Alexandre Dulaunoy
d4a5bcf70c
fix: [ctf-challenge] JSON jqed
2024-09-20 06:31:54 +02:00
rectifyq
8cbcba4b5d
new: [misp-object] New ctf-challenge object
2024-09-20 03:51:10 +00:00
Alexandre Dulaunoy
c90bcd9402
new: [attacker-infra] added for the MISP-LEA project
2024-09-19 15:32:29 +02:00
Alexandre Dulaunoy
81968ba088
chg: [shadowserver-scan-http-proxy] new template for MISP-LEA project
2024-09-19 15:23:19 +02:00
Alexandre Dulaunoy
7bef45c74d
chg: [user-action] fixed
2024-09-19 09:15:54 +02:00
Alexandre Dulaunoy
3d07f2ddc6
new: [user-action] new user-action object added
2024-09-19 09:09:40 +02:00
Alexandre Dulaunoy
e1c145f6c2
Merge pull request #439 from julienloizelet/feat/update-crowdsec-object
...
feat(crowdsec): Add attributes to crowdsec-ip-context object
2024-08-23 06:36:15 +02:00
Julien Loizelet
fa2973b502
feat(crowdsec): Add attributes to crowdsec-ip-context object
2024-08-23 11:24:15 +09:00
Alexandre Dulaunoy
ee3318c15b
chg: [ADS] updated
2024-08-22 10:56:11 +02:00
Alexandre Dulaunoy
201dc30c8a
Merge branch 'main' of https://github.com/th3r3d/misp-objects into th3r3d-main
2024-08-22 10:55:37 +02:00
th3r3d
1e01268720
Updated UUID
...
Updated UUID to last version.
2024-08-17 11:02:03 +02:00
th3r3d
c7445733b3
Update ADS to v2
...
Added Categorization Others for more granular view of MITRE Att&ck TTP used
2024-08-16 15:27:34 +02:00
Alexandre Dulaunoy
51165e279a
chg: [google-threat-intelligene-report] JSON clean-up
2024-08-06 18:21:05 +02:00
Daniel Pascual
4020992286
Add Google Threat Intelligence report
2024-08-06 18:10:00 +02:00
Alexandre Dulaunoy
e46ddddb4f
chg: [network-profile] new-line
2024-08-06 17:57:11 +02:00
Thomas Dupuy
14c2bd9b5f
upd: [network-profile] add Yandex in `service-abuse` list.
2024-08-05 14:14:17 -04:00
Alexandre Dulaunoy
b58fd9afaf
chg: [pe-optional-header] jq all the things
2024-07-26 16:39:28 +02:00
Raphaël Vinot
93977fe6ef
fix: address_of_entrypoint -> address-of-entrypoint
2024-07-26 15:49:41 +02:00
Christian Studer
6165affd5b
fix: [pe-optional-header] Added missing `disable_correlation` flag
2024-07-26 08:58:27 +02:00
Christian Studer
ea50f6f1de
fix: [pe-optional-header] Added a few missing `disable_correlation` flags
2024-07-26 08:55:14 +02:00
Christian Studer
f3bc011d84
fix: [pe-optional-header] Bumped version
2024-07-25 10:42:59 +02:00
Christian Studer
ecb061bb1b
fix: [pe-optional-header] Updated object template
...
- Harmonised object relations to match with the
`pe` template object relations, especially the
ones for hex values
- Added object relations for `magic` value and
`subsystem` hex value
2024-07-25 10:34:05 +02:00
Christian Studer
d062743502
chg: [pe] Updated `pe` object template
...
- Added object relation for machine type hex value
- Harmonised object relations
2024-07-24 12:13:50 +02:00
Alexandre Dulaunoy
454285fea5
chg: [ddos-config] as the config is mainly describing targets
...
