Commit Graph

182 Commits (main)

Author SHA1 Message Date
Terrtia e3b6e9d229
fix: [handicap] fix galaxy icon + name + type 2022-11-17 15:16:05 +01:00
Jstnk9 473f1a13aa galaxy related to sigma rtules
galaxy related to sigma rtules
2022-11-15 22:56:18 +01:00
Christophe Vandeplas c5a5fa7cfa chg: [360net] add 360.net APT list fixes #764 2022-09-13 21:48:16 +02:00
Christophe Vandeplas 1369756810 chg: [atrm] Add Azure Threat Research Matrix Galaxy and generation script 2022-08-06 21:19:31 +02:00
Alexandre Dulaunoy d3d4e7186b
chg: [handicap] fix name of the clusters 2022-04-04 10:43:56 +02:00
Alexandre Dulaunoy 7e6390c336
Merge pull request #694 from AgatheMgt/main
Handicap
2022-04-04 10:41:06 +02:00
Sami Mokaddem 04a560efa6
chg: [mitre-attack] Bumped matrix structure 2022-03-31 08:59:42 +02:00
AgatheMgt aec779d1ee poatate 2022-03-24 09:43:58 -04:00
AgatheMgt f3b346684f
Update handicap.json 2022-03-24 09:11:14 -04:00
AgatheMgt 9f21e4512c
Update handicap.json 2022-03-24 07:50:34 -04:00
AgatheMgt 8b70f5a1fd
Update handicap.json 2022-03-24 07:07:12 -04:00
AgatheMgt 2be8954ef1
Create handicap.json 2022-03-24 07:04:03 -04:00
Badis-dev 231915f9a4 add galaxy and cluster cancer 2022-03-11 14:20:09 +01:00
Badis-dev 530a56c3ea
Add cancer galaxy 2022-03-11 11:13:13 +01:00
Alexandre Dulaunoy eba1b2839f
chg: [concordia] CMTMF killchain typo fixed 2021-12-20 10:41:00 +01:00
Alexandre Dulaunoy b2cc6277cf
chg: [concordia] set a mobile icon 2021-12-17 17:36:48 +01:00
Alexandre Dulaunoy 18a44d372b
chg: [cmtmf-attack-pattern] update 2021-12-17 16:32:20 +01:00
Alexandre Dulaunoy ce79aba48c
new: [CMTMF] fix the galaxy definition 2021-12-17 16:14:19 +01:00
Alexandre Dulaunoy ae7b7bd47d
chg: [cmtmf-attack-pattern] various fixes to make JSON ok 2021-12-17 16:08:07 +01:00
Bernardo Santos 49dfcca563 CONCORDIA MTMF - Initial version
Initial version of the CONCORDIA Mobile Threat Modelling Framework for the CONCORDIA Project: https://www.concordia-h2020.eu/
2021-10-12 10:54:06 +02:00
Bernardo Santos d09681b011 CONCORDIA MTMF - Initial version
Initial version of the CONCORDIA Mobile Threat Modelling Framework for the CONCORDIA Project: https://www.concordia-h2020.eu/
2021-10-12 10:45:03 +02:00
Thomas Patzke 26f0c344a1 Added O365 techniques
Source:
https://www.inversecos.com/2021/09/office365-attacks-bypassing-mfa.html
2021-09-18 23:27:38 +02:00
Jakub Onderka ca9608da6d fix: Cryptominers type 2021-03-27 22:07:33 +01:00
Alexandre Dulaunoy 38a0d2d32d
chg: [rsit] rsit as galaxy name 2021-01-29 16:43:26 +01:00
Koen Van Impe 87b22f363c Move cfr-type-of-incident to meta 2021-01-28 12:25:39 +01:00
Koen Van Impe 23778666ba RSIT Galaxy/Cluster 2021-01-28 10:03:12 +01:00
Alexandre Dulaunoy 5d31753e6a
chg: [cryptominer] updated 2020-10-30 09:48:08 +01:00
JJ Cummings c48a38c2f1
Added a new cryptominer galaxy and additional missing recent families to various clusters 2020-10-29 14:40:22 -06:00
Alexandre Dulaunoy 0ccbdb862b
chg: [tea] first version 2020-10-23 11:16:50 +02:00
Christophe Vandeplas f95e88b1f9 MITRE ATT&CK for ICS fixes #586
fixed issues in pull request #586
2020-10-01 20:42:40 +02:00
Alexandre Dulaunoy 6bb0f74b97
chg: [galaxy] fix the name to China Defence Universities Tracker 2020-08-24 09:57:28 +02:00
VVX7 b4c3ffc8eb new: [dev] add ASPI's China Defence University Tracker.
Thanks to Cormac Doherty for writing the web scraper! To update the galaxy run the included gen_defence_university.py script.

