jq

2018-10-19 10:23:09 +02:00 · 2018-10-19 10:23:09 +02:00 · 9dddc4427c
parent 6a9a9b7e1b
commit 9dddc4427c
24 changed files with 24 additions and 24 deletions
--- a/clusters/android.json
+++ b/clusters/android.json
@ -2,11 +2,11 @@
  "authors": [
    "Unknown"
  ],
+  "category": "tool",
  "description": "Android malware galaxy based on multiple open sources.",
  "name": "Android",
  "source": "Open Sources",
  "type": "android",
-  "category": "tool",
  "uuid": "84310ba3-fa6a-44aa-b378-b9e3271c58fa",
  "values": [
    {
--- a/clusters/backdoor.json
+++ b/clusters/backdoor.json
@ -2,11 +2,11 @@
  "authors": [
    "raw-data"
  ],
+  "category": "tool",
  "description": "A list of backdoor malware.",
  "name": "Backdoor",
  "source": "Open Sources",
  "type": "backdoor",
-  "category": "tool",
  "uuid": "75436e27-cb57-4f32-bf1d-9636dd78a2bf",
  "values": [
    {
--- a/clusters/banker.json
+++ b/clusters/banker.json
@ -3,11 +3,11 @@
    "Unknown",
    "raw-data"
  ],
+  "category": "tool",
  "description": "A list of banker malware.",
  "name": "Banker",
  "source": "Open Sources",
  "type": "banker",
-  "category": "tool",
  "uuid": "59f20cce-5420-4084-afd5-0884c0a83832",
  "values": [
    {
--- a/clusters/botnet.json
+++ b/clusters/botnet.json
@ -2,11 +2,11 @@
  "authors": [
    "Various"
  ],
+  "category": "tool",
  "description": "botnet galaxy",
  "name": "Botnet",
  "source": "MISP Project",
  "type": "botnet",
-  "category": "tool",
  "uuid": "a91732f4-164a-11e8-924a-ffd4097eb03f",
  "values": [
    {
--- a/clusters/exploit-kit.json
+++ b/clusters/exploit-kit.json
@ -4,11 +4,11 @@
    "Will Metcalf",
    "KahuSecurity"
  ],
+  "category": "tool",
  "description": "Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits.It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years",
  "name": "Exploit-Kit",
  "source": "MISP Project",
  "type": "exploit-kit",
-  "category": "tool",
  "uuid": "454f4e78-bd7c-11e6-a4a6-cec0c932ce01",
  "values": [
    {
--- a/clusters/malpedia.json
+++ b/clusters/malpedia.json
@ -5,11 +5,11 @@
    "Andrea Garavaglia",
    "Davide Arcuri"
  ],
+  "category": "tool",
  "description": "Malware galaxy cluster based on Malpedia.",
  "name": "Malpedia",
  "source": "Malpedia",
  "type": "malpedia",
-  "category": "tool",
  "uuid": "5fc98d08-90a4-498a-ad2e-0edf50ef374e",
  "values": [
    {
--- a/clusters/microsoft-activity-group.json
+++ b/clusters/microsoft-activity-group.json
@ -2,11 +2,11 @@
  "authors": [
    "Various"
  ],
+  "category": "actor",
  "description": "Activity groups as described by Microsoft",
  "name": "Microsoft Activity Group actor",
  "source": "MISP Project",
  "type": "microsoft-activity-group",
-  "category": "actor",
  "uuid": "28b5e55d-acba-4748-a79d-0afa3512689a",
  "values": [
    {
--- a/clusters/mitre-enterprise-attack-intrusion-set.json
+++ b/clusters/mitre-enterprise-attack-intrusion-set.json
@ -2,11 +2,11 @@
  "authors": [
    "MITRE"
  ],
+  "category": "actor",
  "description": "Name of ATT&CK Group",
  "name": "Enterprise Attack -intrusion Set",
  "source": "https://github.com/mitre/cti",
  "type": "mitre-enterprise-attack-intrusion-set",
-  "category": "actor",
  "uuid": "01f18402-1708-11e8-ac1c-1ffb3c4a7775",
