Commit Graph

1309 Commits (639f5f305d75625e82b739ce24c3f539aa6ad740)

Author SHA1 Message Date
Alexandre Dulaunoy 7d8bac33a9
chg: [diameter-attack] jq all the things 2024-10-02 22:10:03 +02:00
Alexandre De Oliveira fe0aa7377a
Update definition.json - Diameter Object
Updating Diameter object with new fields to match SS7 object
2024-10-02 13:19:56 +02:00
Alexandre Dulaunoy d4a5bcf70c
fix: [ctf-challenge] JSON jqed 2024-09-20 06:31:54 +02:00
rectifyq 8cbcba4b5d new: [misp-object] New ctf-challenge object 2024-09-20 03:51:10 +00:00
Alexandre Dulaunoy c90bcd9402
new: [attacker-infra] added for the MISP-LEA project 2024-09-19 15:32:29 +02:00
Alexandre Dulaunoy 81968ba088
chg: [shadowserver-scan-http-proxy] new template for MISP-LEA project 2024-09-19 15:23:19 +02:00
Alexandre Dulaunoy 7bef45c74d
chg: [user-action] fixed 2024-09-19 09:15:54 +02:00
Alexandre Dulaunoy 3d07f2ddc6
new: [user-action] new user-action object added 2024-09-19 09:09:40 +02:00
Alexandre Dulaunoy e1c145f6c2
Merge pull request #439 from julienloizelet/feat/update-crowdsec-object
feat(crowdsec): Add attributes to crowdsec-ip-context object
2024-08-23 06:36:15 +02:00
Julien Loizelet fa2973b502
feat(crowdsec): Add attributes to crowdsec-ip-context object 2024-08-23 11:24:15 +09:00
Alexandre Dulaunoy ee3318c15b
chg: [ADS] updated 2024-08-22 10:56:11 +02:00
Alexandre Dulaunoy 201dc30c8a
Merge branch 'main' of https://github.com/th3r3d/misp-objects into th3r3d-main 2024-08-22 10:55:37 +02:00
th3r3d 1e01268720
Updated UUID
Updated UUID to last version.
2024-08-17 11:02:03 +02:00
th3r3d c7445733b3
Update ADS to v2
Added Categorization Others for more granular view of MITRE Att&ck TTP used
2024-08-16 15:27:34 +02:00
Alexandre Dulaunoy 51165e279a
chg: [google-threat-intelligene-report] JSON clean-up 2024-08-06 18:21:05 +02:00
Daniel Pascual 4020992286 Add Google Threat Intelligence report 2024-08-06 18:10:00 +02:00
Alexandre Dulaunoy e46ddddb4f
chg: [network-profile] new-line 2024-08-06 17:57:11 +02:00
Thomas Dupuy 14c2bd9b5f upd: [network-profile] add Yandex in `service-abuse` list. 2024-08-05 14:14:17 -04:00
Alexandre Dulaunoy b58fd9afaf
chg: [pe-optional-header] jq all the things 2024-07-26 16:39:28 +02:00
Raphaël Vinot 93977fe6ef fix: address_of_entrypoint -> address-of-entrypoint 2024-07-26 15:49:41 +02:00
Christian Studer 6165affd5b
fix: [pe-optional-header] Added missing `disable_correlation` flag 2024-07-26 08:58:27 +02:00
Christian Studer ea50f6f1de
fix: [pe-optional-header] Added a few missing `disable_correlation` flags 2024-07-26 08:55:14 +02:00
Christian Studer f3bc011d84
fix: [pe-optional-header] Bumped version 2024-07-25 10:42:59 +02:00
Christian Studer ecb061bb1b
fix: [pe-optional-header] Updated object template
- Harmonised object relations to match with the
  `pe` template object relations, especially the
  ones for hex values
- Added object relations for `magic` value and
  `subsystem` hex value
2024-07-25 10:34:05 +02:00
Christian Studer d062743502
chg: [pe] Updated `pe` object template
- Added object relation for machine type hex value
- Harmonised object relations
2024-07-24 12:13:50 +02:00
Alexandre Dulaunoy 454285fea5
chg: [ddos-config] as the config is mainly describing targets
to_ids and correlation don't make a lot of sense
2024-07-18 15:10:13 +02:00
Alexandre Dulaunoy 0833c40b05
fix: [ddos-config] `ui-priority` added 2024-07-18 12:16:39 +02:00
Alexandre Dulaunoy 2220f14ca4
new: [ddos-config] generic ddos configuration from ddos related binaries 2024-07-18 12:08:43 +02:00
Alexandre Dulaunoy 5c534d3701
chg: [ja4-plus] jq all the things 2024-06-26 18:15:04 +02:00
Alexandre Dulaunoy f93466cb3c
chg: [ja4-plus] version fixed 2024-06-26 18:08:59 +02:00
Alexandre Dulaunoy 610d5abe34
chg: [ja4-plus] template name fixed 2024-06-26 18:08:14 +02:00
Alexandre Dulaunoy 467c9b43ed
new: [ja4-plus] new MISP object template to describe JA4+ fingerprints
fix: https://github.com/MISP/MISP/issues/9759
2024-06-26 18:04:30 +02:00
Alexandre Dulaunoy 5a54cf6505
chg: [phishing] add an IP field for phishing website hosted on IP address or where the IP is important for the analytics 2024-06-25 09:11:17 +02:00
Alexandre Dulaunoy e3288ef6e5
fix: [ddos-claim] descriptions fixed following CERT-SE feedback 2024-06-18 09:52:57 +02:00
Alexandre Dulaunoy 1af532033b
fix: [ddos-claim] clarify the validity based on CERT-EU feedback 2024-06-14 08:09:20 +02:00
Alexandre Dulaunoy 386530d73a
new: [ddos-claim] new object added describing DDoS claim (a discussed st
FIRST2024
2024-06-14 07:42:28 +02:00
samitainio 23faffab2e chg: remove categories and object_relation definitions from phone-number 2024-06-09 22:39:41 +03:00
samitainio 0b971906ad Add: phone-number object 2024-06-09 22:30:04 +03:00
Alexandre Dulaunoy ffd9120eb1
fix: [research-scanner] version updated 2024-05-27 10:22:53 +02:00
Martin Waleczek 97eb9b974d add 'hostname' for scanning host to object 'research-scanner' 2024-05-24 10:20:40 +02:00
Alexandre Dulaunoy a193e03ad2
chg: [cs-beacon-config] encoded-data as file attachment instead of text
As encoded-data might be large and not really useful to be displayed in
the UI of MISP. We moved it to an `attachment` attribute type.

