MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity
1,210 Commits
6 Branches
44 Tags
12 MiB
Commit Graph

1210 Commits (159be29a669c3f53e107c2ab1e9e8165eb9a82fe)

Author SHA1 Message Date
Théo BARRAGUÉ 159be29a66
add: check if opposite key is valid in relationships 2021-02-22 11:28:24 +01:00
Théo BARRAGUÉ df7cf6bffb
chg: update json schema for relationships to include opposite key 2021-02-22 11:21:11 +01:00
Théo BARRAGUÉ ebfcf6a169
add: tool to validate if declared opposites exist 2021-02-22 11:19:31 +01:00
Théo BARRAGUÉ c2149bee81
fix: commas were sometimes doubled 2021-02-22 11:05:56 +01:00
Théo BARRAGUÉ 5c197e99c3
add: opposite of 26 relationships 2021-01-12 18:53:50 +01:00
Alexandre Dulaunoy fd7c05d74b
chg: [jarm] jq all the things 2021-01-05 14:49:34 +01:00
Alexandre Dulaunoy 811b52fa6f
fix: [tool] link to object template fixed 2021-01-05 14:48:29 +01:00
Alexandre Dulaunoy 8d08dc52d0
chg: [jarm] jarm type is jarm-fingerprint 2021-01-05 14:48:06 +01:00
Alexandre Dulaunoy 8753de0e1e
new: [jarm] new jarm object to describe TLS/SSL implementation matching 
a jarm fingerprint
 2021-01-05 14:44:46 +01:00
Alexandre Dulaunoy d5b837390c
chg: [doc] fixed 2021-01-05 09:33:42 +01:00
Alexandre Dulaunoy 2cb16e7be0
chg: [trustar_report] Updated to add "THREAT_ACTOR" 
Fixing #273
 2021-01-05 09:30:28 +01:00
Alexandre Dulaunoy d6d515d3d8
chg: [yara] disable correlations on some fields 2020-12-30 14:46:04 +01:00
Alexandre Dulaunoy 4d1c42e491
chg: [crypto-material] add a public field for public cryptographic materials 2020-12-30 14:21:37 +01:00
Alexandre Dulaunoy 3650498630
chg: [favicon] jq all the things 2020-12-27 16:21:09 +01:00
Alexandre Dulaunoy 179bd48bec
chg: [favicon] A favicon, also known as a shortcut icon, website icon, tab icon, URL icon, or bookmark icon, is a file containing one or more small icons, associated with a particular web 
site or web page. The object template can include the murmur3 hash of the favicon to facilitate correlation.
 2020-12-27 16:19:04 +01:00
Alexandre Dulaunoy 8921a0c8a2
chg: [type] favicon-mmh3 is the murmur3 hash of a favicon as used in Shodan. 2020-12-24 12:00:45 +01:00
Alexandre Dulaunoy 1634d3218f
chg: [doc] MISP objects list updated 2020-12-20 11:07:18 +01:00
Alexandre Dulaunoy b71e7c3458
chg: [twitter-post] jq 2020-12-20 10:52:40 +01:00
Alexandre Dulaunoy 8eae725e49
fix: [twitter-post] underscore - minus are difficult to choose from ;-) 2020-12-20 10:41:39 +01:00
Alexandre Dulaunoy ed1ceebdf4
chg: [jq] all the things 2020-12-20 10:37:14 +01:00
Alexandre Dulaunoy 85e37b360e
Merge pull request #302 from ater49/main 
Adding fields in twitter-post and paste
 2020-12-20 10:34:11 +01:00
Alexandre Dulaunoy 413a2618b6
Merge pull request #303 from seamustuohy/pymisp-pr/631 
Updated for support for msg format.
 2020-12-20 10:30:04 +01:00
seamus tuohy 7e65e5dfaf Updated for support for msg format. 
Adding first class support for Emails in .msg format to the email definition.
This includes making the  attribute support multiple bodies. Msg formats
nearly always have at least 2, if not 3, versions of the body (plain text, rtf, html).
 2020-12-19 17:03:26 -05:00
ater49 a410c7c7a6 Typo and version number correction + adding a field in twitter-post 
Adding created-at field in twitter-post
 2020-12-14 23:01:12 +01:00
ater49 a47ba8c5b8 Add media in twitter-post in order to store attached medias in a tweet 
