"namespace": "misp"
}

5
galaxies/rat.json
View File

@ -2,7 +2,8 @@
"type": "rat",
"name": "RAT",
"description": "remote administration tool or remote access tool (RAT), also called sometimes remote access trojan, is a piece of software or programming that allows a remote \"operator\" to control a system as if they have physical access to that system.",
"version": 2,
"version": 3,
"icon": "eye",
"uuid": "06825db6-4797-11e7-ac4d-af25fdcdd299"
"uuid": "06825db6-4797-11e7-ac4d-af25fdcdd299",
"namespace": "misp"
}

5
galaxies/sector.json
View File

@ -2,7 +2,8 @@
"type": "sector",
"name": "Sector",
"description": "Activity sectors",
"version": 1,
"version": 2,
"icon": "industry",
"uuid": "e1bb134c-ae4d-11e7-8aa9-f78a37325439"
"uuid": "e1bb134c-ae4d-11e7-8aa9-f78a37325439",
"namespace": "misp"
}

5
galaxies/tds.json
View File

@ -2,7 +2,8 @@
"type": "tds",
"name": "TDS",
"description": "TDS is a list of Traffic Direction System used by adversaries",
"version": 3,
"version": 4,
"icon": "cart-arrow-down",
"uuid": "1b9a7d8e-bd7a-11e6-a4a6-cec0c932ce01"
"uuid": "1b9a7d8e-bd7a-11e6-a4a6-cec0c932ce01",
"namespace": "misp"
}

5
galaxies/threat-actor.json
View File

@ -2,7 +2,8 @@
"name": "Threat Actor",
"type": "threat-actor",
"description": "Threat actors are characteristics of malicious actors (or adversaries) representing a cyber attack threat including presumed intent and historically observed behaviour.",
"version": 2,
"version": 3,
"icon": "user-secret",
"uuid": "698774c7-8022-42c4-917f-8d6e4f06ada3"
"uuid": "698774c7-8022-42c4-917f-8d6e4f06ada3",
"namespace": "misp"
}

5
galaxies/tool.json
View File

@ -2,7 +2,8 @@
"type": "tool",
"name": "Tool",
"description": "Threat actors tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
"version": 2,
"version": 3,
"icon": "optin-monster",
"uuid": "9b8037f7-bc8f-4de1-a797-37266619bc0b"
"uuid": "9b8037f7-bc8f-4de1-a797-37266619bc0b",
"namespace": "misp"
}