misp-objects/objects/phishing/definition.json

117 lines
3.1 KiB
JSON
Raw Normal View History

{
"attributes": {
"hostname": {
"description": "host of the phishing website",
"misp-attribute": "hostname",
"multiple": true,
"ui-priority": 1
},
"internal-reference": {
2019-02-25 09:29:15 +01:00
"categories": [
"Internal reference"
],
"description": "Internal reference such as ticket ID",
"misp-attribute": "text",
"ui-priority": 1
},
"online": {
"description": "If the phishing is online and operational, by default is yes",
"disable_correlation": true,
"misp-attribute": "text",
"ui-priority": 0,
"values_list": [
"Yes",
"No"
]
},
"phishtank-detail-url": {
"description": "Phishtank detail URL to the reported phishing",
"misp-attribute": "link",
"ui-priority": 1
},
"phishtank-id": {
"description": "Phishtank ID of the reported phishing",
2019-02-25 09:29:15 +01:00
"misp-attribute": "text",
"ui-priority": 1
},
2019-02-25 09:29:15 +01:00
"screenshot": {
"categories": [
"External analysis"
],
"description": "Screenshot of phishing site",
2019-02-25 09:29:15 +01:00
"disable_correlation": true,
"misp-attribute": "attachment",
"multiple": true,
"ui-priority": 1
},
"submission-time": {
"description": "When the phishing was submitted and/or reported",
"misp-attribute": "datetime",
"ui-priority": 0
},
"takedown-request": {
"description": "When the phishing was requested to be taken down",
"disable_correlation": true,
"misp-attribute": "datetime",
"ui-priority": 0
},
2019-02-25 09:29:15 +01:00
"takedown-request-to": {
"categories": [
"Other"
],
"description": "Destination email address for take-down request",
2019-02-25 09:29:15 +01:00
"disable_correlation": true,
"misp-attribute": "text",
"multiple": true,
"to_ids": false,
"ui-priority": 1
2019-02-25 09:29:15 +01:00
},
"takedown-time": {
"description": "When the phishing was taken down",
2019-02-25 09:29:15 +01:00
"disable_correlation": true,
"misp-attribute": "datetime",
"ui-priority": 0
},
"target": {
"description": "Targeted organisation by the phishing",
2019-02-25 09:29:15 +01:00
"misp-attribute": "text",
"multiple": true,
"ui-priority": 0
},
2019-02-25 09:29:15 +01:00
"url": {
"description": "Original URL of the phishing website",
2019-02-25 09:29:15 +01:00
"misp-attribute": "url",
"ui-priority": 1
2019-02-25 09:29:15 +01:00
},
"url-redirect": {
"description": "Redirect URL of the phishing website",
2019-02-25 09:29:15 +01:00
"misp-attribute": "url",
"multiple": true,
"ui-priority": 1
2019-02-01 09:37:31 +01:00
},
"verification-time": {
"description": "When the phishing was verified",
"disable_correlation": true,
2019-02-25 09:29:15 +01:00
"misp-attribute": "datetime",
"ui-priority": 0
2019-02-25 09:29:15 +01:00
},
"verified": {
"description": "The phishing has been verified by the team handling the phishing",
2019-02-25 09:29:15 +01:00
"disable_correlation": true,
2019-02-01 09:37:31 +01:00
"misp-attribute": "text",
"ui-priority": 0,
2019-02-25 09:29:15 +01:00
"values_list": [
"No",
"Yes"
]
}
},
"description": "Phishing template to describe a phishing website and its analysis.",
"meta-category": "network",
"name": "phishing",
2019-02-25 09:29:15 +01:00
"requiredOneOf": [
"url"
],
"uuid": "2dad6f9d-d425-4217-8fda-0b0a2d815307",
"version": 5
}