  "values": [
    {
--- a/clusters/mitre-enterprise-attack-malware.json
+++ b/clusters/mitre-enterprise-attack-malware.json
@ -2,11 +2,11 @@
  "authors": [
    "MITRE"
  ],
+  "category": "tool",
  "description": "Name of ATT&CK software",
  "name": "Enterprise Attack - Malware",
  "source": "https://github.com/mitre/cti",
  "type": "mitre-enterprise-attack-malware",
-  "category": "tool",
  "uuid": "fbd79f02-1707-11e8-b1c7-87406102276a",
  "values": [
    {
--- a/clusters/mitre-enterprise-attack-tool.json
+++ b/clusters/mitre-enterprise-attack-tool.json
@ -2,11 +2,11 @@
  "authors": [
    "MITRE"
  ],
+  "category": "tool",
  "description": "Name of ATT&CK software",
  "name": "Enterprise Attack - Tool",
  "source": "https://github.com/mitre/cti",
  "type": "mitre-enterprise-attack-tool",
-  "category": "tool",
  "uuid": "fc1ea6e0-1707-11e8-ac05-2b70d00c354e",
  "values": [
    {
--- a/clusters/mitre-intrusion-set.json
+++ b/clusters/mitre-intrusion-set.json
@ -2,11 +2,11 @@
  "authors": [
    "MITRE"
  ],
+  "category": "actor",
  "description": "Name of ATT&CK Group",
  "name": "intrusion Set",
  "source": "https://github.com/mitre/cti",
  "type": "mitre-intrusion-set",
-  "category": "actor",
  "uuid": "10df003c-7831-11e7-bdb9-971cdd1218df",
  "values": [
    {
--- a/clusters/mitre-malware.json
+++ b/clusters/mitre-malware.json
@ -2,11 +2,11 @@
  "authors": [
    "MITRE"
  ],
+  "category": "tool",
  "description": "Name of ATT&CK software",
  "name": "Malware",
  "source": "https://github.com/mitre/cti",
  "type": "mitre-malware",
-  "category": "tool",
  "uuid": "d752161c-78f6-11e7-a0ea-bfa79b407ce4",
  "values": [
    {
--- a/clusters/mitre-mobile-attack-intrusion-set.json
+++ b/clusters/mitre-mobile-attack-intrusion-set.json
@ -2,11 +2,11 @@
  "authors": [
    "MITRE"
  ],
+  "category": "actor",
  "description": "Name of ATT&CK Group",
  "name": "Mobile Attack - intrusion Set",
  "source": "https://github.com/mitre/cti",
  "type": "mitre-mobile-attack-intrusion-set",
-  "category": "actor",
  "uuid": "02ab4018-1708-11e8-8f9d-e735aabdfa53",
  "values": [
    {
--- a/clusters/mitre-mobile-attack-malware.json
+++ b/clusters/mitre-mobile-attack-malware.json
@ -2,11 +2,11 @@
  "authors": [
    "MITRE"
  ],
+  "category": "tool",
  "description": "Name of ATT&CK software",
  "name": "Mobile Attack - Malware",
  "source": "https://github.com/mitre/cti",
  "type": "mitre-mobile-attack-malware",
-  "category": "tool",
  "uuid": "04a165aa-1708-11e8-b2da-c7d7625f4a4f",
  "values": [
    {
--- a/clusters/mitre-mobile-attack-tool.json
+++ b/clusters/mitre-mobile-attack-tool.json
@ -2,11 +2,11 @@
  "authors": [
    "MITRE"
  ],
+  "category": "tool",
  "description": "Name of ATT&CK software",
  "name": "Mobile Attack - Tool",
  "source": "https://github.com/mitre/cti",
  "type": "mitre-mobile-attack-tool",
-  "category": "tool",
  "uuid": "02cee87e-1708-11e8-8f15-8b33e4d6194b",
  "values": [
    {
--- a/clusters/mitre-pre-attack-intrusion-set.json
+++ b/clusters/mitre-pre-attack-intrusion-set.json
@ -2,11 +2,11 @@
  "authors": [
    "MITRE"
  ],
+  "category": "actor",
  "description": "Name of ATT&CK Group",
  "name": "Pre Attack - intrusion Set",
