MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity
545 Commits
6 Branches
44 Tags
12 MiB
Commit Graph

372 Commits (231fdaf92b2507f7dca38ce82e88c604d5ce19dc)

Author SHA1 Message Date
Alexandre Dulaunoy 01ea4c3097
chg: [malware-config] new object to describe malware configuration in clear-text or encrypted/encoded 
ref: fix https://github.com/MISP/MISP/issues/3679
 2018-09-21 07:11:38 +02:00
Alexandre Dulaunoy 4d6e0d7580
chg: [file] fullpath can be part of a single file object 2018-09-16 17:13:30 +02:00
Stefan Kelm 00184b6fc0 bgp-hijack 2018-09-13 14:13:33 +02:00
Stefan Kelm 8b5b5df77c bgp-hijack 2018-09-13 14:05:45 +02:00
Alexandre Dulaunoy 243396a34d
chg: [ail] version of the template updated 2018-09-12 22:11:46 +02:00
Terrtia 76b3086356
fix: [ail-leak] disable correlation 2018-09-12 16:49:28 +02:00
Alexandre Dulaunoy bb2b8d810f
chg: [tracking-id] add the tracker origin such as the vendor or software 2018-09-09 12:39:22 +02:00
Alexandre Dulaunoy 37a4a93326
chg: [original-import-file] list of "sane" default format. 2018-09-09 12:34:06 +02:00
Alexandre Dulaunoy 755dbe5837
Merge branch 'master' of github.com:MISP/misp-objects 2018-09-09 12:30:26 +02:00
Alexandre Dulaunoy c8ecf75fdc
new: [tracking-id] Analytics and tracking ID such as used in Google Analytics or other analytic platform. 2018-09-09 12:29:58 +02:00
chrisr3d 5f74fe8fa8 Merge branch 'master' of github.com:MISP/misp-objects into chrisr3d_patch 2018-09-07 11:33:45 +02:00
chrisr3d 344b8f002e
fix: Changed 'type' attribute that is more relevant as being called 'format' 2018-09-07 11:32:47 +02:00
Alexandre Dulaunoy 767b461429
chg: [file] following some CyBOX import adding a fullpath field which includes filename and path request 2018-09-07 11:26:37 +02:00
chrisr3d 1a02c6879e
chg: Deleted filename attribute since it is already contained in attachment 2018-09-06 14:54:39 +02:00
chrisr3d 0890420856
new: New Object describing original files usedd to import data in MISP 2018-09-06 11:20:26 +02:00
Alexandre Dulaunoy 38071f4bd9
chg: [forensic-evidence] updated to include other tools and correlation disabled for some fields 2018-09-04 20:48:51 +02:00
Alexandre Dulaunoy 3a81765d8f
jq all the things (tm) 2018-09-04 20:40:16 +02:00
aksha d2550dffb6 update: Forensic-evidence object 2018-09-04 14:18:30 +01:00
aksha 4e66e692d4 fixed intendation 2018-09-04 12:46:00 +01:00
aksha 7ee2ff1901 Add: Object template for digital evidence 2018-09-04 12:31:13 +01:00
Aks6193 d92e482a96
Merge pull request #1 from MISP/master 
chg: [forensic-case] object added based on the original one from @Aks…
 2018-09-03 20:01:41 +01:00
Alexandre Dulaunoy 0c98a925f3
chg: [forensic-case] object added based on the original one from @Aks6193 
The idea is to separate the evidences from the case itself as you can
have multiple acquisitions for a specific case. Another object template
is required such as [forensic-evidence] to be able to link between the
forensic-case object and one or more evidences.
 2018-09-03 13:54:59 +02:00
aksha b83e98bbd4 Add: Misp object for Digital Forensic - Case metadata 2018-09-03 11:28:40 +01:00
Alexandre Dulaunoy e90b1ce457
chg: [ja3] categories removed (default attributes categories will be used) 
Fix MISP/MISP/issues/3593
 2018-08-28 14:30:29 +02:00
Alexandre Dulaunoy ab58f01666
chg: [geolocation] disable correlation on specific attributes 2018-08-15 18:34:35 +02:00
Alexandre Dulaunoy 487ff53afe
fix: [geolocation] to include accuracy-radius as described by maxmind geoip2 API 2018-08-15 18:26:10 +02:00
Alexandre Dulaunoy 0b164141af
