Commit Graph

306 Commits (5cd069acdda441aea62ba190d1b730b54c9ba766)

Author SHA1 Message Date
Alexandre Dulaunoy 5cd069acdd
fix: disable correlation on all filename-* 2017-12-24 15:05:12 +01:00
Alexandre Dulaunoy 3aea2f2950
fix: Disable correlation on filename by default 2017-12-24 15:02:47 +01:00
Alexandre Dulaunoy 1460d055a0
add: new stix2-pattern object to include STIX 2 patterning 2017-12-21 16:16:33 +01:00
Alexandre Dulaunoy 285635c04c
Merge pull request #61 from cvandeplas/master
whois - adds nameserver attributes
2017-12-20 22:19:11 +01:00
Christophe Vandeplas 9de7423501 whois - adds nameserver attributes
adding nameserver attributes as a whois response contains those
2017-12-20 15:22:45 +01:00
Alexandre Dulaunoy 871b86e35f
fix: Update registry-key to match correct MISP attributes 2017-12-18 14:16:36 +01:00
Alexandre Dulaunoy cf7aa00f98
chg: whois object now includes registrant-org matching new MISP
attributes type - whois-registrant-org
2017-12-18 14:04:53 +01:00
Alexandre Dulaunoy b85438fc45
Fix: x509 object now uses the new and proper fp type 2017-12-13 17:39:59 +01:00
Alexandre Dulaunoy de36d3b735
jq all the things! 2017-12-12 21:57:45 +01:00
Alexandre Dulaunoy 75f9af5464
Merge pull request #41 from truckydev/patch-1
regex addon
2017-12-12 21:42:13 +01:00
Raphaël Vinot 4a7bb59354 chg: Allow malware-sample as only attribute in file. 2017-12-12 17:16:47 +01:00
Alexandre Dulaunoy 4eac3539c4
Merge pull request #58 from c-goes/master
disable correlation for last-seen/first-seen/text
2017-12-05 11:33:59 +01:00
c-goes fbccdfef24 disable correlation for last-seen/first-seen/text 2017-12-05 11:05:56 +01:00
Alexandre Dulaunoy 2caceee940
android-permission and coin-address added 2017-12-04 16:15:07 +01:00
Alexandre Dulaunoy f5d1742bae
Merge pull request #57 from c-goes/coin-address
Coin address object
2017-12-04 16:00:22 +01:00
c-goes bc01c0c4b8 added coin-address object(2) 2017-12-04 15:43:49 +01:00
c-goes bb0788e267 added coin-address object 2017-12-04 15:37:39 +01:00
Alexandre Dulaunoy b4cae64392
Never trust standards using Google docs to store list of machine parsable information.
Another good reason, why all open vocabularies in OASIS should be
in parsable and validated JSON files. And not *bloody* list of words
in a Google doc.
2017-12-04 15:28:29 +01:00
Alexandre Dulaunoy c3f88d6901
State of the file is no more correlated - and default state value is Malicious. 2017-12-04 11:01:56 +01:00
Alexandre Dulaunoy e4f0270a42
Merge pull request #56 from c-goes/victim_wip
Victim object extended, attributes changed
2017-12-04 10:56:05 +01:00
c-goes 3fc7ce2f7d victim object: changed attributes, added object relations(2) 2017-12-04 10:49:44 +01:00
c-goes 7fadc89ed8 victim object: changed attributes, added object relations 2017-12-04 10:48:01 +01:00
Alexandre Dulaunoy 82f440931c
Disable correlation on classification on the victim object 2017-12-03 12:07:54 +01:00
Alexandre Dulaunoy a258d79fef
Typo fixed 2017-12-03 11:42:56 +01:00
Alexandre Dulaunoy e11e95415a
add: x509-fingerprint-sha1 added to file object description (e.g signed APK but not PE) 2017-12-03 11:36:22 +01:00
Alexandre Dulaunoy 04d38118d1
registar->registrar 2017-12-02 23:08:56 +01:00
Alexandre Dulaunoy 465251bf43
fix: update android permissions based on Google latest list 2017-11-28 15:59:01 +01:00
Alexandre Dulaunoy 2baad824b0
add: first version of an android permission(s) object 2017-11-28 15:24:47 +01:00
Alexandre Dulaunoy b83616d520
Merge pull request #54 from Delta-Sierra/master
ddos v5 - add destination domain attribute
2017-11-23 16:34:22 +01:00
Deborah Servili 0051ad8167 ddos v5 - add destination domain attribute 2017-11-23 14:43:04 +01:00
Alexandre Dulaunoy 56751a416e
Merge pull request #53 from c-goes/filenames_multiple
allow multiple filenames for file
2017-11-23 10:11:51 +01:00
c-goes 39319e1cd6 allow multiple filenames 2017-11-23 09:57:49 +01:00
Alexandre Dulaunoy 59edaa978f
raw data is now an attachment 2017-11-22 20:52:26 +01:00
Alexandre Dulaunoy b915869ab2
being lax on origin to avoid rebuilding url path for unknown services 2017-11-22 17:08:56 +01:00
Alexandre Dulaunoy 51e873760e
AIL leak template updated to include duplicate of leaks 2017-11-22 16:38:25 +01:00
Alexandre Dulaunoy 10028fb521
add: "followed-by" - "preceding-by" added as relationship type when the time is not known 2017-11-19 16:59:39 +01:00
Alexandre Dulaunoy 0f578a9993
asn added in the default objects 2017-11-19 16:49:50 +01:00
Alexandre Dulaunoy dd4e2d1977
fix: MISP type are case-sensitive - fixing AS number type 2017-11-19 10:22:32 +01:00
Alexandre Dulaunoy b046eb4ba7
fix: AIL leak object to include raw-data 2017-11-15 07:32:49 +01:00
Alexandre Dulaunoy 1fd5d4f6a7
fix: subnets announced is an ip-src type 2017-11-14 15:02:49 +01:00
Alexandre Dulaunoy 666c7a6916
added: Autonomous system object describing an autonomous system which can include one or more network operators management an entity (e.g. ISP) along with their routing policy, routing prefixes o
r alike.

Fix #50
2017-11-13 20:36:16 +01:00
Raphaël Vinot f9b2bdf22c chg: Fix logic in URL
Fix #21
2017-11-10 15:05:22 -08:00
Raphaël Vinot 805ed85bbe chg: Disable some correlations by default in URL
Fix #47
2017-11-10 15:02:37 -08:00
Raphaël Vinot dade532c1f Merge branch 'master' of github.com:MISP/misp-objects 2017-11-10 13:29:03 -08:00
Raphaël Vinot b4b3e685ea fix: requiredOneOf list of r2graphity was wrong
Fix #20
2017-11-10 13:28:05 -08:00
Alexandre Dulaunoy 66c4578f08
Merge pull request #49 from c-goes/master
Added file attribute screenshot to email object
2017-11-09 19:17:17 +01:00
c-goes 8e47b33787 Added file attribute screenshot to email object 2017-11-09 16:07:54 +01:00
Andras Iklody 6b43b68651
Merge pull request #48 from Delta-Sierra/master
allow multiple ips in domain|ip object
2017-11-07 10:08:24 +01:00
Deborah Servili 51f79bceba allow multiple ips in domain|ip object 2017-11-07 09:34:26 +01:00
Alexandre Dulaunoy f46343b2e2
Merge pull request #46 from Delta-Sierra/master
update ail-leak object
2017-11-06 16:20:25 +01:00