From 350c9b07cf52581179efec9828803c10a654507a Mon Sep 17 00:00:00 2001 From: David Cruciani Date: Mon, 16 Jan 2023 08:45:20 +0100 Subject: [PATCH] chg: [typosquatting] jq_all_the_things --- .../definition.json | 174 +++++++++--------- objects/typosquatting-finder/definition.json | 70 +++---- 2 files changed, 122 insertions(+), 122 deletions(-) diff --git a/objects/typosquatting-finder-result/definition.json b/objects/typosquatting-finder-result/definition.json index e80b1bd..4a6c40a 100644 --- a/objects/typosquatting-finder-result/definition.json +++ b/objects/typosquatting-finder-result/definition.json @@ -1,89 +1,89 @@ { - "attributes": { - "queried-domain": { - "categories": [ - "Network activity", - "External analysis" - ], - "description": "Domain name", - "misp-attribute": "domain", - "ui-priority": 1 - }, - "a-record": { - "categories": [ - "Network activity", - "External analysis" - ], - "description": "IPv4 address associated with A record", - "misp-attribute": "ip-dst", - "multiple": true, - "ui-priority": 1 - }, - "aaaa-record": { - "categories": [ - "Network activity", - "External analysis" - ], - "description": "IPv6 address associated with AAAA record", - "misp-attribute": "ip-dst", - "multiple": true, - "ui-priority": 1 - }, - "mx-record": { - "categories": [ - "Network activity", - "External analysis" - ], - "description": "Domain associated with MX record", - "misp-attribute": "domain", - "multiple": true, - "ui-priority": 1 - }, - "ns-record": { - "categories": [ - "Network activity", - "External analysis" - ], - "description": "Domain associated with NS record", - "misp-attribute": "domain", - "multiple": true, - "ui-priority": 1 - }, - "website-title": { - "description": "Website's title of the current queried domain", - "disable_correlation": false, - "misp-attribute": "text", - "recommended": false, - "ui-priority": 1 - }, - "website-similarity": { - "description": "Similarity between website of both research and current variations domain", - "disable_correlation": true, - "misp-attribute": "text", - "recommended": false, - "ui-priority": 1 - }, - "website-ressource-diff": { - "description": "Difference of website's ressources between both, research and current variations domain", - "disable_correlation": true, - "misp-attribute": "text", - "recommended": false, - "ui-priority": 1 - }, - "ratio-similarity": { - "description": "Similarity probability", - "disable_correlation": true, - "misp-attribute": "text", - "recommended": false, - "ui-priority": 1 - } + "attributes": { + "a-record": { + "categories": [ + "Network activity", + "External analysis" + ], + "description": "IPv4 address associated with A record", + "misp-attribute": "ip-dst", + "multiple": true, + "ui-priority": 1 }, - "description": "Typosquatting result", - "meta-category": "network", - "name": "typosquatting-finder-result", - "required": [ - "queried-domain" - ], - "uuid": "22151d90-b39b-498c-86c7-126ddd2e1a55", - "version": 1 - } \ No newline at end of file + "aaaa-record": { + "categories": [ + "Network activity", + "External analysis" + ], + "description": "IPv6 address associated with AAAA record", + "misp-attribute": "ip-dst", + "multiple": true, + "ui-priority": 1 + }, + "mx-record": { + "categories": [ + "Network activity", + "External analysis" + ], + "description": "Domain associated with MX record", + "misp-attribute": "domain", + "multiple": true, + "ui-priority": 1 + }, + "ns-record": { + "categories": [ + "Network activity", + "External analysis" + ], + "description": "Domain associated with NS record", + "misp-attribute": "domain", + "multiple": true, + "ui-priority": 1 + }, + "queried-domain": { + "categories": [ + "Network activity", + "External analysis" + ], + "description": "Domain name", + "misp-attribute": "domain", + "ui-priority": 1 + }, + "ratio-similarity": { + "description": "Similarity probability", + "disable_correlation": true, + "misp-attribute": "text", + "recommended": false, + "ui-priority": 1 + }, + "website-ressource-diff": { + "description": "Difference of website's ressources between both, research and current variations domain", + "disable_correlation": true, + "misp-attribute": "text", + "recommended": false, + "ui-priority": 1 + }, + "website-similarity": { + "description": "Similarity between website of both research and current variations domain", + "disable_correlation": true, + "misp-attribute": "text", + "recommended": false, + "ui-priority": 1 + }, + "website-title": { + "description": "Website's title of the current queried domain", + "disable_correlation": false, + "misp-attribute": "text", + "recommended": false, + "ui-priority": 1 + } + }, + "description": "Typosquatting result", + "meta-category": "network", + "name": "typosquatting-finder-result", + "required": [ + "queried-domain" + ], + "uuid": "22151d90-b39b-498c-86c7-126ddd2e1a55", + "version": 1 +} \ No newline at end of file diff --git a/objects/typosquatting-finder/definition.json b/objects/typosquatting-finder/definition.json index 72bad72..9d42690 100644 --- a/objects/typosquatting-finder/definition.json +++ b/objects/typosquatting-finder/definition.json @@ -1,37 +1,37 @@ { - "attributes": { - "research-domain": { - "categories": [ - "Network activity", - "External analysis" - ], - "description": "Research domain name", - "disable_correlation": false, - "misp-attribute": "domain", - "recommended": false, - "ui-priority": 1 - }, - "variations-number": { - "description": "Number of variations for the research domain.", - "disable_correlation": true, - "misp-attribute": "text", - "recommended": false, - "ui-priority": 1 - }, - "variations-found-number": { - "description": "Number of variations for the research domain that some info is found.", - "disable_correlation": true, - "misp-attribute": "text", - "recommended": false, - "ui-priority": 1 - } - }, - "description": "Typosquatting info", - "meta-category": "network", - "name": "typosquatting-finder", - "required": [ - "research-domain" - ], - "uuid": "3414fbe7-6f8c-4ed5-bc51-9a11a3a29822", - "version": 1 + "attributes": { + "research-domain": { + "categories": [ + "Network activity", + "External analysis" + ], + "description": "Research domain name", + "disable_correlation": false, + "misp-attribute": "domain", + "recommended": false, + "ui-priority": 1 + }, + "variations-found-number": { + "description": "Number of variations for the research domain that some info is found.", + "disable_correlation": true, + "misp-attribute": "text", + "recommended": false, + "ui-priority": 1 + }, + "variations-number": { + "description": "Number of variations for the research domain.", + "disable_correlation": true, + "misp-attribute": "text", + "recommended": false, + "ui-priority": 1 + } + }, + "description": "Typosquatting info", + "meta-category": "network", + "name": "typosquatting-finder", + "required": [ + "research-domain" + ], + "uuid": "3414fbe7-6f8c-4ed5-bc51-9a11a3a29822", + "version": 1 } \ No newline at end of file