Commit Graph

1054 Commits (9b0a9cd9eb0b82e56f87430296136ab018c2d289)

Author SHA1 Message Date
0wlyW00d 3dd5c938fe Objects add 2022-03-21 10:01:37 +00:00
0wlyW00d d82287d35f
Add news objects to MISP
Creation of new object to better describe a natural perso
Add CLoth Object
Add Tattoo object
Add Personification Object
2022-03-20 17:13:31 +01:00
0wlyW00d b6c6de5632
Add tattoo object definition 2022-03-19 11:56:48 +01:00
Alexandre De Oliveira e54cfa0e4c modified by ./jq_all_the_things.sh 2022-03-18 12:17:41 +01:00
Alexandre De Oliveira e2da981c94
Update definition.json 2022-03-18 12:15:58 +01:00
Alexandre De Oliveira df2b900c75 Run the ./jq_all_the_things.sh 2022-03-18 12:12:04 +01:00
Alexandre De Oliveira da1d90ab8a
Add fields related to GT 2022-03-18 12:08:13 +01:00
Alexandre Dulaunoy 5bfe1f2d66
chg: [person] add new potential direct message chat application 2022-03-17 15:56:16 +01:00
Alexandre Dulaunoy cc2587d733
chg: [person] handle added as requested by @gallypette 2022-03-17 15:14:32 +01:00
Alexandre Dulaunoy 9515ae332e
chg: [instant-message] Jabber and Twitter added + updated required fields 2022-03-17 09:14:39 +01:00
enes-usta 3c7ee6214e added cheat types and minor changes 2022-03-15 03:37:26 +01:00
enes 5eea5eae14 Add game-cheat Object 2022-03-14 16:07:09 +01:00
Alexandre Dulaunoy a3bec8e748
fix: [ip-port] jq all the things 2022-03-11 10:21:09 +01:00
mhpcchaves d4cad4db46
Include protocol, AS, and country code
Include protocol, AS and country code to add more context to the tuple.
2022-03-10 09:34:52 -03:00
Alexandre Dulaunoy 6405b3f114
chg: [ddos] because newline 2022-03-09 11:06:19 +01:00
Alexandre Dulaunoy e0d30596f6
chg: [ddos] The minimum amount of backscatter received in 5 minutes /
day added in the object as backscatter-threshold.
2022-03-09 10:48:47 +01:00
Alexandre Dulaunoy ae2814bb99
new: [error-message] new template to create error-message from MISP processing scripts 2022-02-17 16:47:08 +01:00
Alexandre Dulaunoy b741142e2c
chg: [ddos] Updated DDoS object template to include more details and clarification
- Clarify that the field of pps/bps are peak values;
- New fields for total number of packets or bytes;
- Type of DDoS added in the object;
- How the capture of the DDoS evidences were collected;
2022-02-17 07:38:35 +01:00
Alexandre Dulaunoy 363f90f789
new: [language-content] New object template language-content based on
7.1 (STIX 2.1)
2022-02-15 07:21:58 +01:00
Alexandre Dulaunoy 7dffebe9b6
new: [infrastructure] infrastructure object added (STIX 2.1 - 4.8) 2022-02-14 11:30:09 +01:00
Alexandre Dulaunoy 2ca2606252
new: [software] software template object added based 6.14 (STIX 2.1) 2022-02-14 11:06:53 +01:00
Jeroen Pinoy 1ee36b4426
new: Add apivoid email verification API result object 2022-02-07 17:54:31 +01:00
Alexandre Dulaunoy a6d51a91b9
chg: [objects] jq all the things 2022-02-04 08:52:33 +01:00
Alexandre Dulaunoy dfc090f19e
chg: [person] typo fixed 2022-02-04 08:50:36 +01:00
Alexandre Dulaunoy b67cda2d51
chg: [instant-messaging] add new sane default 2022-02-04 08:49:32 +01:00
Alexandre Dulaunoy d6dbeaa574
chg: [person] add the ability to set the instant-messaging apps used by the person 2022-02-04 08:47:56 +01:00
Alexandre Dulaunoy 30c53a61eb
fix: [JSON] updated 2022-02-03 17:44:17 +01:00
Alexandre Dulaunoy 1d32596600
chg: [ss7/gtp/diameter] used description updated in the README 2022-02-03 17:43:28 +01:00
Alexandre De Oliveira 6859121d16 Modification after running ./jq_all_the_things.sh 2022-02-03 12:58:56 +01:00
Alexandre De Oliveira c5d084b930
Remove a duplicated gprsLocationUpdate 2022-02-03 12:54:09 +01:00
Alexandre De Oliveira df81204b24 Modification avec the jq_all_the_things.sh 2022-02-03 10:42:35 +01:00
Alexandre De Oliveira 98df3423cd
Merge branch 'MISP:main' into master 2022-02-03 10:03:36 +01:00
Alexandre De Oliveira f1fea67b58
Add FowardSM for "old" SMS 2022-02-01 17:26:22 +01:00
Alexandre Dulaunoy 8cd68cdfd6
new: [artifact] The Artifact object permits capturing an array of bytes (8-bits), as a base64-encoded string, or linking to a file-like payload.
ref: STIX 2.1 - 6.1

Open point: relationships for the related hashes
2022-02-01 16:25:24 +01:00
Alexandre Dulaunoy 430df1cf48
new: [identity] from STIX 2.1 - 4.5 - new object template
Identities can represent actual individuals, organizations, or groups (e.g., ACME, Inc.) as well as classes of individuals, organizations, systems or groups (e.g., the finance sector).

