Commit Graph

519 Commits (10acf6289eb5a5644708e66c8796cbe594052669)

Author SHA1 Message Date
aksha 10acf6289e add: Misp object for Mactime-timeline-analysis 2018-09-27 11:46:32 +01:00
aksha d2550dffb6 update: Forensic-evidence object 2018-09-04 14:18:30 +01:00
aksha 4e66e692d4 fixed intendation 2018-09-04 12:46:00 +01:00
aksha 7ee2ff1901 Add: Object template for digital evidence 2018-09-04 12:31:13 +01:00
Aks6193 d92e482a96
Merge pull request #1 from MISP/master
chg: [forensic-case] object added based on the original one from @Aks…
2018-09-03 20:01:41 +01:00
Alexandre Dulaunoy 0c98a925f3
chg: [forensic-case] object added based on the original one from @Aks6193
The idea is to separate the evidences from the case itself as you can
have multiple acquisitions for a specific case. Another object template
is required such as [forensic-evidence] to be able to link between the
forensic-case object and one or more evidences.
2018-09-03 13:54:59 +02:00
aksha b83e98bbd4 Add: Misp object for Digital Forensic - Case metadata 2018-09-03 11:28:40 +01:00
Alexandre Dulaunoy e90b1ce457
chg: [ja3] categories removed (default attributes categories will be used)
Fix MISP/MISP/issues/3593
2018-08-28 14:30:29 +02:00
Alexandre Dulaunoy a2384e9032
added "signed-by" relationship fix #87 2018-08-21 10:22:42 +02:00
Alexandre Dulaunoy ab58f01666
chg: [geolocation] disable correlation on specific attributes 2018-08-15 18:34:35 +02:00
Alexandre Dulaunoy 487ff53afe
fix: [geolocation] to include accuracy-radius as described by maxmind geoip2 API 2018-08-15 18:26:10 +02:00
Alexandre Dulaunoy 0b164141af
chg: [vehicle] Vehicle object template to describe a vehicle information and registration 2018-08-04 15:39:38 +02:00
Alexandre Dulaunoy 3036ec875c
Merge pull request #111 from Delta-Sierra/master
fix requiredOneOf lists regarding non-existing attributes
2018-07-27 16:24:56 +02:00
Deborah Servili 60010ce556
fix file object version 2018-07-27 15:19:15 +02:00
Deborah Servili 4e23159cb0
fix RequiredOneOf list in fle object 2018-07-27 15:15:47 +02:00
Deborah Servili c1f5e7342b
url is not a field of email object, then not one of the requiredOneOf 2018-07-26 15:49:44 +02:00
Alexandre Dulaunoy 3aa3247b09
chg: [paste object] add a link attribute when the paste reference is not malicious 2018-07-26 14:06:39 +02:00
Alexandre Dulaunoy aae03a3db2
chg: [misp-objects] multiple flag is now visible in asciidoctor output 2018-07-22 08:04:26 +02:00
Alexandre Dulaunoy 51d8e83b1f
Merge branch 'master' of github.com:MISP/misp-objects 2018-07-20 10:18:33 +02:00
Alexandre Dulaunoy 9a72b53923
chg: allow multiple domains too fix #108 2018-07-20 10:12:09 +02:00
Andras Iklody 5af0d31c49
Allow multiple "pattern-in-file" in file object, fixes #109 2018-07-20 07:03:22 +02:00
Alexandre Dulaunoy 6bfa279701
new: [short-message-service] Short Message Service (SMS) object template describing one or more SMS message added 2018-07-18 09:52:31 +02:00
Alexandre Dulaunoy 319c2a3e96
chg: [threadgrid-report] added in the list of objects 2018-07-17 08:29:14 +02:00
Raphaël Vinot 0244bce6ef new: threatgrid-report object template 2018-07-16 13:48:56 +02:00
Alexandre Dulaunoy 9918cc393d
chg: [coin-address] ETN symbol added 2018-07-13 17:07:35 +02:00
chrisr3d 498c6f114b
fix: Fixed exploits relationship properties 2018-07-10 10:47:31 +02:00
chrisr3d 6585ec3329
add: Updated relationships list with Cybox relationships best practices 2018-07-10 10:40:03 +02:00
Alexandre Dulaunoy b92ab93c80
