haxpak
89b8e10fbe
added option "Further Analysis Required" to attribute stage
2019-04-15 17:41:39 +05:30
Alexandre Dulaunoy
81924c519f
chg: [doc] new organization and device object added
2019-04-13 15:04:23 +02:00
Alexandre Dulaunoy
e470413f41
chg: [schema] category removed
2019-04-13 14:59:38 +02:00
Alexandre Dulaunoy
cb193524c8
Merge pull request #166 from haxpak/haxpak-objects
...
Added new objects
2019-04-13 14:57:06 +02:00
haxpak
9f3fb14ed5
changed organization meta category to misc
2019-04-13 14:57:55 +05:30
haxpak
6917beee5f
reverted device to misc category
2019-04-13 14:02:26 +05:30
haxpak
63fff149f0
added requiredOneOf to device definition
2019-04-13 13:49:16 +05:30
haxpak
df91c999e6
fixed typos and ran jq_all_things
2019-04-13 13:45:05 +05:30
haxpak
23ab735119
- added : attachment attribute to annotation
...
- added : new object type device
2019-04-13 13:32:56 +05:30
Alexandre Dulaunoy
6cbac470ef
Merge pull request #163 from haxpak/master
...
add : relationship "creates"
2019-04-13 09:28:04 +02:00
haxpak
26987ca80a
added : meta_category "organization" #162
2019-04-13 12:11:43 +05:30
haxpak
161f72678a
modified : person object "changed UI priority of the attributes"
...
modified : report object "added attachment to report"
2019-04-13 12:05:51 +05:30
haxpak
71419a999a
new-object : Organization "Defines an organization"
2019-04-13 11:55:38 +05:30
haxpak
bfa883751a
add : relationship "creates"
2019-04-13 11:00:45 +05:30
Alexandre Dulaunoy
c5532621b6
chg: [ip-port] ip-src added to fix #149
2019-04-07 22:28:36 +02:00
Alexandre Dulaunoy
006aa1d1a2
chg: [script] filename added to fix #149
2019-04-07 22:24:58 +02:00
Alexandre Dulaunoy
bfcfe7aae9
chg: [doc] tor-hiddenservices added
2019-04-05 11:24:54 +02:00
Alexandre Dulaunoy
b4478a6c2b
add: [tor-hiddenservice] a simple object template to describe Tor Onion Service
2019-04-05 11:22:22 +02:00
Alexandre Dulaunoy
aca06cec1f
chg: [lnk] new LNK object (Windows Shortcut)
2019-04-03 14:05:39 +02:00
Alexandre Dulaunoy
4793bf33ae
chg: [process] fix the type - fix #160
2019-04-02 19:56:59 +02:00
Alexandre Dulaunoy
ba31488e5a
Merge pull request #161 from geekscrapy/geekscrapy-patch-1
...
Username is often utilised alongside a credential
2019-04-02 19:55:59 +02:00
Alexandre Dulaunoy
302182e594
Merge pull request #159 from geekscrapy/patch-1
...
Added current-directory to required field
2019-04-02 19:55:03 +02:00
Alexandre Dulaunoy
4ae7448b0c
Merge pull request #158 from geekscrapy/patch-2
...
Added issuer as one of the required fields
2019-04-02 19:54:38 +02:00
molley
a50986361f
Username is often utilised alongside a credential
...
Username can often identify malicious behavior, and is usually part of the credential tuple - it can also be used to highlight common user accounts without password/api key
2019-04-02 18:26:00 +01:00
molley
490d760a4b
Added current-directory to required field
...
This field will often indicate where a malicious binary is started from, therefore a good candidate for solo use
2019-04-02 17:41:07 +01:00
molley
a85178255c
Added issuer as one of the required fields
...
This is often a field used on it's own to identify a malicious cert
2019-04-02 17:28:49 +01:00
Raphaël Vinot
0c6b7b4302
chg: Bump vehicle object
2019-04-02 17:09:02 +02:00
Alexandre Dulaunoy
047595ddeb
chg: [person] Spanish IDs added (NIE, NIF and DNI)
2019-03-15 14:36:12 +01:00
chrisr3d
59f8621fe2
add: New relationship "retrieved-from"
2019-03-12 17:21:52 +01:00
Alexandre Dulaunoy
d0886ba6af
Merge pull request #155 from Delta-Sierra/master
...
remove accent from ilr objects
2019-02-27 07:14:02 +01:00
Deborah Servili
55f5716b5d
remove accent from ilr objects - bis
2019-02-26 16:00:23 +01:00
Deborah Servili
96751b2af7
remove accent from ilrobjects
2019-02-26 15:57:58 +01:00
Alexandre Dulaunoy
0f10d25558
Merge pull request #154 from Delta-Sierra/master
...
add ilr-notification-incident object
2019-02-26 15:54:24 +01:00
Deborah Servili
41dd469869
add ilr-notification-incident object
2019-02-26 15:51:20 +01:00
Alexandre Dulaunoy
8580eb2080
Merge pull request #153 from Delta-Sierra/master
...
fix ilr-impact attributes names
2019-02-26 14:56:34 +01:00
Deborah Servili
bd9970b1c9
fix lr-impact attributes names
2019-02-26 14:26:29 +01:00
Alexandre Dulaunoy
f172d47381
Merge pull request #152 from Delta-Sierra/master
...
add ilr-impact object
2019-02-26 14:13:56 +01:00
Deborah Servili
bc05eca2b6
disable correlations on ilr-impact attributes
2019-02-26 14:05:01 +01:00
Deborah Servili
ec2851d4eb
add ilr-impact object
2019-02-26 13:57:31 +01:00
Alexandre Dulaunoy
c84ee804db
Merge pull request #151 from MISP/rommelfs-patch-3
...
corrected order
2019-02-25 09:34:20 +01:00
Sascha Rommelfangen
45f6aec0f5
corrected order
2019-02-25 09:29:15 +01:00
Alexandre Dulaunoy
140cdeb088
Merge pull request #148 from marcnil815/master
...
Create splunk object definition.json
2019-02-21 23:03:53 +01:00
marcnil815
03870031db
jq'ed definition.json
2019-02-21 19:36:07 +01:00
marcnil815
e26e54b54a
Create splunk object definition.json
...
Adding misp-object for basic splunk search/correlation search values.
2019-02-21 16:12:54 +01:00
Alexandre Dulaunoy
b0f07156ae
Merge pull request #147 from Delta-Sierra/master
...
Person object - Add a (or several) role to a person
2019-02-21 07:20:40 +01:00
Alexandre Dulaunoy
18042c0749
chg: [elf] disable correlation on file type
2019-02-20 10:43:38 +01:00
Deborah Servili
0173504050
Person object - Add a (several) role to a person
2019-02-15 09:46:29 +01:00
Alexandre Dulaunoy
08798f1262
chg: [email] IP and hostname fields from extracted headers
2019-02-14 14:33:39 +01:00
Alexandre Dulaunoy
8a4f2c96b8
chg: [file] preferred charset used by the file (if decoded from mime-type parsing)
2019-02-14 14:16:01 +01:00
Alexandre Dulaunoy
be9ea96c2a
chg: [doc] to_ids flag was missing in the README
2019-02-11 06:58:27 +01:00