MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity
1,685 Commits
6 Branches
44 Tags
11 MiB
Commit Graph

1175 Commits (0037856e60bcf9196eb9b056a10080957c855526)

Author SHA1 Message Date
Alexandre Dulaunoy 0037856e60
new: [x-header] new generic X header object for SMTP, HTTP and others 2023-08-07 14:36:24 +02:00
Alexandre Dulaunoy 3d81ef381c
fix: [scan-results] JSON and trailing comma ;-) 2023-08-03 10:47:45 +02:00
Alexandre Dulaunoy 2f5fb87c1a
Merge branch 'main' of https://github.com/mFaou/misp-objects into mFaou-main 2023-08-03 10:46:27 +02:00
Luciano Righetti 800d677af6
Merge pull request #398 from righel/add-sigmf-templates 
new: add basic SigMF templates
 2023-08-03 09:37:27 +02:00
Luciano Righetti 21b06c2f48 fix: jq all the things 2023-08-03 09:30:58 +02:00
Luciano Righetti 17a68d93ae fix: minor fixes 2023-08-03 08:07:47 +02:00
Luciano Righetti ac201f475a new: sigmf archive object 2023-08-03 08:07:33 +02:00
Matthieu Faou 0515870942
Added requiredOneOf to scan-result object definition 2023-08-02 15:35:12 -04:00
Matthieu Faou 56941c6e93
Removed the scan-result field requirement in the scan-result object 2023-08-01 16:33:23 -04:00
Alexandre Dulaunoy 4da05293d7
fix: [malware-config] typo fixed 2023-07-31 11:21:29 +02:00
Alexandre Dulaunoy fb0ffd5d4b
chg: [malware-config] to add attachment and description of the malware config 2023-07-31 11:17:23 +02:00
Alexandre Dulaunoy 17f71b39bd
chg: [scan-results] jq all the things 2023-07-28 22:25:37 +02:00
Matthieu Faou 5e201f4e0d
removed line break 2023-07-28 15:15:17 -04:00
Matthieu Faou 22477f7bc6
Added internet scanning tools to scan-result 2023-07-28 15:09:25 -04:00
417190e5c48babc7 ab1f97b881 chg: [ja3s] Add domain and hostname attributes 2023-07-20 10:24:42 +03:00
Alexandre Dulaunoy 0f5cbd49d0
Merge pull request #396 from MISP/chrisr3d_patch 
New object templates to support new STIX 2.1 Incident extension objects
 2023-07-19 08:39:56 +02:00
Steph S 32e21c8806 Fixed json formatting 2023-07-13 09:48:12 -04:00
Steph S c7bade5c8b Added a is-malicious attribute for abuseipdb and added a google-safe-browsing object for the google-safe-browsing expansion module 2023-07-13 09:25:26 -04:00
Luciano Righetti 316a4b07d1 new: add fft and waterfall attributes 2023-07-12 15:33:23 +02:00
Luciano Righetti ba6bad723b fix: jq all the things 2023-07-11 17:04:18 +02:00
Luciano Righetti 59d2a301b9 new: add basic SigMF templates 2023-07-11 16:54:11 +02:00
Steph S 1374b0c7f0 Added AbuseIPDB object template for the AbuseIPDB expansion module 2023-07-10 15:22:27 -04:00
Alexandre Dulaunoy e6864eb745
chg: [hhhash] newline fixed 2023-07-10 16:40:22 +02:00
Alexandre Dulaunoy f7da39c557
new: [hhhassh object] An object describing a HHHash object with the hash value along with the crawling parameters. For more information: https://www.foo.be/2023/07/HTTP-Headers-Hashing_HHHash 2023-07-10 16:38:12 +02:00
Christian Studer e215a0ff1a
add: [incident] Added the score attribute 
- We will probably parse scores and build the
  attribute value the following way:
  "{name} - {description}: {score}"
 2023-07-07 11:36:42 +02:00
Christian Studer ae62d5f9b3
fix: [impacts] Typo 2023-06-22 15:50:54 +02:00
