mirror of https://github.com/MISP/misp-objects
chg: [typosquatting] jq_all_the_things
David Cruciani
parent
7518752dff
commit
350c9b07cf
|
|
@ -1,89 +1,89 @@
|
||||||
{
|
{
|
||||||
"attributes": {
|
"attributes": {
|
||||||
"queried-domain": {
|
"a-record": {
|
||||||
"categories": [
|
"categories": [
|
||||||
"Network activity",
|
"Network activity",
|
||||||
"External analysis"
|
"External analysis"
|
||||||
],
|
],
|
||||||
"description": "Domain name",
|
"description": "IPv4 address associated with A record",
|
||||||
"misp-attribute": "domain",
|
"misp-attribute": "ip-dst",
|
||||||
"ui-priority": 1
|
"multiple": true,
|
||||||
},
|
"ui-priority": 1
|
||||||
"a-record": {
|
|
||||||
"categories": [
|
|
||||||
"Network activity",
|
|
||||||
"External analysis"
|
|
||||||
],
|
|
||||||
"description": "IPv4 address associated with A record",
|
|
||||||
"misp-attribute": "ip-dst",
|
|
||||||
"multiple": true,
|
|
||||||
"ui-priority": 1
|
|
||||||
},
|
|
||||||
"aaaa-record": {
|
|
||||||
"categories": [
|
|
||||||
"Network activity",
|
|
||||||
"External analysis"
|
|
||||||
],
|
|
||||||
"description": "IPv6 address associated with AAAA record",
|
|
||||||
"misp-attribute": "ip-dst",
|
|
||||||
"multiple": true,
|
|
||||||
"ui-priority": 1
|
|
||||||
},
|
|
||||||
"mx-record": {
|
|
||||||
"categories": [
|
|
||||||
"Network activity",
|
|
||||||
"External analysis"
|
|
||||||
],
|
|
||||||
"description": "Domain associated with MX record",
|
|
||||||
"misp-attribute": "domain",
|
|
||||||
"multiple": true,
|
|
||||||
"ui-priority": 1
|
|
||||||
},
|
|
||||||
"ns-record": {
|
|
||||||
"categories": [
|
|
||||||
"Network activity",
|
|
||||||
"External analysis"
|
|
||||||
],
|
|
||||||
"description": "Domain associated with NS record",
|
|
||||||
"misp-attribute": "domain",
|
|
||||||
"multiple": true,
|
|
||||||
"ui-priority": 1
|
|
||||||
},
|
|
||||||
"website-title": {
|
|
||||||
"description": "Website's title of the current queried domain",
|
|
||||||
"disable_correlation": false,
|
|
||||||
"misp-attribute": "text",
|
|
||||||
"recommended": false,
|
|
||||||
"ui-priority": 1
|
|
||||||
},
|
|
||||||
"website-similarity": {
|
|
||||||
"description": "Similarity between website of both research and current variations domain",
|
|
||||||
"disable_correlation": true,
|
|
||||||
"misp-attribute": "text",
|
|
||||||
"recommended": false,
|
|
||||||
"ui-priority": 1
|
|
||||||
},
|
|
||||||
"website-ressource-diff": {
|
|
||||||
"description": "Difference of website's ressources between both, research and current variations domain",
|
|
||||||
"disable_correlation": true,
|
|
||||||
"misp-attribute": "text",
|
|
||||||
"recommended": false,
|
|
||||||
"ui-priority": 1
|
|
||||||
},
|
|
||||||
"ratio-similarity": {
|
|
||||||
"description": "Similarity probability",
|
|
||||||
"disable_correlation": true,
|
|
||||||
"misp-attribute": "text",
|
|
||||||
"recommended": false,
|
|
||||||
"ui-priority": 1
|
|
||||||
}
|
|
||||||
},
|
},
|
||||||
"description": "Typosquatting result",
|
"aaaa-record": {
|
||||||
"meta-category": "network",
|
"categories": [
|
||||||
"name": "typosquatting-finder-result",
|
"Network activity",
|
||||||
"required": [
|
"External analysis"
|
||||||
"queried-domain"
|
],
|
||||||
],
|
"description": "IPv6 address associated with AAAA record",
|
||||||
"uuid": "22151d90-b39b-498c-86c7-126ddd2e1a55",
|
"misp-attribute": "ip-dst",
|
||||||
"version": 1
|
"multiple": true,
|
||||||
}
|
"ui-priority": 1
|
||||||
|
},
|
||||||
|
"mx-record": {
|
||||||
|
"categories": [
|
||||||
|
"Network activity",
|
||||||
|
"External analysis"
|
||||||
|
],
|
||||||
|
"description": "Domain associated with MX record",
|
||||||
|
"misp-attribute": "domain",
|
||||||
|
"multiple": true,
|
||||||
|
"ui-priority": 1
|
||||||
|
},
|
||||||
|
"ns-record": {
|
||||||
|
"categories": [
|
||||||
|
"Network activity",
|
||||||
|
"External analysis"
