MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity
1,544 Commits
6 Branches
44 Tags
11 MiB
Commit Graph

1085 Commits (83930e211ff57b10966791412b38f9f957a3926c)

Author SHA1 Message Date
Vasileios Mavroeidis 0c54a39d37
Update definition.json 
The PR updates the security playbook object with improved semantics based on feedback we have received. 

The updated template has "one-to-one" mapping with the available STIX 2.1 ad-hoc extension for the COA SDO available here: https://github.com/fovea-research/stix2.1-coa-playbook-extension

This research (updated version 3) was partially supported by the research projects CyberHunt (Grant No. 303585 - funded by the Research Council of Norway) and JCOP (Grant No. INEA/CEF/ICT/A2020/2373266 - funded by the European Health and Digital Executive Agency through the Connected Europe Facility program).
 2022-05-18 13:56:59 +02:00
Alexandre Dulaunoy 7c7d1fbe98
chg: [paloalto-threat-event] Hungary access to the git repository has been sanctioned 2022-05-11 15:38:24 +02:00
Andras Iklody a5184c6746
chg: [paloalto-threat-event] version bump 
For instances that ingested it before the disable_correlation changes, they didn't take and ended up pushing a lot of correlating noise. This should resolve it for the future.
 2022-05-11 13:16:36 +02:00
matthijsvp b8456cf80b Ran validation 2022-05-07 08:00:38 +02:00
Matthijs van P 9e378c705f
Merge branch 'MISP:main' into main 2022-05-07 07:56:36 +02:00
Matthijs van P 109f78336b
Changed version to int. 2022-05-07 06:47:40 +02:00
Christian Studer f762d5b2a4
add: [passive-ssh] Added `port` attribute 2022-05-06 17:01:13 +02:00
matthijsvp 3f90f65508 Fixed spelling mistakes 2022-05-06 14:09:50 +02:00
matthijsvp bb686f24d4 Removed required field 2022-05-06 13:50:34 +02:00
matthijsvp d04d453f47 Added sane defaults to all booleans 2022-05-06 13:48:12 +02:00
matthijsvp dcf34a680f bumped version number, fixed stray typo 2022-05-06 13:38:11 +02:00
matthijsvp 7480c51533 Added need/want for decryptor and data deletion 2022-05-06 13:25:31 +02:00
Christian Studer de7792373c
add: [passive-ssh] Added `banner` & `hassh` attributes 2022-05-05 20:38:53 +02:00
matthijsvp 33458100e4 Fixed ui order, fixed screenshot type 2022-05-05 15:54:37 +02:00
matthijsvp 6ec02ff6d8 Added transcript and screenshot fields 2022-05-05 15:48:31 +02:00
matthijsvp 1c2513caf2 Fixed email attribute type, fixed typo 2022-05-05 15:38:19 +02:00
matthijsvp 38d22a425f v1 of ransom-negotiation object 2022-05-05 15:18:22 +02:00
matthijsvp 25c318c3b3 Initial commit 2022-05-04 16:49:17 +02:00
3c7 314d72f948
Fixes wrong category and typo in value list 2022-04-26 15:05:05 +02:00