chg: [relationship] exploits added 2018-07-10 09:41:27 +02:00
Alexandre Dulaunoy 88819d6fa3
chg: [exploit-poc] a same context can contains multiple PoC samples 2018-07-10 09:32:12 +02:00
Alexandre Dulaunoy 26d142d37f
chg: [exploit-poc] added to the list of objects 2018-07-10 07:42:47 +02:00
Alexandre Dulaunoy 021b06bacd
new: exploit-poc object describing a proof of concept or exploit of a vulnerability. This object has often a relationship with a vulnerability object. 2018-07-10 07:41:09 +02:00
Alexandre Dulaunoy 1a491dfd23
chg: [JSON schema] vulnerability added as meta-category 2018-07-10 07:39:58 +02:00
Alexandre Dulaunoy 856cec8d09
chg: [vulnerability] is now in its own vulnerability meta-category 2018-07-10 07:38:28 +02:00
Alexandre Dulaunoy 9eb578d747
chg: [vulnerability] updated following NATO and CIRCL feedback
- CVSS score added
- CVSS string added
- credit attribute added
- text -> description
- vulnerability attribute can now be any format (not only the CVE
format)
2018-07-10 07:21:36 +02:00
Alexandre Dulaunoy 2b5592cfa6
fix: [suricata] allow multiple Suricata rules in the object (similar context) and fix the rule to be in Snort format
Fix #106
2018-07-09 21:50:44 +02:00
Alexandre Dulaunoy eff3a5f3f5
Merge branch 'master' of github.com:MISP/misp-objects 2018-07-04 11:11:47 +02:00
Alexandre Dulaunoy 6c36a1df69
chg: [coin-address] XMR type address added in addition to the default Bitcoin address format 2018-07-04 11:10:50 +02:00
Alexandre Dulaunoy e9fd65cecb
Merge pull request #105 from chrisr3d/master
Added some relations used on stix1 files
2018-06-22 17:37:36 +02:00
chrisr3d 8a916627dd Merge branch 'master' of github.com:MISP/misp-objects 2018-06-22 17:28:12 +02:00
chrisr3d 99b4a20ebb
add: Added some relations seen on stix 2018-06-22 17:27:21 +02:00
Alexandre Dulaunoy 3b21125acd
add: missing timesketch-timeline object template 2018-06-22 07:44:20 +02:00
Alexandre Dulaunoy d9a616095a
Chg: jq all the things 2018-06-19 21:11:24 +02:00
Alexandre Dulaunoy e1eb747426
Merge pull request #104 from ahuan-gdms/master
adding STIX AIS Information source Object
2018-06-19 08:32:02 +02:00
AH 7d1e3747d0 STIX AIS Information source 2018-06-18 19:24:31 -04:00
Alexandre Dulaunoy ce8472b92e
Merge pull request #103 from Terrtia/master
modify ail-leak object for the tagging system
2018-06-12 15:04:18 +02:00
Thirion Aurélien d2c9ae007a
modify ail-leak object for the tagging system 2018-06-12 11:47:44 +02:00
Alexandre Dulaunoy b6f12a9f46
chg: new script template object
Object describing a computer program written to be run in a special run-time environment. The script or shell
script can be used for malicious activities but also as support tools for threat analysts.

Fix #101
2018-06-09 11:36:58 +02:00
Alexandre Dulaunoy 1ca25a39ad
fix: missing ui-priority 2018-06-09 10:59:01 +02:00
Alexandre Dulaunoy 07f41b0444
chg: EPSG and spacial-reference add fix #102
Following feedback during the last ENISA Cyber Europe 2018, we updated
the geolocation object to the following:

 - Fixing ui-priority to ensure lat,long in order
 - Adding the ability to specify an EPSG value instead of coordinates
 (handy if you want to quickly express a known location/area)
 - Set a default spacial-reference to avoid confusion between reported
 value from GPS versus values projected into a specific spacial
 projection. default is WGS-84.
2018-06-09 10:46:12 +02:00
Alexandre Dulaunoy a5c331038e
chg: shortened-link template added 2018-06-05 15:22:17 +02:00