MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity
1,163 Commits
6 Branches
44 Tags
11 MiB
Commit Graph

1163 Commits (7e65e5dfaf319933bb4028e4a56894079f9d6e1d)

Author SHA1 Message Date
seamus tuohy 7e65e5dfaf Updated for support for msg format. 
Adding first class support for Emails in .msg format to the email definition.
This includes making the  attribute support multiple bodies. Msg formats
nearly always have at least 2, if not 3, versions of the body (plain text, rtf, html).
 2020-12-19 17:03:26 -05:00
Alexandre Dulaunoy 27a554ab12
chg: [cpe-asset] updated 2020-10-16 12:31:44 +02:00
Alexandre Dulaunoy 89f4f6dbc1
new: [cpe-asset] an asset as defined with a CPE value 
This object was created to support the use-case of pisax.org for the
following use-case:

 - They define well-known assets which are used by IXPs and GRXs via
 their CPEs;
 - The assets are defined in a set of fixed/master MISP events;
 - Those events are used to query NVD/CVE database via cve-search
 (https://github.com/cve-search/cve-search) using a PyMISP script
 - Then the CVEs matching the CPE are added in MISP and dispatched to the
 sharing community of users as specific MISP events.

Ref: PISAX - pan-European Information Sharing and Analysis Center (ISAC) to IXPs and GRXs
Ref: https://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir7695.pdf ((NIST Interagency Report 7695))
 2020-10-16 09:21:40 +02:00
Alexandre Dulaunoy 141a8d2e2f
chg: [vulnerability] fixed 2020-10-15 22:49:29 +02:00
Alexandre Dulaunoy 25c888cecb
chg: [vulnerability] vulnerable_configuration are now cpe type 2020-10-15 22:40:50 +02:00
Alexandre Dulaunoy 5c935172ea
chg: [file] because sorted is always better 2020-10-13 22:47:10 +02:00
Alexandre Dulaunoy 0196285c0f
chg: [file] imphash and telfhash added 2020-10-13 22:46:24 +02:00
Alexandre Dulaunoy 5d8bdd1e46
chg: [attribute type] new telfhash added 2020-10-13 22:35:27 +02:00
Alexandre Dulaunoy 8ee7728e84
chg: [gitlab-user] because -r is important 2020-10-07 09:20:54 +02:00
Alexandre Dulaunoy b4d21455fd
new: [gitlab-user] GitLab user. Gitlab.com user or self-hosted GitLab instance object template 2020-10-07 09:13:29 +02:00
Alexandre Dulaunoy d2cfeb7c3e
chg: [type] new type added 2020-10-01 15:09:08 +02:00
Alexandre Dulaunoy e6fd3867e8
chg: [doc] object lists updated 2020-09-24 19:50:28 +02:00
Raphaël Vinot e7b71d5df7
Merge pull request #295 from rhallick/intel471-1 
Addition of intel471-vulnerability-intelligence object
 2020-09-24 08:46:30 +02:00
Richard Hallick 6669d6ba86 .DS_Store file removed. 
.DS_Store file removed.
 2020-09-23 16:17:06 +01:00
Richard Hallick f6f419cadc Addition of Intel 471 vulnerability intelligence object 
Intel 471 object to contain structured vulnerability related data.
 2020-09-23 13:20:33 +01:00
Richard Hallick f116494ac9 Addition of intel471-vulnerability-intelligence object 
Intel 471 object to contain structured vulnerability related data.
 2020-09-23 13:02:02 +01:00
Alexandre Dulaunoy bd6aad0cd9
Merge branch 'main' of github.com:MISP/misp-objects into main 2020-09-17 08:19:03 +02:00
Alexandre Dulaunoy 4828fea3b7
chg: [github-user] reflect the API fields 2020-09-17 07:24:30 +02:00
Raphaël Vinot e009365d61 chg: Sort json 2020-09-16 15:17:43 +02:00
Alexandre Dulaunoy 794f9e7c43
chg: [keybase] be consistent with keybase API 2020-09-16 14:49:08 +02:00
Alexandre Dulaunoy 9cc343781f
chg: [keybase-account] at least username is required 2020-09-16 14:45:37 +02:00
chrisr3d 054899d28b
fix: JSON Validation 2020-09-09 10:36:20 +02:00
chrisr3d 3fce227f39 Merge branch 'main' of github.com:MISP/misp-objects into main 2020-09-09 10:11:58 +02:00
chrisr3d cadaa5d8c9
fix: Disabling correlation for all the bgp-ranking object attributes 2020-09-09 10:09:07 +02:00
Alexandre Dulaunoy bb26860669
Merge branch 'main' of github.com:MISP/misp-objects into main 2020-09-09 08:12:55 +02:00
Alexandre Dulaunoy ca7ed9b396
new: [github-user] a GitHub user object template 
Based on the information seen on the web interface.