"The China Defence Universities Tracker is a database of Chinese institutions engaged in military or security-related science and technology research. It was created by ASPI’s International Cyber Policy Centre.

It includes entries on nearly 100 civilian universities, 50 People’s Liberation Army institutions, China’s nuclear weapons program, three Ministry of State Security institutions, four Ministry of Public Security universities, and 12 state-owned defence industry conglomerates.

The Tracker is a tool to inform universities, governments and scholars as they engage with the entities from the People’s Republic of China. It aims to build understanding of the expansion of military-civil fusion—the Chinese government’s policy of integrating military and civilian efforts—into the education sector.

The Tracker should be used to inform due diligence of Chinese institutions. However, the fact that an institution is not included here does not indicate that it should not raise risks or is not involved in defence research. Similarly, entries in the database may not reflect the full range and nature of an institution’s defence and security links." - ASPI (https://unitracker.aspi.org.au/about/)
2020-08-21 11:24:22 -04:00
Koen Van Impe d3e22ef14c SoD Matrix
Described at https://github.com/cudeso/SoD-Matrix
2020-07-10 14:08:45 +02:00
iglocska dee9a56460
fix: small fixes to the bhadra framework 2020-05-19 16:45:40 +02:00
iglocska 43703f1a96
new: added Bhadra framework for mobile attacks
- based on the paper published here: https://arxiv.org/pdf/2005.05110.pdf
- thanks to the ATT&CK EU community conference speakers highlighting this framework!
2020-05-19 16:34:59 +02:00
Alexandre Dulaunoy c7104e8819
chg: [country] jq all 2020-03-23 13:09:14 +01:00
iglocska 777c3188db
new: [country] galaxy added 2020-03-23 12:10:16 +01:00
Alexandre Dulaunoy 8e73612b09
Merge pull request #488 from Delta-Sierra/master
create new galaxy - surveillance-vendor
2019-12-05 14:48:44 +01:00
Deborah Servili a049009453
add new galaxy - surveillance-vendor 2019-12-04 16:22:58 +01:00
Jean-Louis Huynen 872df00262 chg: [dark-pattern] namespace: misp 2019-12-04 09:31:56 +01:00
Jean-Louis Huynen 44a9897f2a
add: [dark-pattern] galaxy to tag dark patterns 2019-12-03 16:26:29 +01:00
Christophe Vandeplas cb29013231 fix: [region] inconsistent type 2019-10-20 18:55:11 +02:00
mokaddem 4d4bd3a70c fix: [misinfosec] fixed kill_chain fields 2019-10-09 09:45:52 +02:00
VVX7 e4998efec9 chg: [galaxy] added AMITT galaxy/cluster generator script 2019-10-08 13:52:08 -04:00
VVX7 a0357c735e chg: [galaxy] version number to int 2019-10-07 19:19:45 -04:00
VVX7 0a29445b44 new: [galaxy] AMITT (Adversarial Misinformation and Influence Tactics and Techniques) framework for describing disinformation incidents. AMITT is part of misinfosec - work on adapting information security practices to help track and counter misinformation - and is designed as far as possible to fit existing infosec practices and tools. 2019-10-07 19:07:25 -04:00