3c7 e57ab0f522
uploaded -> submitted; otherwise possible semantic collision with "uploads" relationship 2022-04-26 14:07:20 +02:00
3c7 dcb44bcc5a
Added VirusTotal Submission object and uploaded/uploaded-by relation 2022-04-26 14:02:43 +02:00
Alexandre Dulaunoy ea23d59185
chg: [organization] NL fixed 2022-04-04 14:49:44 +02:00
Alexandre Dulaunoy 783ae64fa0
chg: [organization] typo fixed 2022-04-04 14:46:22 +02:00
Alexandre Dulaunoy 6e98779d1a
Merge branch 'main' of github.com:MISP/misp-objects into main 2022-04-04 14:08:34 +02:00
Alexandre Dulaunoy 46a4b67c35
chg: [organization] add registry number and format for date of registration 2022-04-04 14:07:55 +02:00
chrisr3d 60d2fc447f add: [employee] Added a `full-name` object_relation for cases when we are not sure which name is the first and the last 2022-03-31 20:21:12 +02:00
Alexandre Dulaunoy f1086328a1
chg: [personification] fixed 2022-03-24 15:42:35 +01:00
Alexandre Dulaunoy 05195859b1
Merge pull request #351 from 0wlyW00d/main 
Add new objects to better describe a natural person
 2022-03-22 21:58:37 +01:00
Alexandre De Oliveira 2a7d2de508 modified by ./jq_all_the_things.sh 2022-03-21 15:04:26 +01:00
Alexandre De Oliveira a98ac163fb
Update object version to v5 2022-03-21 15:02:48 +01:00
0wlyW00d c44272a069 test 2022-03-21 10:08:36 +00:00
0wlyW00d 3dd5c938fe Objects add 2022-03-21 10:01:37 +00:00
0wlyW00d d82287d35f
Add news objects to MISP 
Creation of new object to better describe a natural perso
Add CLoth Object
Add Tattoo object
Add Personification Object
 2022-03-20 17:13:31 +01:00
0wlyW00d b6c6de5632
Add tattoo object definition 2022-03-19 11:56:48 +01:00
Alexandre De Oliveira e54cfa0e4c modified by ./jq_all_the_things.sh 2022-03-18 12:17:41 +01:00
Alexandre De Oliveira e2da981c94
Update definition.json 2022-03-18 12:15:58 +01:00
Alexandre De Oliveira df2b900c75 Run the ./jq_all_the_things.sh 2022-03-18 12:12:04 +01:00
Alexandre De Oliveira da1d90ab8a
Add fields related to GT 2022-03-18 12:08:13 +01:00
Alexandre Dulaunoy 5bfe1f2d66
chg: [person] add new potential direct message chat application 2022-03-17 15:56:16 +01:00
Alexandre Dulaunoy cc2587d733
chg: [person] handle added as requested by @gallypette 2022-03-17 15:14:32 +01:00
Alexandre Dulaunoy 9515ae332e
chg: [instant-message] Jabber and Twitter added + updated required fields 2022-03-17 09:14:39 +01:00
enes-usta 3c7ee6214e added cheat types and minor changes 2022-03-15 03:37:26 +01:00
enes 5eea5eae14 Add game-cheat Object 2022-03-14 16:07:09 +01:00
Alexandre Dulaunoy a3bec8e748
fix: [ip-port] jq all the things 2022-03-11 10:21:09 +01:00
mhpcchaves d4cad4db46
Include protocol, AS, and country code 