TODO: Check the GitHub API and review the information available.
 2020-09-09 07:40:03 +02:00
Alexandre Dulaunoy 31586921b2
chg: [twitter-account] incorrect description fixed 2020-09-09 07:24:03 +02:00
chrisr3d 404b0e4c4f
add: Description of the bgp-ranking new object added to the list of objects 2020-09-08 14:31:59 +02:00
Alexandre Dulaunoy 778befce6c
Merge pull request #293 from MISP/chrisr3d_patch 
BGP Ranking object & relationships
 2020-09-08 13:18:33 +02:00
chrisr3d c798055e5e
add: Added specific relationship between an asn object and the recently added bgp-ranking object 2020-09-08 12:12:59 +02:00
chrisr3d 34d4915a1d
add: Added some relationships introduced recently in misp modules 2020-09-08 12:12:25 +02:00
chrisr3d 2671039cec
fix: JSON validation 2020-09-08 12:11:50 +02:00
chrisr3d 77fc1e0d97 Merge branch 'main' of github.com:MISP/misp-objects into chrisr3d_patch 2020-09-08 11:53:41 +02:00
chrisr3d 33cf33dc24
add: Added an IP address family attribute to describe the address family concerned by the BGP ranking 2020-09-08 11:52:39 +02:00
Raphaël Vinot 6c98bf536f fix: Incorrect relationships in requiredoneof field 2020-09-08 11:17:57 +02:00
Raphaël Vinot 8eeb981c9e fix: Validate json 2020-09-08 10:49:48 +02:00
chrisr3d 0ba4909549
add: First version of a BGP ranking object to represent the ranking of an ASN at a specific point of time 
- We can then associate as many bgp-ranking
  objects as we need to the corresponding  ASN
  object, each one of them being the ranking of
  the ASN for a given day
 2020-09-07 23:56:10 +02:00
Alexandre Dulaunoy e3d235ca6e
chg: [relationships] leaks, leaked-by doxed-by 2020-09-07 14:42:39 +02:00
Alexandre Dulaunoy 044b89432e
chg: [schema] updated 2020-09-04 16:36:53 +02:00
Alexandre Dulaunoy ceefcddf80
Merge pull request #291 from MISP/chrisr3d_patch 
Normalisation of the object relations for some object + small change on an attribute of the ip-port object
 2020-09-03 14:35:10 +02:00
chrisr3d e2f062e477
fix: Validation issue fixed 2020-09-03 14:21:06 +02:00
chrisr3d e743d7d013
fix: Normalised object relations of the ilr objects 
- Using dash as separator instead of space
 2020-09-03 14:14:01 +02:00
chrisr3d 2c64f6e04a
fix: Normalised object relations of the vehicle object 
- Using dash as separator instead of space
 2020-09-03 14:12:59 +02:00
chrisr3d 3a7eb020e6
fix: Normalised object relations of the phishing objects 
- Using dash as separator instead of space
 2020-09-03 14:12:05 +02:00
chrisr3d 73ced3e75c
fix: Normalised object relations of the ip-api-address object 
- Using dash as separator instead of space
 2020-09-03 14:10:02 +02:00
chrisr3d 7865f4110d
chg: Making source port attribute multiple in the ip-port object 2020-09-03 14:08:36 +02:00
Alexandre Dulaunoy 7fe39ca8f6
chg: [keybase] newline issue 2020-09-03 12:23:13 +02:00
Alexandre Dulaunoy 3d530764b5
chg: [keybase-account] meta category updated 2020-09-03 12:19:36 +02:00
Alexandre Dulaunoy bc59103f84
chg: [jq] all the things 2020-09-03 12:11:20 +02:00
Alexandre Dulaunoy 519ca09b25
Merge branch 'C00kie--main' into main 2020-09-03 12:09:44 +02:00