Deborah Servili c305640290
new galaxy - Region based on UN M49 2019-09-26 13:01:41 +02:00
Deborah Servili bb46e32d90
add target-information galaxy file 2019-07-19 13:50:22 +02:00
Alexandre Dulaunoy dbb67dd7d2
Merge pull request #426 from mokaddem/patch-2
Update mitre-course-of-action.json
2019-07-16 16:59:31 +02:00
Alexandre Dulaunoy 3e70bfc738
Merge pull request #425 from mokaddem/patch-1
Update banker.json
2019-07-16 16:59:18 +02:00
Alexandre Dulaunoy c981afbbe9
Merge pull request #424 from mokaddem/patch-3
Update mitre-enterprise-attack-course-of-action.json
2019-07-16 16:59:01 +02:00
Sami Mokaddem 3d4bfa7924
Update mitre-mobile-attack-course-of-action.json
Changed icon
2019-07-16 16:56:35 +02:00
Sami Mokaddem 00d1de6fdc
Update mitre-enterprise-attack-course-of-action.json
Changed icon
2019-07-16 16:56:28 +02:00
Sami Mokaddem 1035d1c71b
Update mitre-course-of-action.json
Changed icon
2019-07-16 16:56:10 +02:00
Sami Mokaddem 573b8366e7
Update banker.json
Changed icon name
2019-07-16 16:53:46 +02:00
mokaddem 9ad5279939 chg: [attack-pattern] Sync kill-chain with data from MITRE. 2019-05-13 10:59:30 +02:00
Alexandre Dulaunoy a2df5c46d8
chg: [o365-exchange-techniques] [WiP] based on John Lambert matrix techniques 2019-05-12 09:51:41 +02:00
Raphaël Vinot 988586fde0 fix: Duplicate values, typos. 2019-05-06 17:17:16 +02:00
Alexandre Dulaunoy e56cb33097
chg: [attck4fraud] fix the type issue 2019-03-19 10:03:33 +01:00
Alexandre Dulaunoy 824465d879
add: [attck4fraud] initial attck-like matrix for fraud from https://github.com/burritoblue/attck4fraud (WiP) 2019-03-19 08:09:23 +01:00
Alexandre Dulaunoy 1f27ac26ac
chg: [mitre-attack-pattern] jq 2019-02-15 09:13:47 +01:00
Alexandre Dulaunoy 77ff566b9e
Merge pull request #343 from mokaddem/newMitre
Added kill_chain_order in mitre-attack-pattern
2019-02-15 09:13:18 +01:00
Alexandre Dulaunoy 924bc091b1
chg: [election-guidelines] sorting is important ;-) 2019-02-15 09:03:12 +01:00
Alexandre Dulaunoy ee09226c55
chg: [election-guidelines] jq 2019-02-15 08:53:51 +01:00
mokaddem 34042abe23 new: Added draft of the election guildelines galaxy 2019-02-15 08:44:33 +01:00
mokaddem 46a095012a chg: [mitre-attack-pattern] bumped version number 2019-02-14 10:57:22 +01:00
mokaddem aedbd6aa05 chg: [mitre-attack-pattern] Added kill_chain_order 2019-02-14 10:51:05 +01:00
Christophe Vandeplas 93ae4660c5 chg: [mitre] Deprecated pre/enterprise/mobile separate galaxies 2018-12-29 18:58:53 +01:00
Christophe Vandeplas 2bb4df134b chg: removal of older unused relationships 2018-10-17 08:20:12 +02:00
Christophe Vandeplas 2fbd8ce485 jq sort keys
Allows automation to edit the files
2018-10-12 10:35:31 +02:00
Davide Arcuri 253fbed356 Added Malpedia Galaxy
based on malpedia git repo

