mirror of https://github.com/MISP/misp-objects
new: [scan-result] object for scanning result
This is the metadata of a scanning result including the raw output of the scan result. This objects can be used for tools like Nessus or even source code scanner to share the details about a scan. For additional information such IP address or alike, other objects will be used with the proper relationship added.pull/394/head
parent
f61702d030
commit
dec2cbb917
|
@ -0,0 +1,91 @@
|
|||
{
|
||||
"attributes": {
|
||||
"description": {
|
||||
"description": "Description of the scanning performed in this scan-result",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 1
|
||||
},
|
||||
"scan-end": {
|
||||
"description": "End of scanning activity",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "datetime",
|
||||
"multiple": true,
|
||||
"ui-priority": 0
|
||||
},
|
||||
"scan-result": {
|
||||
"description": "The scan-result as a file (in machine-readable or human-readable format). The file is always consider non-malicious.",
|
||||
"misp-attribute": "attachment",
|
||||
"ui-priority": 1
|
||||
},
|
||||
"scan-result-format": {
|
||||
"description": "Format used for the scan-result.",
|
||||
"misp-attribute": "text",
|
||||
"ui-priority": 1,
|
||||
"values_lists": [
|
||||
"free-text output",
|
||||
"XML",
|
||||
"JSON",
|
||||
"CSV",
|
||||
"HTML",
|
||||
"PDF",
|
||||
"Unknown"
|
||||
]
|
||||
},
|
||||
"scan-result-tool": {
|
||||
"description": "Tool used which generated the scan-result.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"sane_default": [
|
||||
"Nessus",
|
||||
"OpenVAS",
|
||||
"Nmap",
|
||||
"Nikto",
|
||||
"masscan",
|
||||
"zmap",
|
||||
"Qualys",
|
||||
"dnscan",
|
||||
"dnsrecon",
|
||||
"striker",
|
||||
"rhawk",
|
||||
"sslyze",
|
||||
"wafw00f",
|
||||
"sqlmap",
|
||||
"wig",
|
||||
"knock",
|
||||
"wpscan",
|
||||
"joomscan",
|
||||
"arachni",
|
||||
"nuclei"
|
||||
],
|
||||
"ui-priority": 0
|
||||
},
|
||||
"scan-start": {
|
||||
"description": "Start of scanning activity",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "datetime",
|
||||
"multiple": true,
|
||||
"ui-priority": 1
|
||||
},
|
||||
"scan-type": {
|
||||
"description": "Type of scanning in the scan-result.",
|
||||
"disable_correlation": true,
|
||||
"misp-attribute": "text",
|
||||
"multiple": true,
|
||||
"ui-priority": 0,
|
||||
"values_list": [
|
||||
"Network",
|
||||
"System",
|
||||
"Unknown"
|
||||
]
|
||||
}
|
||||
},
|
||||
"description": "Scan result object to add meta-data and the output of the scan result by itself.",
|
||||
"meta-category": "network",
|
||||
"name": "scan-result",
|
||||
"required": [
|
||||
"scan-result"
|
||||
],
|
||||
"uuid": "ebe2a359-8f5b-4a45-8106-d1678935b4c4",
|
||||
"version": 1
|
||||
}
|
Loading…
Reference in New Issue