Add pastebin.fr in source of paste and paste_file for storing whole
paste file.
 2020-12-14 22:25:58 +01:00
Alexandre Dulaunoy 5bc046c97e
chg: [doc] travis removed 2020-12-10 22:59:40 +01:00
Alexandre Dulaunoy f517d6691c
Merge branch 'main' of github.com:MISP/misp-objects into main 2020-12-10 19:13:07 +01:00
Alexandre Dulaunoy 499392ca0a
chg: [domain-ip] hostname added as an attribute 2020-12-10 19:12:33 +01:00
Alexandre Dulaunoy 475a610ab0
Merge pull request #299 from beaujeant/main 
chg: can have mutliple text attributes
 2020-11-25 17:37:24 +01:00
Beaujeant a65aa06859 chg: can have mutliple text attributes 2020-11-25 16:17:54 +01:00
Raphaël Vinot 6b50c50170 new: GH workflow 2020-11-24 18:53:49 +01:00
Alexandre Dulaunoy 7bbab1fdf4
Merge branch 'main' of github.com:MISP/misp-objects into main 2020-11-24 12:22:01 +01:00
Alexandre Dulaunoy 2401e6026e
chg: [schema] process-state updated 2020-11-24 12:20:59 +01:00
Raphaël Vinot c234a4b36d chg: Add type in schema 2020-11-24 11:55:30 +01:00
Alexandre Dulaunoy 3bfd0cc160
Merge branch 'SteveClement-process' into main 2020-11-24 11:48:44 +01:00
Alexandre Dulaunoy 9185d69d14
chg: [jq] all the [things] 2020-11-24 11:48:22 +01:00
Alexandre Dulaunoy 75d972bdfa
Merge branch 'process' of https://github.com/SteveClement/misp-objects into SteveClement-process 2020-11-24 11:48:07 +01:00
Alexandre Dulaunoy 1bb199e2de
chg: [types] jarm-fingerprint added 2020-11-24 11:28:37 +01:00
Steve Clement 506116f0ac
chg: [json] sort 2020-11-24 14:58:19 +09:00
Steve Clement dd6ebe5385
new: [sh] Added process state 2020-11-24 14:55:47 +09:00
Steve Clement 4997dc575c
Merge remote-tracking branch 'upstream/main' into process 2020-11-24 14:45:04 +09:00
chrisr3d 0a3e94839c
add: [passive-dns] Added a raw_rdata object relation 2020-11-13 20:09:46 +01:00
Alexandre Dulaunoy abf42cc8fb
Merge pull request #297 from MISP/chrisr3d_patch 
Using the actual attribute type for cpe and weakness instead of text
 2020-10-22 23:40:36 +02:00
chrisr3d 903935c1fe
chg: Using the actual attribute type for cpe and weakness instead of text 2020-10-22 22:11:50 +02:00
Alexandre Dulaunoy 27a554ab12
chg: [cpe-asset] updated 2020-10-16 12:31:44 +02:00
Alexandre Dulaunoy 89f4f6dbc1
new: [cpe-asset] an asset as defined with a CPE value 
This object was created to support the use-case of pisax.org for the
following use-case:

 - They define well-known assets which are used by IXPs and GRXs via
 their CPEs;
 - The assets are defined in a set of fixed/master MISP events;
 - Those events are used to query NVD/CVE database via cve-search
 (https://github.com/cve-search/cve-search) using a PyMISP script
 - Then the CVEs matching the CPE are added in MISP and dispatched to the
 sharing community of users as specific MISP events.

Ref: PISAX - pan-European Information Sharing and Analysis Center (ISAC) to IXPs and GRXs
Ref: https://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir7695.pdf ((NIST Interagency Report 7695))
 2020-10-16 09:21:40 +02:00
Alexandre Dulaunoy 141a8d2e2f
chg: [vulnerability] fixed 2020-10-15 22:49:29 +02:00
Alexandre Dulaunoy 25c888cecb
chg: [vulnerability] vulnerable_configuration are now cpe type 2020-10-15 22:40:50 +02:00
Alexandre Dulaunoy 5c935172ea
chg: [file] because sorted is always better 2020-10-13 22:47:10 +02:00
Alexandre Dulaunoy 0196285c0f
chg: [file] imphash and telfhash added 2020-10-13 22:46:24 +02:00