chg: [vehicle] Vehicle object template to describe a vehicle information and registration 2018-08-04 15:39:38 +02:00
Deborah Servili 60010ce556
fix file object version 2018-07-27 15:19:15 +02:00
Deborah Servili 4e23159cb0
fix RequiredOneOf list in fle object 2018-07-27 15:15:47 +02:00
Deborah Servili c1f5e7342b
url is not a field of email object, then not one of the requiredOneOf 2018-07-26 15:49:44 +02:00
Alexandre Dulaunoy 3aa3247b09
chg: [paste object] add a link attribute when the paste reference is not malicious 2018-07-26 14:06:39 +02:00
Alexandre Dulaunoy 51d8e83b1f
Merge branch 'master' of github.com:MISP/misp-objects 2018-07-20 10:18:33 +02:00
Alexandre Dulaunoy 9a72b53923
chg: allow multiple domains too fix #108 2018-07-20 10:12:09 +02:00
Andras Iklody 5af0d31c49
Allow multiple "pattern-in-file" in file object, fixes #109 2018-07-20 07:03:22 +02:00
Alexandre Dulaunoy 6bfa279701
new: [short-message-service] Short Message Service (SMS) object template describing one or more SMS message added 2018-07-18 09:52:31 +02:00
Raphaël Vinot 0244bce6ef new: threatgrid-report object template 2018-07-16 13:48:56 +02:00
Alexandre Dulaunoy 9918cc393d
chg: [coin-address] ETN symbol added 2018-07-13 17:07:35 +02:00
Alexandre Dulaunoy 88819d6fa3
chg: [exploit-poc] a same context can contains multiple PoC samples 2018-07-10 09:32:12 +02:00
Alexandre Dulaunoy 021b06bacd
new: exploit-poc object describing a proof of concept or exploit of a vulnerability. This object has often a relationship with a vulnerability object. 2018-07-10 07:41:09 +02:00
Alexandre Dulaunoy 856cec8d09
chg: [vulnerability] is now in its own vulnerability meta-category 2018-07-10 07:38:28 +02:00
Alexandre Dulaunoy 9eb578d747
chg: [vulnerability] updated following NATO and CIRCL feedback 
- CVSS score added
- CVSS string added
- credit attribute added
- text -> description
- vulnerability attribute can now be any format (not only the CVE
format)
 2018-07-10 07:21:36 +02:00
Alexandre Dulaunoy 2b5592cfa6
fix: [suricata] allow multiple Suricata rules in the object (similar context) and fix the rule to be in Snort format 
Fix #106
 2018-07-09 21:50:44 +02:00
Alexandre Dulaunoy 6c36a1df69
chg: [coin-address] XMR type address added in addition to the default Bitcoin address format 2018-07-04 11:10:50 +02:00
Alexandre Dulaunoy 3b21125acd
add: missing timesketch-timeline object template 2018-06-22 07:44:20 +02:00
Alexandre Dulaunoy d9a616095a
Chg: jq all the things 2018-06-19 21:11:24 +02:00
AH 7d1e3747d0 STIX AIS Information source 2018-06-18 19:24:31 -04:00
Thirion Aurélien d2c9ae007a
modify ail-leak object for the tagging system 2018-06-12 11:47:44 +02:00
Alexandre Dulaunoy b6f12a9f46
chg: new script template object 
Object describing a computer program written to be run in a special run-time environment. The script or shell
script can be used for malicious activities but also as support tools for threat analysts.

Fix #101
 2018-06-09 11:36:58 +02:00
Alexandre Dulaunoy 1ca25a39ad
fix: missing ui-priority 2018-06-09 10:59:01 +02:00
Alexandre Dulaunoy 07f41b0444
chg: EPSG and spacial-reference add fix #102 
Following feedback during the last ENISA Cyber Europe 2018, we updated
the geolocation object to the following:

 - Fixing ui-priority to ensure lat,long in order
 - Adding the ability to specify an EPSG value instead of coordinates
 (handy if you want to quickly express a known location/area)
 - Set a default spacial-reference to avoid confusion between reported
 value from GPS versus values projected into a specific spacial
 projection. default is WGS-84.
 2018-06-09 10:46:12 +02:00