Include protocol, AS and country code to add more context to the tuple.
 2022-03-10 09:34:52 -03:00
Alexandre Dulaunoy 6405b3f114
chg: [ddos] because newline 2022-03-09 11:06:19 +01:00
Alexandre Dulaunoy e0d30596f6
chg: [ddos] The minimum amount of backscatter received in 5 minutes / 
day added in the object as backscatter-threshold.
 2022-03-09 10:48:47 +01:00
Alexandre Dulaunoy ae2814bb99
new: [error-message] new template to create error-message from MISP processing scripts 2022-02-17 16:47:08 +01:00
Alexandre Dulaunoy b741142e2c
chg: [ddos] Updated DDoS object template to include more details and clarification 
- Clarify that the field of pps/bps are peak values;
- New fields for total number of packets or bytes;
- Type of DDoS added in the object;
- How the capture of the DDoS evidences were collected;
 2022-02-17 07:38:35 +01:00
Alexandre Dulaunoy 363f90f789
new: [language-content] New object template language-content based on 
7.1 (STIX 2.1)
 2022-02-15 07:21:58 +01:00
Alexandre Dulaunoy 7dffebe9b6
new: [infrastructure] infrastructure object added (STIX 2.1 - 4.8) 2022-02-14 11:30:09 +01:00
Alexandre Dulaunoy 2ca2606252
new: [software] software template object added based 6.14 (STIX 2.1) 2022-02-14 11:06:53 +01:00
Jeroen Pinoy 1ee36b4426
new: Add apivoid email verification API result object 2022-02-07 17:54:31 +01:00
Alexandre Dulaunoy a6d51a91b9
chg: [objects] jq all the things 2022-02-04 08:52:33 +01:00
Alexandre Dulaunoy dfc090f19e
chg: [person] typo fixed 2022-02-04 08:50:36 +01:00
Alexandre Dulaunoy b67cda2d51
chg: [instant-messaging] add new sane default 2022-02-04 08:49:32 +01:00
Alexandre Dulaunoy d6dbeaa574
chg: [person] add the ability to set the instant-messaging apps used by the person 2022-02-04 08:47:56 +01:00
Alexandre Dulaunoy 30c53a61eb
fix: [JSON] updated 2022-02-03 17:44:17 +01:00
Alexandre Dulaunoy 1d32596600
chg: [ss7/gtp/diameter] used description updated in the README 2022-02-03 17:43:28 +01:00
Alexandre De Oliveira 6859121d16 Modification after running ./jq_all_the_things.sh 2022-02-03 12:58:56 +01:00
Alexandre De Oliveira c5d084b930
Remove a duplicated gprsLocationUpdate 2022-02-03 12:54:09 +01:00
Alexandre De Oliveira df81204b24 Modification avec the jq_all_the_things.sh 2022-02-03 10:42:35 +01:00
Alexandre De Oliveira 98df3423cd
Merge branch 'MISP:main' into master 2022-02-03 10:03:36 +01:00
Alexandre De Oliveira f1fea67b58
Add FowardSM for "old" SMS 2022-02-01 17:26:22 +01:00
Alexandre Dulaunoy 8cd68cdfd6
new: [artifact] The Artifact object permits capturing an array of bytes (8-bits), as a base64-encoded string, or linking to a file-like payload. 
ref: STIX 2.1 - 6.1

