Alexandre Dulaunoy
|
c3618fcf52
|
new: [imsi-catcher] object based on the output format of IMSI-catcher open source tools
The object has been created to show the flexibility of the object
template during the PassTheSalt 2019 conference and the D4 presentation.
|
2019-07-02 10:19:54 +02:00 |
Alexandre Dulaunoy
|
2b3dafc8a0
|
Merge pull request #185 from ater49/master
Adding IIN and bank_name in objects
|
2019-06-18 23:56:13 +02:00 |
ater49
|
e2f12cebd6
|
Adding IIN and bank_name
|
2019-06-18 21:45:42 +02:00 |
ater49
|
b4810ec0a5
|
Merge pull request #2 from MISP/master
update
|
2019-06-18 21:41:19 +02:00 |
Alexandre Dulaunoy
|
41a6d596ff
|
chg: [rogue-dns] new object template expressing rogue dns
Thanks to CERT.br for the contribution
|
2019-06-18 17:39:47 +02:00 |
Alexandre Dulaunoy
|
7a01bff00f
|
chg: [relationships] screenshot-of added to the list of default relationships
|
2019-06-01 11:17:33 +02:00 |
Alexandre Dulaunoy
|
e7bb12af7d
|
chg: [shell-commands] fix typo in object name
|
2019-06-01 10:13:06 +02:00 |
Alexandre Dulaunoy
|
a9b5c4136f
|
chg: [doc] shell-commands object added
|
2019-06-01 10:06:00 +02:00 |
Alexandre Dulaunoy
|
48c64c52fc
|
new: [shell-commands] Object describing a series of shell commands executed. This object can be linked with malicious files in order to describe a specific execution of shell commands.
|
2019-06-01 10:04:46 +02:00 |
Alexandre Dulaunoy
|
a1b2db8fd1
|
chg: [script] requiredOneOf for script or filename
Malicious scripts can be received without having a filename.
|
2019-05-23 11:24:05 +02:00 |
Alexandre Dulaunoy
|
816f38c61e
|
chg: [doc] ssh-authorized-keys object template added
|
2019-05-19 17:54:50 +02:00 |
Alexandre Dulaunoy
|
be7e37200a
|
add: [ssh-authorized-keys] object to add elements from SSH authorized
keys (and do correlation for fun-and-profit(tm))
|
2019-05-19 17:47:51 +02:00 |
Alexandre Dulaunoy
|
d922d3eaa5
|
chg: [person] Gender unknown added
This has been added when investigation is ongoing and
alias is know but gender is unknown discovered during
Enforce training.
topic:enforce
|
2019-05-16 15:08:43 +02:00 |
Alexandre Dulaunoy
|
e066df4e6d
|
chg: [microblog] state field added to describe if the tweet is malicious
or just OSINT.
|
2019-05-09 17:35:14 +02:00 |
Alexandre Dulaunoy
|
53e67b0131
|
chg: [authenticode] signerinfo template added
|
2019-05-06 07:17:11 +02:00 |
Alexandre Dulaunoy
|
230122493c
|
chg: [authenticode-signerinfo] first version
|
2019-05-06 07:10:33 +02:00 |
Alexandre Dulaunoy
|
8f951e8450
|
chg: [jq] jq all the things(tm)
|
2019-05-05 12:33:59 +02:00 |
Alexandre Dulaunoy
|
cce77727d6
|
chg: [x509] improve X.509 certificate description to match required ones
from LIEF (as discussed in #180).
|
2019-05-05 12:31:41 +02:00 |
Alexandre Dulaunoy
|
79ab435903
|
Merge pull request #181 from ater49/master
Adding registration-date in domain-ip
|
2019-05-04 09:35:11 +02:00 |
ater49
|
a2bec8571b
|
Correcting "_" to "-" in fields name
|
2019-05-03 22:12:08 +02:00 |
ater49
|
424900b02d
|
Adding registration-date to domain-ip
|
2019-05-03 22:08:44 +02:00 |
Raphaël Vinot
|
f2e8195d50
|
new: Add offset, virtual_address and virtual_size to the pe section object
Related to https://github.com/MISP/PyMISP/issues/388
|
2019-05-03 11:19:42 +02:00 |
Alexandre Dulaunoy
|
e76e492894
|
chg: [regripper] version updated
|
2019-05-01 21:32:14 +02:00 |
Alexandre Dulaunoy
|
b7c13e4045
|
Merge pull request #179 from mtday/fix-empty-misp-attribute
Attribute Fixes
|
2019-05-01 21:30:37 +02:00 |
mday
|
71b4e71ab1
|
update the misp-attribute to specify a valid value instead of an empty string
|
2019-05-01 14:11:30 -05:00 |
Alexandre Dulaunoy
|
3c5035a61f
|
Merge pull request #178 from mtday/fix-missing-required-attribute
Fix Missing Required Attributes
|
2019-04-30 21:27:39 +02:00 |
mday
|
baae683771
|
update the definition files of various object types so that the `required` and `requiredOneOf` lists no longer specify attributes that do not exist in the objects.