Christian Studer 49a715e1cf
fix: [confidentiality-impact] JQed 2023-06-22 15:41:06 +02:00
Christian Studer e3556784b5
wip: [task] New object template for tasks as described in STIX 2.1 Incident object extensions 2023-06-22 15:39:02 +02:00
Christian Studer 3c17729f0e
wip: [impacts] New template for different types of impacts as described in STIX 2.1 Incident object extensions 2023-06-22 15:16:48 +02:00
Christian Studer c5c8f35fb4
wip: [event] New object template to describe events that can happen during an incident 2023-06-22 12:28:47 +02:00
Christian Studer 1a05a9f253
add: [incident] Added the required object relation 2023-06-22 12:28:04 +02:00
Christian Studer ef04ff8020
add: [incident] Incident object based on the STIX 2.1 Incident object as well as its core extension 2023-06-21 16:32:30 +02:00
Christian Studer f6d069dc3d
fix: [organization] Fixed missing comma 
- Managed to improve the description too
 2023-06-15 13:51:08 +02:00
Christian Studer 1f3b9312cc
add: [organization] Added the generic `contact_information` and `sector` fields for an organization 2023-06-15 13:27:55 +02:00
Alexandre Dulaunoy e26541e89e
Merge branch 'main' of github.com:MISP/misp-objects into main 2023-06-14 19:21:37 +02:00
Alexandre Dulaunoy 5d307f7c30
chg: [cookie] cookie can be also only a key or a value 
This change is required for the AIL project export
 2023-06-14 17:36:22 +02:00
Michael Trenker 241f4455ac ran jq_all_the_things.sh 2023-06-14 11:54:46 +00:00
Michael Trewen 25e1790e74 jq 2023-06-13 19:15:23 +02:00
Michael Trewen 71cc235a5d new:added Diamond Object 2023-06-13 10:47:28 +02:00
Christian Studer ec8645f421
add: [crowdsec-ip-context] Added the `false-positives` attribute that comes alongside with the `classifications` 2023-05-26 14:17:10 +02:00
Christian Studer 35285505a1
add: [crowdsec-ip-context] Added the classifications multiple attribute 2023-05-24 16:29:06 +02:00
Alexandre Dulaunoy 61608e5d44
chg: [scan-result] updated list of potential scanning tool 
Source: https://gist.github.com/SteveClement/baf3a9ae0ba030283ecc30acd6f7c2ae
 2023-05-24 11:03:47 +02:00
Alexandre Dulaunoy 20f567757d
chg: [scan-result] jq all the things 2023-05-22 14:08:34 +02:00
Alexandre Dulaunoy e33e893b44
new: [scan-result] object for scanning result 
This is the metadata of a scanning result including the raw output of
the scan result.

This objects can be used for tools like Nessus or even source code
scanner to share the details about a scan.

For additional information such IP address or alike, other objects will
be used with the proper relationship added.
 2023-05-22 14:04:48 +02:00
goodlandsecurity 4e5719f29a
adding cobalt strike beacon config object 2023-05-19 14:07:24 -05:00
Alexandre Dulaunoy a605792844
chg: [crowdsec] jq all the things 2023-05-12 10:34:19 +02:00
Alexandre Dulaunoy b0e5f39f26
Update definition.json 2023-05-12 10:31:33 +02:00
Alexandre Dulaunoy 65f4be51d5
chg: [crowdsec] updated 2023-05-12 08:52:19 +02:00
Alexandre Dulaunoy 3d736c427c
new: [crowdsec-ip-context] new initial object for crowdsec expansion 2023-05-11 16:52:24 +02:00
Alexandre Dulaunoy fd12a1bcd7
fix: [ai-chat-prompt] improved ai-chat-prompt template 2023-04-16 10:50:30 +02:00