Co-Authored-By: garanews <garanews@users.noreply.github.com>
2018-10-05 14:30:31 +02:00
raw-data 77cfaa8221 [add] new backdoor galaxy and cluster 2018-07-06 20:09:52 +01:00
Deborah Servili 26cb324aee
Update cert-eu-govsector.json 2018-06-22 13:01:00 +02:00
raw-data b381d03207 [ADD] Stealer galaxy definition 2018-06-01 16:02:36 +01:00
Thirion Aurélien 728f861362
fix typo mitre-pre-attack-relationship 2018-05-28 11:37:03 +02:00
Alexandre Dulaunoy 1adcfbf0c0
chg: old MITRE ATT&CK (2017) is moving to deprecated namespace 2018-05-20 09:45:18 +02:00
Alexandre Dulaunoy 9e37388cdf
chg: namespace mitre-attack added for version 2 of the MITRE ATT&CK after 2018 2018-05-20 09:42:40 +02:00
Deborah Servili 22cb1618a5
Merge pull request #214 from Delta-Sierra/master
update mitre galaxies - add external id and killchain
2018-05-19 13:21:18 +02:00
Deborah Servili 6c8edd3f61 jq 2018-05-19 13:09:50 +02:00
Deborah Servili d82a76c08f fix scripts for nobile and pre attack attack pattern 2018-05-19 13:09:30 +02:00
Deborah Servili f6d7291e7a jq 2018-05-19 12:57:20 +02:00
Deborah Servili 730353f63d update mitre galaxies - add external id and killchain 2018-05-19 12:56:20 +02:00
Alexandre Dulaunoy 5f566dd683
chg: [misp-galaxy] namespace misp added 2018-05-18 13:34:55 +02:00
Deborah Servili 8d4053741b jq 2018-04-04 12:54:04 +02:00
Deborah Servili 804fcedb5c add external_id to values 2018-04-03 15:53:17 +02:00
StefanKelm a0eaf5bb32
Update mitre-enterprise-attack-intrusion-set.json 2018-03-22 14:11:34 +01:00
StefanKelm 6a2be53649
Update and rename mitre-entreprise-attack-tool.json to mitre-enterprise-attack-tool.json 2018-03-22 14:07:34 +01:00
StefanKelm 65f198fe81
Rename mitre-entreprise-attack-relationship.json to mitre-enterprise-attack-relationship.json 2018-03-22 14:07:04 +01:00
StefanKelm a3460716cb
Update mitre-entreprise-attack-relationship.json 2018-03-22 14:06:35 +01:00
StefanKelm 1df43affe2
Update and rename mitre-entreprise-attack-malware.json to mitre-enterprise-attack-malware.json 2018-03-22 14:06:10 +01:00
StefanKelm d51124b7ee
Update and rename mitre-entreprise-attack-intrusion-set.json to mitre-enterprise-attack-intrusion-set.json 2018-03-22 14:05:40 +01:00
StefanKelm b82efac9d5
Update and rename mitre-entreprise-attack-course-of-action.json to mitre-enterprise-attack-course-of-action.json 2018-03-22 14:05:07 +01:00
StefanKelm a20413b177
Update and rename mitre-entreprise-attack-attack-pattern.json to mitre-enterprise-attack-attack-pattern.json 2018-03-22 14:04:33 +01:00
Deborah Servili fd9919e67a jq all the things 2018-02-23 08:38:32 +01:00
Deborah Servili 4ddb598de4 add MITRE Galaxies V2.0 2018-02-21 16:28:11 +01:00
Deborah Servili 384e26a1b4 create botnet galaxy 2018-02-20 15:33:24 +01:00
Deborah Servili 9dd9810167 rename files + update README.md 2018-01-09 09:20:13 +01:00
Deborah Servili 225ce1f3ee New galaxy Branded Vulnerability 2018-01-09 09:02:29 +01:00
Raphaël Vinot eef988e9ad Cosmetic updates 2017-10-27 10:50:47 -04:00
Raphaël Vinot 40e26a59f1 Merge branch 'master' of github.com:MISP/misp-galaxy 2017-10-26 18:54:56 -04:00