Open point: relationships for the related hashes
 2022-02-01 16:25:24 +01:00
Alexandre Dulaunoy 430df1cf48
new: [identity] from STIX 2.1 - 4.5 - new object template 
Identities can represent actual individuals, organizations, or groups (e.g., ACME, Inc.) as well as classes of individuals, organizations, systems or groups (e.g., the finance sector).

Ref: 4.5 Identity
 2022-01-31 07:45:38 +01:00
Alexandre De Oliveira 41d52f67b9
Cleanup ApplicationContext List + Removed versions 
Versions are managed via the MAP Version field
 2022-01-19 18:05:40 +01:00
Alexandre De Oliveira 7c88589d6d
Merge branch 'MISP:main' into master 2022-01-19 17:57:48 +01:00
Alexandre Dulaunoy b2638ebae3
chg: [instan-message-*] add Tox as potential chat application 
Ref: https://wiki.tox.chat
 2022-01-16 16:39:06 +01:00
Alexandre Dulaunoy 398dd04dae
chg: [stix2-pattern] add STIX 2.1 2022-01-14 16:43:01 +01:00
Alexandre De Oliveira e7622d92b3
Add list of MAP Opcodes (text + number) 2022-01-11 09:49:30 +01:00
Alexandre De Oliveira aa00bd384c
Add MAP application context list, without version 2022-01-11 09:43:03 +01:00
Alexandre Dulaunoy 48a486b044
fix: [template] missing newlines 2022-01-06 16:52:43 +01:00
Alexandre Dulaunoy 87a40ae57d
chg: [ftm-Company/github] update template version 2022-01-06 16:50:29 +01:00
Alexandre Dulaunoy e9dfbc54c4
chg: [ftm-Company] new line 2022-01-06 16:49:16 +01:00
Alexandre Dulaunoy 74c6943bab
Merge branch 'patch-1' of https://github.com/dreyergustav/misp-objects into dreyergustav-patch-1 2022-01-06 16:48:09 +01:00
chrisr3d b32b7f84fc
add: [github-user] Added the `id` object relation for the GitHub user id 2022-01-06 14:11:57 +01:00
dreyergustav f90a06ce95
Add description to ftm-Company object template 
The empty string value in the description key caused an error when new objects were added to events.
 2022-01-06 13:01:18 +01:00
Alexandre Dulaunoy 0e5fa57d82
chg: [probabilistic-data-structure] updated followng JL feedback 2021-12-29 16:27:26 +01:00
Alexandre Dulaunoy 5a4f7efbc8
new: [probabilistic-data-structure] Probabilistic data structure object describe a space-efficient data structure such as Bloom filter or similar structure. 2021-12-29 15:09:38 +01:00
Alexandre Dulaunoy b75be5cb19
chg: [person] occupation added 2021-12-22 10:25:13 +01:00
Alexandre Dulaunoy 734bfee82f
fix: [temporal-event] newline issue 2021-12-21 08:15:06 +01:00
Alexandre Dulaunoy 6e5db86325
chg: [temporal-event] fix typo in template name 2021-12-21 08:12:21 +01:00
Lucas Magalhães 27fce9e7ec Add sane default for boolean objects 2021-12-20 20:02:29 +00:00
Jeroen Pinoy b63b645635
chg: add requiredOneOf for postal-address 2021-12-20 14:15:10 +01:00
Raphaël Vinot 1c3882581e fix: incorrect entry in CMTMF_ATCKID 2021-12-20 13:17:46 +01:00
Alexandre Dulaunoy 1d93c1ae63
fix: [concordia] new-lines 2021-12-20 11:36:44 +01:00
Alexandre Dulaunoy 3221dc0ed7
new: [concordia-mtmf-intrusion-set] New object intrusion-set for mobile attacks 2021-12-20 11:31:41 +01:00
Alexandre Dulaunoy b3b24473f2
chg: [person/organization] add new role values such as Source, Originator, Informant, Emitter 
Fix #338

Emitter has been added for cases in SIGINT and MASINT where emitter
terminology can be used.
 2021-12-14 17:24:00 +01:00
Alexandre Dulaunoy 9dc7e3578f
new: [temporal-event] temporal event added 2021-12-07 15:26:23 +01:00
Alexandre Dulaunoy 282048b18f
chg: [user-account] fixing the Hungarian leader GitHub edit perversion 2021-11-30 10:34:35 +01:00
Andras Iklody a153553df1
fix: [user-account] added description to avoid issues in MISP 2021-11-30 10:24:06 +01:00
Alexandre Dulaunoy 9ee8f2912d
chg: [person] optional function field added 
Credits: feedback from student at University of Lorraine
 2021-11-27 11:56:39 +01:00
Sami Tainio 56f09c4431 Ran jq_all_the_things_.sh 2021-11-26 15:37:32 +02:00
Sami Tainio 9178943a75
add: [email] Added display name attribute for reply-to 2021-11-26 15:26:40 +02:00
Alexandre Dulaunoy d2606f6688
chg: [ja3s] updated 2021-11-14 22:38:47 +01:00
Alexandre Dulaunoy b9ea4e1278
new: [ja3s] JA3 server object template added Fix #296 2021-11-14 22:33:58 +01:00
iglocska 3ed8f7ae6e
chg: [submarine] fixes and list of types added 2021-11-12 08:39:35 +01:00
iglocska 66c037177e
fix: [naval] meta category fixed 2021-11-12 08:36:00 +01:00
iglocska dba92cbd53
chg: jq all the things 2021-11-12 08:33:24 +01:00