MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity
1,825 Commits
4 Branches
39 Tags
10 MiB
Commit Graph

1256 Commits (93b43a31918c857f5b3867576140f5e5b6fd86ed)

Author SHA1 Message Date
menewol 93b43a3191
Added Mattermost 2024-04-24 14:11:50 +02:00
David Cruciani b10d4680bc
Merge branch 'MISP:main' into main 2024-04-18 14:40:59 +02:00
David Cruciani 051605763e
chg: [flowintel-cm] notes 2024-04-18 14:40:16 +02:00
Christophe Vandeplas b37c347792
Merge pull request #424 from cvandeplas/main 
new: Generalizing Persuasion (GP) Framework
 2024-04-14 07:53:09 +02:00
Christophe Vandeplas f267c28d1f
new: [gpf] Split actors_speaker and settings_competition into more 2024-04-14 07:26:53 +02:00
Christian Studer e970e8d5a6
Merge branch 'main' of github.com:MISP/misp-objects 2024-04-13 12:25:17 +02:00
Christian Studer 2fe584ca6f
fix: Changed a few attribute types in different template 2024-04-13 12:24:58 +02:00
Alexandre Dulaunoy 223b7342d8
chg: [news-media] add governmental communication and also news agency 
source (including alert type)
 2024-04-12 10:22:53 +02:00
Christophe Vandeplas 8fe87ab6bc
new: [gpf] Added Generalizing Persuasion Framework 2024-04-12 08:09:52 +02:00
Christian Studer b2de8dd7c7
chg: [network-traffic] Going for the `protocol` attribute in singular 2024-04-11 12:04:55 +02:00
Christian Studer 712ab7f10a
fix: [network-connection] Using the `size-in-bytes` attribute type for information expressed in bytes 2024-04-11 09:42:06 +02:00
Christian Studer 661c71e35e
add: [network-traffic] Generic Network Traffic object 
- Following the STIX 2.1 spec
 2024-04-10 11:13:16 +02:00
Alexandre Dulaunoy dc52c10844
chg: [cert-pl-phishing] fixed 2024-04-04 16:53:46 +02:00
Alexandre Dulaunoy ea48921444
chg: [cert-pl-phishing] fixed 2024-04-04 16:48:33 +02:00
Alexandre Dulaunoy 4c661b7747
new: [cert-pl-phishing] first draft of a template for the CERT.PL 
phishing system
 2024-04-04 16:45:33 +02:00
Christian Studer 5b95994bdd
fix: [pe] Removing the `disable_correlation` flag for a `size-in-bytes` attribute type 2024-04-03 17:33:30 +02:00
Christian Studer 980ab615ec
add: [pe-optional-header] New object template for PE optional headers 2024-04-03 17:32:47 +02:00
Christian Studer f247f04548
Merge branch 'main' of github.com:MISP/misp-objects 2024-04-03 14:38:38 +02:00
Christian Studer fba223520a
fix: [pe] Sizes in the PE format should be in bytes 2024-04-03 14:37:55 +02:00
Alexandre Dulaunoy d905c08031
fix: [pe] typo fixed 2024-04-03 14:29:36 +02:00
Christian Studer 2afdb6104b
fix: [pe] `counter` makes more sense here 2024-04-03 14:08:17 +02:00
Christian Studer e042ac127a
chg: [pe] Using the new `integer` attribute type 2024-04-03 13:31:32 +02:00
Christian Studer eb1536f505
chg: [pe] Added `characteristics` & `machine-type` enumerations 
- Characteristics are usually in a list, so we
  have now both the list of characteristics with
  their name, and the hex value of the addition
  of all the characteristics numeric values
- We represent the machine type with its name
 2024-04-03 11:19:16 +02:00
Christian Studer ad952beb60
add: [pe] Added some PE fields as available with `lief` API 2024-04-02 21:21:38 +02:00
Alexandre Dulaunoy b023d0a3de
chg: [ddos] object type alone authorized if the source/target cannot be 
disclosed
 2024-03-29 16:22:07 +01:00
Sebastien Larinier d6af105b45 Add software impacted by exploit 2024-03-18 14:19:35 +00:00
Alexandre Dulaunoy ab963cdb5b
chg: [command-line] added sane_default 2024-03-16 09:48:29 +01:00
Alexandre Dulaunoy 322e451c3c
Merge branch 'main' of https://github.com/sebdraven/misp-objects into sebdraven-main 2024-03-16 09:46:59 +01:00
goodlandsecurity fac453a247
fixed parse error 2024-03-15 14:04:07 -05:00
goodlandsecurity 11bf472d8e
forgot multiple flag on two attributes 2024-03-15 13:52:09 -05:00
goodlandsecurity c3f17d6060
adding stairwell object 2024-03-15 12:05:03 -05:00
Sebastien Larinier acfef2f5e8 change type of ans name 2024-03-07 12:02:23 +00:00
Sebastien Larinier 53572fe294 fix typo of description 2024-03-07 10:12:21 +00:00
Sebastien Larinier 9c03f6ab9d add software for cmd line and change type 2024-03-07 10:10:36 +00:00
Alexandre Dulaunoy c72ec74070
fix: [cs-beacon-config] Partial info from CS beacon are possible 
Fix #417 - Thanks to @sebdraven
 2024-03-06 07:24:37 +01:00
Christos Arvanitis a367c43eb9 Disable correlation for IntelMQ time fields 2024-03-05 11:22:17 +01:00
Alexandre Dulaunoy 173af552aa
chg: [person/organization] `impersonated` added to the role of person 
and organization templates

Thanks to NRC Cyber Security for the idea.
 2024-03-05 08:59:45 +01:00
Christian Studer 3ac509965f
add: [process] Environment variables attribute 2024-01-30 15:19:54 +01:00
Christian Studer 7c565093df
chg: [artifact] Changed the `payload_bin` attribute to attachment type 2024-01-19 23:15:41 +01:00
David Cruciani 401c34f6f3
chg: [flowintel-task] add case-uuid 2024-01-15 09:11:00 +01:00
David Cruciani 248e7a95dc
chg: [validation] jq all 2024-01-10 12:07:32 +01:00
David Cruciani 55917fe94c
chg: [version] v2 2024-01-10 11:52:10 +01:00
David Cruciani b407a9d046
chg: [url] to_ids 2024-01-10 11:49:54 +01:00
David Cruciani 156fa7a07e
chg: [flowintel] typo + uuid+origin-url 2023-12-14 16:14:44 +01:00
David Cruciani b657128758
new: [object] flowintel-cm 2023-12-14 15:58:46 +01:00
Alexandre Dulaunoy 587b298e1e
chg: [shadowserver-malware-url-report] resource path added to improve 
correlation aspects
 2023-12-08 15:18:32 +01:00
Alexandre Dulaunoy fcd2cf2445
chg: [cs-beacon-config] updated to add details requested by ShadowServer 2023-12-07 10:54:40 +01:00
Alexandre Dulaunoy 7f77dbe685
chg: [shadowserver-malware-url-report] sane default added for severity 
Ref: https://github.com/The-Shadowserver-Foundation/report_schema/blob/main/severity.md
 2023-12-07 08:50:15 +01:00
Alexandre Dulaunoy f02af50725
chg: [shadowserver-malware-url-report] sane_default added 2023-12-06 09:50:54 +01:00
Alexandre Dulaunoy 23e41b2262
chg: [shadowserver-malware-url-report] severity added 2023-12-06 09:46:08 +01:00