to_ids and correlation don't make a lot of sense
2024-07-18 15:10:13 +02:00
Alexandre Dulaunoy
0833c40b05
fix: [ddos-config] `ui-priority` added
2024-07-18 12:16:39 +02:00
Alexandre Dulaunoy
2220f14ca4
new: [ddos-config] generic ddos configuration from ddos related binaries
2024-07-18 12:08:43 +02:00
Alexandre Dulaunoy
5c534d3701
chg: [ja4-plus] jq all the things
2024-06-26 18:15:04 +02:00
Alexandre Dulaunoy
f93466cb3c
chg: [ja4-plus] version fixed
2024-06-26 18:08:59 +02:00
Alexandre Dulaunoy
610d5abe34
chg: [ja4-plus] template name fixed
2024-06-26 18:08:14 +02:00
Alexandre Dulaunoy
467c9b43ed
new: [ja4-plus] new MISP object template to describe JA4+ fingerprints
...
fix: https://github.com/MISP/MISP/issues/9759
2024-06-26 18:04:30 +02:00
Alexandre Dulaunoy
5a54cf6505
chg: [phishing] add an IP field for phishing website hosted on IP address or where the IP is important for the analytics
2024-06-25 09:11:17 +02:00
Alexandre Dulaunoy
e3288ef6e5
fix: [ddos-claim] descriptions fixed following CERT-SE feedback
2024-06-18 09:52:57 +02:00
Alexandre Dulaunoy
1af532033b
fix: [ddos-claim] clarify the validity based on CERT-EU feedback
2024-06-14 08:09:20 +02:00
Alexandre Dulaunoy
386530d73a
new: [ddos-claim] new object added describing DDoS claim (a discussed st
...
FIRST2024
2024-06-14 07:42:28 +02:00
samitainio
23faffab2e
chg: remove categories and object_relation definitions from phone-number
2024-06-09 22:39:41 +03:00
samitainio
0b971906ad
Add: phone-number object
2024-06-09 22:30:04 +03:00
Alexandre Dulaunoy
ffd9120eb1
fix: [research-scanner] version updated
2024-05-27 10:22:53 +02:00
Martin Waleczek
97eb9b974d
add 'hostname' for scanning host to object 'research-scanner'
2024-05-24 10:20:40 +02:00
Alexandre Dulaunoy
a193e03ad2
chg: [cs-beacon-config] encoded-data as file attachment instead of text
...
As encoded-data might be large and not really useful to be displayed in
the UI of MISP. We moved it to an `attachment` attribute type.
We keep the `attachment` as Base64 to avoid any risk of people
downloading or executing as potential malicious file. So it MUST be
encoded in Base64 as it was before.
2024-05-07 09:36:13 +02:00
Alexandre Dulaunoy
e65878874e
chg: [organization] add a MISP UUID if present
2024-05-03 22:04:04 +02:00
iglocska
73d94b8e2d
fix: [jq] all the things
2024-05-02 13:23:48 +02:00
Andras Iklody
da5a569784
organization object
...
- Added "private" to the list of sectors as suggested by Monsieur Hamm.
2024-05-02 13:18:19 +02:00
Alexandre Dulaunoy
c83372377e
chg: [registry-key] jq all the things
2024-04-25 11:20:46 +02:00
Christophe Vandeplas
28328aa53d
chg: [registry-key] added Artifacts dropped as potential category
2024-04-25 11:18:26 +02:00
Alexandre Dulaunoy
2061c353fe
fix: [ransomware-group-post] added the missing descriptions for `actor-geo-stats-30d` and `actor-total-stats-30d`
2024-04-24 16:47:47 +02:00
Alexandre Dulaunoy
42b48439da
chg: [ransomware-group-post] severity field sane default added
2024-04-24 16:42:39 +02:00
Alexandre Dulaunoy
9f98d15a6f
fix: [cs-beacong-config] typo fixed
2024-04-24 16:29:33 +02:00
Alexandre Dulaunoy
f3724ad19b
fix: [cs-beacon-config] updated the NAICS description
2024-04-24 16:23:53 +02:00
Alexandre Dulaunoy
7f95d3290a
chg: [cs-beacon-config] major update following shadowserver.org requirements
...
- Fixed some matching type instead of text (like size-in-bytes or integer)
- Added many fields and replace name with `_` to `-`
- Added some basic description
2024-04-24 16:19:47 +02:00
Alexandre Dulaunoy
3d78e17c4b
chg: [ransomware-group-post] updated with shadowserver object template
...
format
- underscores replaced with hyphen
- descriptions added
- decorrelation added for some fields
2024-04-24 15:19:02 +02:00