Christian Studer
ae62d5f9b3
fix: [impacts] Typo
2023-06-22 15:50:54 +02:00
Christian Studer
49a715e1cf
fix: [confidentiality-impact] JQed
2023-06-22 15:41:06 +02:00
Christian Studer
e3556784b5
wip: [task] New object template for tasks as described in STIX 2.1 Incident object extensions
2023-06-22 15:39:02 +02:00
Christian Studer
3c17729f0e
wip: [impacts] New template for different types of impacts as described in STIX 2.1 Incident object extensions
2023-06-22 15:16:48 +02:00
Christian Studer
c5c8f35fb4
wip: [event] New object template to describe events that can happen during an incident
2023-06-22 12:28:47 +02:00
Christian Studer
1a05a9f253
add: [incident] Added the required object relation
2023-06-22 12:28:04 +02:00
Christian Studer
ef04ff8020
add: [incident] Incident object based on the STIX 2.1 Incident object as well as its core extension
2023-06-21 16:32:30 +02:00
Christian Studer
f6d069dc3d
fix: [organization] Fixed missing comma
...
- Managed to improve the description too
2023-06-15 13:51:08 +02:00
Christian Studer
1f3b9312cc
add: [organization] Added the generic `contact_information` and `sector` fields for an organization
2023-06-15 13:27:55 +02:00
Alexandre Dulaunoy
e26541e89e
Merge branch 'main' of github.com:MISP/misp-objects into main
2023-06-14 19:21:37 +02:00
Alexandre Dulaunoy
5d307f7c30
chg: [cookie] cookie can be also only a key or a value
...
This change is required for the AIL project export
2023-06-14 17:36:22 +02:00
Michael Trenker
241f4455ac
ran jq_all_the_things.sh
2023-06-14 11:54:46 +00:00
Michael Trewen
25e1790e74
jq
2023-06-13 19:15:23 +02:00
Michael Trewen
71cc235a5d
new:added Diamond Object
2023-06-13 10:47:28 +02:00
Christian Studer
ec8645f421
add: [crowdsec-ip-context] Added the `false-positives` attribute that comes alongside with the `classifications`
2023-05-26 14:17:10 +02:00
Christian Studer
35285505a1
add: [crowdsec-ip-context] Added the classifications multiple attribute
2023-05-24 16:29:06 +02:00
Alexandre Dulaunoy
61608e5d44
chg: [scan-result] updated list of potential scanning tool
...
Source: https://gist.github.com/SteveClement/baf3a9ae0ba030283ecc30acd6f7c2ae
2023-05-24 11:03:47 +02:00
Alexandre Dulaunoy
20f567757d
chg: [scan-result] jq all the things
2023-05-22 14:08:34 +02:00
Alexandre Dulaunoy
e33e893b44
new: [scan-result] object for scanning result
...
This is the metadata of a scanning result including the raw output of
the scan result.
This objects can be used for tools like Nessus or even source code
scanner to share the details about a scan.
For additional information such IP address or alike, other objects will
be used with the proper relationship added.
2023-05-22 14:04:48 +02:00
goodlandsecurity
4e5719f29a
adding cobalt strike beacon config object
2023-05-19 14:07:24 -05:00
Alexandre Dulaunoy
a605792844
chg: [crowdsec] jq all the things
2023-05-12 10:34:19 +02:00
Alexandre Dulaunoy
b0e5f39f26
Update definition.json
2023-05-12 10:31:33 +02:00
Alexandre Dulaunoy
65f4be51d5
chg: [crowdsec] updated
2023-05-12 08:52:19 +02:00
Alexandre Dulaunoy
3d736c427c
new: [crowdsec-ip-context] new initial object for crowdsec expansion
2023-05-11 16:52:24 +02:00
Alexandre Dulaunoy
fd12a1bcd7
fix: [ai-chat-prompt] improved ai-chat-prompt template
2023-04-16 10:50:30 +02:00
Alexandre Dulaunoy
302697e045
chg: [ai-chat-prompt] ui-priority fixed
2023-04-15 16:38:13 +02:00
Alexandre Dulaunoy
b81698ae10
new: [ai-chat-prompt] new object template for AI chat prompt such as ChatGPT
...