|
2019-04-30 12:32:22 -05:00 |
Alexandre Dulaunoy
|
0f6fdee7f3
|
chg: [irc] add nickname used for associated IRC server and channel(s)
|
2019-04-27 10:32:10 +02:00 |
Alexandre Dulaunoy
|
1966d4d5f0
|
add: [irc] IRC object to describe an IRC server with associated IRC channels
|
2019-04-27 10:28:50 +02:00 |
Alexandre Dulaunoy
|
b656cc532d
|
chg: [device] name of an object must be lowercase
|
2019-04-21 15:57:07 +02:00 |
Alexandre Dulaunoy
|
025a9a9323
|
chg: [doc] phishing-kit object added to the list
|
2019-04-21 15:56:23 +02:00 |
Alexandre Dulaunoy
|
3dcb1725ae
|
chg: [phishing-kit] small typo fixed in the description
|
2019-04-21 15:52:57 +02:00 |
Alexandre Dulaunoy
|
bb7e8f27f8
|
chg: [tools] remove trailing dot if presents
|
2019-04-21 15:51:57 +02:00 |
Raphaël Vinot
|
a6ed6df86a
|
Merge branch 'master' of github.com:MISP/misp-objects
|
2019-04-18 11:15:56 +02:00 |
Raphaël Vinot
|
371ffe77fb
|
chg: Allow to create a file object with a non-malicious file.
Fix #175 #176
|
2019-04-18 11:14:22 +02:00 |
Andras Iklody
|
92d15c5efe
|
Merge pull request #177 from haxpak/haxpak/update-device
Haxpak/update device
|
2019-04-16 07:43:01 +02:00 |
Andras Iklody
|
1c8d7552a6
|
Merge pull request #174 from haxpak/haxpak/relationship-executes
Haxpak/relationship executes
|
2019-04-16 07:42:48 +02:00 |
Andras Iklody
|
ed271a3b7d
|
Merge pull request #173 from haxpak/master
added option "Further Analysis Required" to attribute stage of object course-of-action
|
2019-04-16 07:42:32 +02:00 |
haxpak
|
4066da31e4
|
changed device type drop down from category to sane_default
|
2019-04-16 08:31:43 +05:30 |
haxpak
|
befa47d2c5
|
[added] relationship 'executes' : Describes a an object that executes another object
|
2019-04-15 18:04:44 +05:30 |
haxpak
|
2d6522887d
|
added relationship "executes"
|
2019-04-15 18:00:21 +05:30 |
haxpak
|
89b8e10fbe
|
added option "Further Analysis Required" to attribute stage
|
2019-04-15 17:41:39 +05:30 |
Andras Iklody
|
3a82eb6b1a
|
Merge pull request #172 from haxpak/haxpak/#24
updated device object
|
2019-04-15 10:53:00 +02:00 |
Andras Iklody
|
a8e89e3eaa
|
Merge branch 'master' into haxpak/#24
|
2019-04-15 10:52:48 +02:00 |
Andras Iklody
|
f5555225aa
|
Merge pull request #170 from haxpak/haxpak-objects
Haxpak objects
|
2019-04-15 10:37:58 +02:00 |
haxpak
|
9f4e7737a1
|
added attribute DNS name to device object
changed MAC address misp attribute to mac-address
|
2019-04-15 10:33:08 +05:30 |
haxpak
|
3cef676f34
|
added OS, version, dns-name attribute to device
changed misp-attribute of mac-address from text to mac-address
|
2019-04-15 10:29:09 +05:30 |
haxpak
|
836bd04a75
|
meta category for organization changed back to misc since schema_objects.json does not recognize organization as a meta category
|
2019-04-14 11:32:55 +05:30 |
haxpak
|
2053c17fa4
|
corrected typo
|
2019-04-14 11:27:29 +05:30 |
haxpak
|
4f1745a095
|
added meta category organization
|
2019-04-14 11:26:12 +05:30 |