  "source": "https://github.com/mitre/cti",
  "type": "mitre-pre-attack-intrusion-set",
-  "category": "actor",
  "uuid": "1fdc8fa2-1708-11e8-99a3-67b4efc13c4f",
  "values": [
    {
--- a/clusters/mitre-tool.json
+++ b/clusters/mitre-tool.json
@ -2,11 +2,11 @@
  "authors": [
    "MITRE"
  ],
+  "category": "tool",
  "description": "Name of ATT&CK software",
  "name": "Tool",
  "source": "https://github.com/mitre/cti",
  "type": "mitre-tool",
-  "category": "tool",
  "uuid": "d700dc5c-78f6-11e7-a476-5f748c8e4fe0",
  "values": [
    {
--- a/clusters/ransomware.json
+++ b/clusters/ransomware.json
@ -3,11 +3,11 @@
    "https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml",
    "http://pastebin.com/raw/GHgpWjar"
  ],
+  "category": "tool",
  "description": "Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml and http://pastebin.com/raw/GHgpWjar",
  "name": "Ransomware",
  "source": "Various",
  "type": "ransomware",
-  "category": "tool",
  "uuid": "10cf658b-5d32-4c4b-bb32-61760a640372",
  "values": [
    {
--- a/clusters/rat.json
+++ b/clusters/rat.json
@ -3,11 +3,11 @@
    "Various",
    "raw-data"
  ],
+  "category": "tool",
  "description": "remote administration tool or remote access tool (RAT), also called sometimes remote access trojan, is a piece of software or programming that allows a remote \"operator\" to control a system as if they have physical access to that system.",
  "name": "RAT",
  "source": "MISP Project",
  "type": "rat",
-  "category": "tool",
  "uuid": "312f8714-45cb-11e7-b898-135207cdceb9",
  "values": [
    {
--- a/clusters/stealer.json
+++ b/clusters/stealer.json
@ -2,11 +2,11 @@
  "authors": [
    "raw-data"
  ],
+  "category": "tool",
  "description": "A list of malware stealer.",
  "name": "Stealer",
  "source": "Open Sources",
  "type": "stealer",
-  "category": "tool",
  "uuid": "f2ef4033-9001-4427-a418-df8c48e6d054",
  "values": [
    {
--- a/clusters/tds.json
+++ b/clusters/tds.json
@ -2,11 +2,11 @@
  "authors": [
    "Kafeine"
  ],
+  "category": "tool",
  "description": "TDS is a list of Traffic Direction System used by adversaries",
  "name": "TDS",
  "source": "MISP Project",
  "type": "tds",
-  "category": "tool",
  "uuid": "ab5fffaa-c5f6-11e6-9d9d-cec0c932ce01",
  "values": [
    {
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@ -6,11 +6,11 @@
    "Timo Steffens",
    "Various"
  ],
+  "category": "actor",
  "description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
  "name": "Threat actor",
  "source": "MISP Project",
  "type": "threat-actor",
-  "category": "actor",
  "uuid": "7cdff317-a673-4474-84ec-4f1754947823",
  "values": [
    {
--- a/clusters/tool.json
+++ b/clusters/tool.json
@ -7,11 +7,11 @@
    "Dennis Rand",
    "raw-data"
  ],
+  "category": "tool",
  "description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
  "name": "Tool",
  "source": "MISP Project",
  "type": "tool",
-  "category": "tool",
  "uuid": "0d821b68-9d82-4c6d-86a6-1071a9e0f79f",
  "values": [
    {
--- a/schema_clusters.json
+++ b/schema_clusters.json
@ -25,7 +25,7 @@
    },
    "category": {
      "type": "string"
-    },    
+    },
    "values": {
      "type": "array",
      "uniqueItems": true,