Following a discussion with @aaronkaplan in Vienna, this object is a
first version to describe an AI chat prompt. The template can describe
the model used, the actual quality of results and also what's the actor
context.
Reference #388
2023-04-15 16:31:22 +02:00
Alexandre Dulaunoy
e1327d02bb
new: [risk-assessment-report] New object template Risk assessment report
...
To be used to share risk assessment report from risk assessment platform
such as [MONARC](https://github.com/monarc-project/ ).
This extension is done in the scope of the [NISDUC project](https://www.nisduc.eu/ ).
TODO: Maybe add a field for machine-readable version of the report
2023-04-13 10:41:39 +02:00
Christian Studer
9e4afdfb7a
add: [network-socket] Added MAC address attributes
...
- Even though they are not exactly part of the
socket fields, it could be interesting to have
them to have the information about them like
they are described within the packets that are
sent using the socket
2023-03-31 11:30:33 +02:00
Alexandre Dulaunoy
b49c6824ba
chg: [greynoise-intelligence] JSON fixed
2023-03-10 15:34:32 +01:00
Brad Chiappetta
9b74873fe5
add greynoise-ip object
2023-03-10 09:16:49 -05:00
Christian Studer
1da4760dcc
fix: [network-connection, network-socket] Bytes count if also better with an S
2023-03-07 23:26:51 +01:00
Christian Studer
437808339e
fix: [network-connection, network-socket] Packets count is better with an S
2023-03-07 23:19:08 +01:00
Christian Studer
1cab455a56
fix: [network-socket] Typo
2023-03-07 16:54:30 +01:00
Christian Studer
d71cdf367d
add: [network-socket] Added bytes & packets count object relations for both the source and destination
2023-03-07 16:49:06 +01:00
Christian Studer
1651281d0b
add: [network-socket] Added the first & last packet seen object relation and made the protocol attribute multiple
2023-03-07 16:48:00 +01:00
Christian Studer
57beac3bc7
add: [network-connection] Added bytes & packets count object relations for both the source and destination
2023-03-07 16:45:51 +01:00
Christian Studer
0e9ae98b49
add: [network-connection] Added a `last-packet-seen` attribute
2023-03-06 12:02:24 +01:00
Christian Studer
9c51feb43b
add: [network-connection] Added MAC address attributes
2023-03-03 14:55:09 +01:00
Christian Studer
4b5faf196b
add: [registry-key-value] New template to describe registry key values
...
- The `registry-key` object template includes
already the `data`, `data-type` & `name` fields
of a registry key value, but there is a
limitation in the case of multiple registry key
values
- In order to describe multiple registry key
values, instead of adding a simple `multiple`
field to the related and above mentioned fields,
it is better to use the `registry-key-value`
template so we know which data, data type and
name values are related to a given registry key
value
- It is then possible to have a reference between
the registry key object and the related values
2023-03-01 20:50:30 +01:00
Raphaël Vinot
f579209884
fix: forgot to jq all the things.
2023-03-01 15:13:39 +01:00
Raphaël Vinot
38cfc975b5
fix: [ais] invalid ref name in requirements
2023-02-28 13:14:13 +01:00
Raphaël Vinot
ba80167846
chg: rename AIS -> ais to match the directory name.
2023-02-28 13:10:31 +01:00
Christian Studer
79bf12de68
add: [directory] New object template for directories
2023-02-27 10:56:31 +01:00
Christophe Vandeplas
0c7eb831d8
chg: [AIS] Addition of AIS maritime ship identification and tracking
2023-02-25 18:48:11 +08:00
Christian Studer
892b7ee70f
add: [file] Added creation, modification & access time attributes
2023-02-20 19:31:59 +01:00
Alexandre Dulaunoy
d60112ee66
new: [ransomware-group-post] First draft object for ransomlook.io
2023-02-17 10:33:59 +01:00
Alexandre Dulaunoy
13f173a3ce
fix: [victim] format fixed
2023-02-02 10:58:30 +01:00
Alexandre Dulaunoy
89010c466c
Merge pull request #383 from nyx0/main
...
[victim] add information and cultural industries sector
2023-02-02 10:57:08 +01:00
Alexandre Dulaunoy
cd27802aab
fix: [objects description] ref #384 - Grammar fixes included in the JSON files.
2023-02-02 10:51:32 +01:00