mirror of https://github.com/MISP/misp-galaxy
51 lines
1.4 KiB
JSON
51 lines
1.4 KiB
JSON
{
|
|
"values": [
|
|
{
|
|
"description": "Cover vulnerabilities exploit (0day, 1day, nday), exploit kit",
|
|
"value": "Exploits"
|
|
},
|
|
{
|
|
"description": "Deep-Dark Web forum, marketplace, hosting, etc",
|
|
"value": "Infrastructure"
|
|
},
|
|
{
|
|
"description": "Malware family",
|
|
"value": "Malware"
|
|
},
|
|
{
|
|
"description": "Legitimate SW or HW repurposed for malicious use",
|
|
"value": "Tools"
|
|
},
|
|
{
|
|
"description": "Does not belong to any of the other category",
|
|
"value": "Other"
|
|
},
|
|
{
|
|
"description": "Undetermined category",
|
|
"value": "Unknown"
|
|
},
|
|
{
|
|
"description": "Specific attack patterns (specific to a technology, to an author, not widely used, etc)",
|
|
"value": "Attack Patterns (S)"
|
|
},
|
|
{
|
|
"description": "Generic attack pattern, mehod, technique",
|
|
"value": "Attack Patterns (G)"
|
|
},
|
|
{
|
|
"description": "Non-technical description of threat actor activities (information war, destruction, hybrid, etc)",
|
|
"value": "Tactic"
|
|
},
|
|
{
|
|
"description": "Asset being targeted (MacOS, Android, ICS, IoT, Cryptocurrency, ect)",
|
|
"value": "Targeting"
|
|
}
|
|
],
|
|
"version" : 2,
|
|
"description": "ttp category vocab as defined by Cert EU.",
|
|
"source": "Cert EU",
|
|
"author": ["Cert EU"],
|
|
"uuid": "54e405b6-b017-11e7-b2f7-df581d1a8587",
|
|
"type": "ttp-category-vocabulary"
|
|
}
|