MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity

dns record and shodan report objects

pull/193/head
kx499 2017-11-14 15:38:54 -05:00
parent 1fd5d4f6a7
commit 59a78eef24
2 changed files with 132 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
objects/dns-record/definition.json Normal file
View File

@ -0,0 +1,62 @@
{
"required": [
"queried-domain"
],
"requiredOneOf": [
"a-record",
"mx-record",
"ns-record"
],
"attributes": {
"text": {
"description": "A description of the records",
"ui-priority": 1,
"misp-attribute": "text",
"recommended": false
},
"queried-domain": {
"description": "Domain name",
"categories": [
"Network activity",
"External analysis"
],
"ui-priority": 1,
"misp-attribute": "domain"
},
"a-record": {
"description": "IP Address sassociated with A Records",
"categories": [
"Network activity",
"External analysis"
],
"ui-priority": 1,
"misp-attribute": "ip-dst",
"multiple": true
},
"mx-record": {
"description": "Domain associated with MX Record",
"categories": [
"Network activity",
"External analysis"
],
"ui-priority": 1,
"misp-attribute": "domain",
"multiple": true
},
"ns-record": {
"description": "Domain associated with NS Records",
"categories": [
"Network activity",
"External analysis"
],
"ui-priority": 1,
"misp-attribute": "domain",
"multiple": true
}
},
"version": 1,
"description": "A set of dns records observed for a specific domain.",
"meta-category": "network",
"uuid": "f023c8f0-81ab-41f3-9f5d-fa597a34a9b9",
"name": "dns-record"
}

70
objects/shodan-report/definition.json Normal file
View File

@ -0,0 +1,70 @@
{
"required": [
"ip"
],
"requiredOneOf": [
"hostname",
"org",
"port",
"banner"
],
"attributes": {
"text": {
"description": "A description of the report",
"ui-priority": 1,
"misp-attribute": "text",
"recommended": false
},
"ip": {
"description": "IP Address Queried",
"categories": [
"Network activity",
"External analysis"
],
"ui-priority": 1,
"misp-attribute": "ip-dst"
},
"hostname": {
"description": "Hostnames found",
"categories": [
"Network activity",
"External analysis"
],
"ui-priority": 1,
"misp-attribute": "domain",
"multiple": true
},
"org": {
"description": "Associated Organization",
"categories": [
"Network activity",
"External analysis"
],
"ui-priority": 1,
"misp-attribute": "text"
},
"port": {
"description": "Listening Port",
"categories": [
"Network activity",
"External analysis"
],
"ui-priority": 1,
"misp-attribute": "port"
},
"banner": {
"description": "server banner reported",
"categories": [
"Network activity",
"External analysis"
],
"ui-priority": 1,
"misp-attribute": "text"
}
},
"version": 1,
"description": "Shodan Report for a given IP",
"meta-category": "network",
"uuid": "10b03d93-3694-4a79-9cd1-4a273746303a",
"name": "shodan-report"
}