We keep the `attachment` as Base64 to avoid any risk of people
downloading or executing as potential malicious file. So it MUST be
encoded in Base64 as it was before.
2024-05-07 09:36:13 +02:00
Alexandre Dulaunoy e65878874e
chg: [organization] add a MISP UUID if present 2024-05-03 22:04:04 +02:00
iglocska 73d94b8e2d
fix: [jq] all the things 2024-05-02 13:23:48 +02:00
Andras Iklody da5a569784
organization object
- Added "private" to the list of sectors as suggested by Monsieur Hamm.
2024-05-02 13:18:19 +02:00
Alexandre Dulaunoy c83372377e
chg: [registry-key] jq all the things 2024-04-25 11:20:46 +02:00
Christophe Vandeplas 28328aa53d
chg: [registry-key] added Artifacts dropped as potential category 2024-04-25 11:18:26 +02:00
Alexandre Dulaunoy 2061c353fe
fix: [ransomware-group-post] added the missing descriptions for `actor-geo-stats-30d` and `actor-total-stats-30d` 2024-04-24 16:47:47 +02:00
Alexandre Dulaunoy 42b48439da
chg: [ransomware-group-post] severity field sane default added 2024-04-24 16:42:39 +02:00
Alexandre Dulaunoy 9f98d15a6f
fix: [cs-beacong-config] typo fixed 2024-04-24 16:29:33 +02:00
Alexandre Dulaunoy f3724ad19b
fix: [cs-beacon-config] updated the NAICS description 2024-04-24 16:23:53 +02:00