MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity
228 Commits
6 Branches
44 Tags
11 MiB
Commit Graph

147 Commits (0ab002e94c23397d382c15086a9cf322854ba310)

Author SHA1 Message Date
Alexandre Dulaunoy 0ab002e94c
Fix typo in the field 2017-10-13 15:08:25 +02:00
Alexandre Dulaunoy 9b55a361ec
Some updates including description of fields 2017-10-13 15:02:04 +02:00
Alexandre Dulaunoy 94b9bc9aee
First version of Netflow object based on proposal from @JanKoDFNCERT 
Open questions:

  - What is a minimal Netflow records? I relax a bit the required fields.
  - How does this work with IPFIX (and variable templates)?
  - How should we express the TCP flags expressed? (S/SA/SAF)
 2017-10-13 14:30:10 +02:00
Alexandre Dulaunoy 2b9ba3ac00
add: RTIR object added (as requested by CSP - Cyber Security Core Service Platform) 2017-10-12 22:08:09 +02:00
Alexandre Dulaunoy deda8abfb1
use url attribute type for link inside a post 2017-10-06 08:22:41 +02:00
Alexandre Dulaunoy c4bc232be2
Merge branch 'patch-4' of https://github.com/ater49/misp-objects into ater49-patch-4 2017-10-06 08:22:00 +02:00
ater49 a13726c138 Update definition.json 
Link attribute added in case of url present into the post.

Multiple set to true for "username-quoted"
 2017-10-04 13:31:25 +02:00
ater49 71860b21e9 New attributes: title 
In case of paste or post has a title.

Ghostbin.com origin added
 2017-10-04 13:24:29 +02:00
Alexandre Dulaunoy bc7c84ca5a
add: Paste or similar post from a website allowing to share privately or publicly posts. 2017-09-29 14:59:39 +02:00
Alexandre Dulaunoy f10f361df0
jq all and fix the space ;-) 2017-09-28 22:07:15 +02:00
ater49 4c69154ad3 Attributes username-quoted added 
Added Attributes: "username-quoted"
Added types: LinkedIn, Reddit, Google+, Instagram
 2017-09-28 21:36:27 +02:00
Alexandre Dulaunoy 5a80d5c4d2
add: Microblog post object like a Twitter tweet or a post on a Facebook wall. 2017-09-28 19:32:31 +02:00
Alexandre Dulaunoy 5b66865268
Carbon copy field added 2017-09-27 16:43:21 +02:00
Alexandre Dulaunoy 140b55254a
return-path added in email object 2017-09-25 20:37:02 +02:00
Alexandre Dulaunoy 9d14620739
Victim object added mainly based on the STIX 2.0 victim proposal 2017-09-24 21:21:33 +02:00
Alexandre Dulaunoy 3ecace4d12
First version of the ja3 object based on the proposal from @delbs 2017-09-24 20:10:59 +02:00
Alexandre Dulaunoy a5c0c4e192
Fixing typo in the credit-card object 2017-09-21 15:35:05 +02:00
Alexandre Dulaunoy d22ced3b82
whois template fixed 2017-09-18 09:01:57 +02:00
Alexandre Dulaunoy 3e00c3129c
Fix #22 2017-09-18 08:11:25 +02:00
iglocska 10b21c6aac fix: Fixed typo 2017-09-17 12:46:51 +02:00
iglocska 8662818177 fix: Updated the required_value field with the new name: values_list 2017-09-17 12:43:09 +02:00
iglocska 8643f0dc47 fix: Fixed an issue with the email object not having the correct requiredoneof fieldnames, fixes MISP/MISP#2481 2017-09-17 12:31:50 +02:00
Alexandre Dulaunoy 777ef97aeb
An object describing a regular expression (regex or regexp). 
The object can be linked via a relationship to other attributes
or objects to describe how it can be represented as a regular expression.
 2017-09-15 21:02:11 +02:00
Alexandre Dulaunoy d781a0eb05
add: first version of a person object (partially based on the PNR types) 2017-09-14 07:49:50 +02:00
Alexandre Dulaunoy bc27dc6d42
add: first version of the credit-card object 2017-09-13 21:18:16 +02:00
Alexandre Dulaunoy 0e409294c0
fix: port is used instead of text type 2017-09-13 17:26:59 +02:00
Alexandre Dulaunoy 579e851f5e
port type instead of text 2017-09-13 16:42:15 +02:00
Raphaël Vinot 96db4ae070 Disable some correlations 2017-09-11 16:08:03 +02:00
Alexandre Dulaunoy 50fe0c2993 Updated following Andras feedback 2017-09-06 16:13:35 +02:00
Alexandre Dulaunoy 8814be9527 yabin updated following Andras feedback 2017-09-06 16:13:02 +02:00
Alexandre Dulaunoy 317fd559d6 first version of a yabin object 2017-09-06 16:04:37 +02:00
Alexandre Dulaunoy 60f6c15655
Typo fixed 2017-08-29 22:02:10 +02:00
Raphaël Vinot 0445ebd350 Add descriptions in all the objects 2017-08-29 18:36:46 +02:00
Raphaël Vinot 9a3974f383 Update definitions of binaries 2017-08-29 13:25:58 +02:00
Raphaël Vinot d34dd5fb60 Allow multiple entries of type flag in the ELFSection object 2017-08-27 17:49:53 +02:00
Alexandre Dulaunoy 66e7397397
phone defintion fixed 2017-08-27 08:30:58 +02:00
Alexandre Dulaunoy 41f3792b49
first version of a mobile phone object 2017-08-27 08:16:58 +02:00
Raphaël Vinot 7c3aaa30c2 Update ELF definitions, add MachO. 2017-08-25 15:52:32 +02:00
Raphaël Vinot 49cd96aa2b Add mimetype to file object template 2017-08-23 11:01:48 +02:00
Alexandre Dulaunoy 2fd589e151
version updated 2017-08-08 20:39:36 +02:00
truckydev ea7bdb5bd7 add X509-fingerprint 
https://github.com/MISP/MISP/pull/2357
 2017-08-08 15:11:47 +02:00
Thomas Gardner 8558bef481 added http-request object 2017-08-03 16:11:33 -06:00
Alexandre Dulaunoy 10ca2819a1
Fix: tld type not existing in MISP 2017-08-03 18:27:34 +02:00
Alexandre Dulaunoy 113eb9e5a0
A cookie object has been added. 
An HTTP cookie (web cookie, browser cookie) is a small piece of data
that a server sends to the user's web browser. The object includes
type which can help to describe the malicious use-case of the cookie.
 2017-08-03 12:15:26 +02:00
Alexandre Dulaunoy 08e5ebe995
Typo fixed in key-size - Thanks to @StefanKelm 2017-08-03 12:00:00 +02:00
Raphaël Vinot ca24684e2f Update required entries for PE objects 2017-07-21 11:33:38 +02:00
Alexandre Dulaunoy 6e88746a67 Improved Tor node object to include support of the new Tor monitoring 2017-07-06 14:57:32 +02:00
Alexandre Dulaunoy afaf0d0e19 add a comment field 2017-07-05 07:41:07 +02:00
Alexandre Dulaunoy 30976be591 Tor node object template which are part of the Tor network at a time. 2017-07-05 07:33:35 +02:00
Alexandre Dulaunoy 9a1c5511f4 ui-priority 2017-07-03 16:55:14 +02:00