Commit Graph

553 Commits (0877fc80c5a20f0041bb3db2b38ef81887e4f6da)

Author SHA1 Message Date
Alexandre Dulaunoy 0877fc80c5
chg: [doc] mactime template added 2018-09-27 13:30:44 +02:00
Alexandre Dulaunoy d8257c4588
Merge branch 'Aks6193-master' 2018-09-27 13:20:31 +02:00
Alexandre Dulaunoy 5acaa3498f
chg: jq all the things ;-) 2018-09-27 13:19:33 +02:00
Alexandre Dulaunoy 96f234884a
Merge branch 'master' of https://github.com/Aks6193/misp-objects into Aks6193-master 2018-09-27 13:19:04 +02:00
aksha 10acf6289e add: Misp object for Mactime-timeline-analysis 2018-09-27 11:46:32 +01:00
Alexandre Dulaunoy d1b2f6d5fb
chg: [relationship] annotates relationship added (useful for the annotation object) 2018-09-27 07:40:30 +02:00
Alexandre Dulaunoy 9189e8e8a4
Merge pull request #115 from Delta-Sierra/master
add docs - time related objects
2018-09-24 21:03:44 +02:00
Deborah Servili 89e869c577
add docs - time related objects 2018-09-21 15:40:32 +02:00
Alexandre Dulaunoy 231fdaf92b
chg: [README] malware-config object added 2018-09-21 07:13:23 +02:00
Alexandre Dulaunoy 01ea4c3097
chg: [malware-config] new object to describe malware configuration in clear-text or encrypted/encoded
ref: fix https://github.com/MISP/MISP/issues/3679
2018-09-21 07:11:38 +02:00
Alexandre Dulaunoy 4d6e0d7580
chg: [file] fullpath can be part of a single file object 2018-09-16 17:13:30 +02:00
Alexandre Dulaunoy d2b33810c5
chg: [relationships] updated with new relationships 2018-09-14 18:39:20 +02:00
Alexandre Dulaunoy f9d6ba3f08
Merge pull request #114 from StefanKelm/master
BGP hijack
2018-09-13 15:12:36 +02:00
Stefan Kelm 00184b6fc0 bgp-hijack 2018-09-13 14:13:33 +02:00
Stefan Kelm 76553f176c bgp-hijack 2018-09-13 14:10:52 +02:00
Stefan Kelm 8b5b5df77c bgp-hijack 2018-09-13 14:05:45 +02:00
Alexandre Dulaunoy 243396a34d
chg: [ail] version of the template updated 2018-09-12 22:11:46 +02:00
Alexandre Dulaunoy 5511eaab2a
Merge pull request #113 from Terrtia/master
fix: [ail-leak] disable correlation
2018-09-12 22:10:59 +02:00
Terrtia 76b3086356
fix: [ail-leak] disable correlation 2018-09-12 16:49:28 +02:00
Alexandre Dulaunoy bb2b8d810f
chg: [tracking-id] add the tracker origin such as the vendor or software 2018-09-09 12:39:22 +02:00
Alexandre Dulaunoy 37a4a93326
chg: [original-import-file] list of "sane" default format. 2018-09-09 12:34:06 +02:00
Alexandre Dulaunoy ddd341d0ed
chg: [doc] tracking-id added to the list of templates 2018-09-09 12:31:53 +02:00
Alexandre Dulaunoy 755dbe5837
Merge branch 'master' of github.com:MISP/misp-objects 2018-09-09 12:30:26 +02:00
Alexandre Dulaunoy c8ecf75fdc
new: [tracking-id] Analytics and tracking ID such as used in Google Analytics or other analytic platform. 2018-09-09 12:29:58 +02:00
chrisr3d ac221f8927
fix: typo in link to an object 2018-09-07 11:37:55 +02:00
chrisr3d 5f74fe8fa8 Merge branch 'master' of github.com:MISP/misp-objects into chrisr3d_patch 2018-09-07 11:33:45 +02:00
chrisr3d 344b8f002e
fix: Changed 'type' attribute that is more relevant as being called 'format' 2018-09-07 11:32:47 +02:00
Alexandre Dulaunoy 767b461429
chg: [file] following some CyBOX import adding a fullpath field which includes filename and path request 2018-09-07 11:26:37 +02:00
chrisr3d 1a02c6879e
chg: Deleted filename attribute since it is already contained in attachment 2018-09-06 14:54:39 +02:00
chrisr3d 0890420856
new: New Object describing original files usedd to import data in MISP 2018-09-06 11:20:26 +02:00
Alexandre Dulaunoy 38071f4bd9
chg: [forensic-evidence] updated to include other tools and correlation disabled for some fields 2018-09-04 20:48:51 +02:00
Alexandre Dulaunoy 3a81765d8f
jq all the things (tm) 2018-09-04 20:40:16 +02:00
Alexandre Dulaunoy 258b6830b2
Merge pull request #112 from Aks6193/master
Forensic-evidence
2018-09-04 20:39:22 +02:00
chrisr3d e04a9a570b Merge branch 'master' of github.com:MISP/misp-objects 2018-09-04 16:16:07 +02:00
chrisr3d d84b499d3a
fix: Some relationships typo fixed 2018-09-04 16:15:08 +02:00
aksha d2550dffb6 update: Forensic-evidence object 2018-09-04 14:18:30 +01:00
aksha 4e66e692d4 fixed intendation 2018-09-04 12:46:00 +01:00
aksha 7ee2ff1901 Add: Object template for digital evidence 2018-09-04 12:31:13 +01:00
Aks6193 d92e482a96
Merge pull request #1 from MISP/master
chg: [forensic-case] object added based on the original one from @Aks…
2018-09-03 20:01:41 +01:00
Alexandre Dulaunoy 0c98a925f3
chg: [forensic-case] object added based on the original one from @Aks6193
The idea is to separate the evidences from the case itself as you can
have multiple acquisitions for a specific case. Another object template
is required such as [forensic-evidence] to be able to link between the
forensic-case object and one or more evidences.
2018-09-03 13:54:59 +02:00
aksha b83e98bbd4 Add: Misp object for Digital Forensic - Case metadata 2018-09-03 11:28:40 +01:00
Alexandre Dulaunoy e90b1ce457
chg: [ja3] categories removed (default attributes categories will be used)
Fix MISP/MISP/issues/3593
2018-08-28 14:30:29 +02:00
Alexandre Dulaunoy a2384e9032
added "signed-by" relationship fix #87 2018-08-21 10:22:42 +02:00
Alexandre Dulaunoy ab58f01666
chg: [geolocation] disable correlation on specific attributes 2018-08-15 18:34:35 +02:00
Alexandre Dulaunoy 487ff53afe
fix: [geolocation] to include accuracy-radius as described by maxmind geoip2 API 2018-08-15 18:26:10 +02:00
Alexandre Dulaunoy 0b164141af
chg: [vehicle] Vehicle object template to describe a vehicle information and registration 2018-08-04 15:39:38 +02:00
Alexandre Dulaunoy 3036ec875c
Merge pull request #111 from Delta-Sierra/master
fix requiredOneOf lists regarding non-existing attributes
2018-07-27 16:24:56 +02:00
Deborah Servili 60010ce556
fix file object version 2018-07-27 15:19:15 +02:00
Deborah Servili 4e23159cb0
fix RequiredOneOf list in fle object 2018-07-27 15:15:47 +02:00
Deborah Servili c1f5e7342b
url is not a field of email object, then not one of the requiredOneOf 2018-07-26 15:49:44 +02:00