|
||||||
|
],
|
||||||
|
"description": "Domain associated with NS record",
|
||||||
|
"misp-attribute": "domain",
|
||||||
|
"multiple": true,
|
||||||
|
"ui-priority": 1
|
||||||
|
},
|
||||||
|
"queried-domain": {
|
||||||
|
"categories": [
|
||||||
|
"Network activity",
|
||||||
|
"External analysis"
|
||||||
|
],
|
||||||
|
"description": "Domain name",
|
||||||
|
"misp-attribute": "domain",
|
||||||
|
"ui-priority": 1
|
||||||
|
},
|
||||||
|
"ratio-similarity": {
|
||||||
|
"description": "Similarity probability",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"recommended": false,
|
||||||
|
"ui-priority": 1
|
||||||
|
},
|
||||||
|
"website-ressource-diff": {
|
||||||
|
"description": "Difference of website's ressources between both, research and current variations domain",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"recommended": false,
|
||||||
|
"ui-priority": 1
|
||||||
|
},
|
||||||
|
"website-similarity": {
|
||||||
|
"description": "Similarity between website of both research and current variations domain",
|
||||||
|
"disable_correlation": true,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"recommended": false,
|
||||||
|
"ui-priority": 1
|
||||||
|
},
|
||||||
|
"website-title": {
|
||||||
|
"description": "Website's title of the current queried domain",
|
||||||
|
"disable_correlation": false,
|
||||||
|
"misp-attribute": "text",
|
||||||
|
"recommended": false,
|
||||||
|
"ui-priority": 1
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"description": "Typosquatting result",
|
||||||
|
"meta-category": "network",
|
||||||
|
"name": "typosquatting-finder-result",
|
||||||
|
"required": [
|
||||||
|
"queried-domain"
|
||||||
|
],
|
||||||
|
"uuid": "22151d90-b39b-498c-86c7-126ddd2e1a55",
|
||||||
|
"version": 1
|
||||||
|
}
|
||||||
|
|
@ -1,37 +1,37 @@
|
||||||
{
|
{
|
||||||
"attributes": {
|
"attributes": {
|
||||||
"research-domain": {
|
"research-domain": {
|
||||||
"categories": [
|
"categories": [
|
||||||
"Network activity",
|
"Network activity",
|
||||||
"External analysis"
|
"External analysis"
|
||||||
],
|
],
|
||||||
"description": "Research domain name",
|
"description": "Research domain name",
|
||||||
"disable_correlation": false,
|
"disable_correlation": false,
|
||||||
"misp-attribute": "domain",
|
"misp-attribute": "domain",
|
||||||
"recommended": false,
|
"recommended": false,
|
||||||
"ui-priority": 1
|
"ui-priority": 1
|
||||||
},
|
},
|
||||||
"variations-number": {
|
"variations-found-number": {
|
||||||
"description": "Number of variations for the research domain.",
|
"description": "Number of variations for the research domain that some info is found.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "text",
|
"misp-attribute": "text",
|
||||||
"recommended": false,
|
"recommended": false,
|
||||||
"ui-priority": 1
|
"ui-priority": 1
|
||||||
},
|
},
|
||||||
"variations-found-number": {
|
"variations-number": {
|
||||||
"description": "Number of variations for the research domain that some info is found.",
|
"description": "Number of variations for the research domain.",
|
||||||
"disable_correlation": true,
|
"disable_correlation": true,
|
||||||
"misp-attribute": "text",
|
"misp-attribute": "text",
|
||||||
"recommended": false,
|
"recommended": false,
|
||||||
"ui-priority": 1
|
"ui-priority": 1
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"description": "Typosquatting info",
|
"description": "Typosquatting info",
|
||||||
"meta-category": "network",
|
"meta-category": "network",
|
||||||
"name": "typosquatting-finder",
|
"name": "typosquatting-finder",
|
||||||
"required": [
|
"required": [
|
||||||
"research-domain"
|
"research-domain"
|
||||||
],
|
],
|
||||||
"uuid": "3414fbe7-6f8c-4ed5-bc51-9a11a3a29822",
|
"uuid": "3414fbe7-6f8c-4ed5-bc51-9a11a3a29822",
|
||||||
"version": 1
|
"version": 1
|
||||||
}
|
}
|
||||||
Loading…
Reference in New Issue