Ref: 4.5 Identity
2022-01-31 07:45:38 +01:00
Alexandre De Oliveira 41d52f67b9
Cleanup ApplicationContext List + Removed versions
Versions are managed via the MAP Version field
2022-01-19 18:05:40 +01:00
Alexandre De Oliveira 7c88589d6d
Merge branch 'MISP:main' into master 2022-01-19 17:57:48 +01:00
Alexandre Dulaunoy b2638ebae3
chg: [instan-message-*] add Tox as potential chat application
Ref: https://wiki.tox.chat
2022-01-16 16:39:06 +01:00
Alexandre Dulaunoy 398dd04dae
chg: [stix2-pattern] add STIX 2.1 2022-01-14 16:43:01 +01:00
Alexandre De Oliveira e7622d92b3
Add list of MAP Opcodes (text + number) 2022-01-11 09:49:30 +01:00
Alexandre De Oliveira aa00bd384c
Add MAP application context list, without version 2022-01-11 09:43:03 +01:00
Alexandre Dulaunoy 48a486b044
fix: [template] missing newlines 2022-01-06 16:52:43 +01:00
Alexandre Dulaunoy 87a40ae57d
chg: [ftm-Company/github] update template version 2022-01-06 16:50:29 +01:00
Alexandre Dulaunoy e9dfbc54c4
chg: [ftm-Company] new line 2022-01-06 16:49:16 +01:00
Alexandre Dulaunoy 74c6943bab
Merge branch 'patch-1' of https://github.com/dreyergustav/misp-objects into dreyergustav-patch-1 2022-01-06 16:48:09 +01:00
chrisr3d b32b7f84fc
add: [github-user] Added the `id` object relation for the GitHub user id 2022-01-06 14:11:57 +01:00
dreyergustav f90a06ce95
Add description to ftm-Company object template
The empty string value in the description key caused an error when new objects were added to events.
2022-01-06 13:01:18 +01:00
Alexandre Dulaunoy 0e5fa57d82
chg: [probabilistic-data-structure] updated followng JL feedback 2021-12-29 16:27:26 +01:00
Alexandre Dulaunoy 5a4f7efbc8
new: [probabilistic-data-structure] Probabilistic data structure object describe a space-efficient data structure such as Bloom filter or similar structure. 2021-12-29 15:09:38 +01:00
Alexandre Dulaunoy b75be5cb19
chg: [person] occupation added 2021-12-22 10:25:13 +01:00
Alexandre Dulaunoy 734bfee82f
fix: [temporal-event] newline issue 2021-12-21 08:15:06 +01:00
Alexandre Dulaunoy 6e5db86325
chg: [temporal-event] fix typo in template name 2021-12-21 08:12:21 +01:00
Lucas Magalhães 27fce9e7ec Add sane default for boolean objects 2021-12-20 20:02:29 +00:00
Jeroen Pinoy b63b645635
chg: add requiredOneOf for postal-address 2021-12-20 14:15:10 +01:00
Raphaël Vinot 1c3882581e fix: incorrect entry in CMTMF_ATCKID 2021-12-20 13:17:46 +01:00
Alexandre Dulaunoy 1d93c1ae63
fix: [concordia] new-lines 2021-12-20 11:36:44 +01:00
Alexandre Dulaunoy 3221dc0ed7
new: [concordia-mtmf-intrusion-set] New object intrusion-set for mobile attacks 2021-12-20 11:31:41 +01:00
Alexandre Dulaunoy b3b24473f2
chg: [person/organization] add new role values such as Source, Originator, Informant, Emitter
Fix #338

Emitter has been added for cases in SIGINT and MASINT where emitter
terminology can be used.
2021-12-14 17:24:00 +01:00
Alexandre Dulaunoy 9dc7e3578f
new: [temporal-event] temporal event added 2021-12-07 15:26:23 +01:00
Alexandre Dulaunoy 282048b18f
chg: [user-account] fixing the Hungarian leader GitHub edit perversion 2021-11-30 10:34:35 +01:00
Andras Iklody a153553df1
fix: [user-account] added description to avoid issues in MISP 2021-11-30 10:24:06 +01:00
Alexandre Dulaunoy 9ee8f2912d
chg: [person] optional function field added
Credits: feedback from student at University of Lorraine
2021-11-27 11:56:39 +01:00
Sami Tainio 56f09c4431 Ran jq_all_the_things_.sh 2021-11-26 15:37:32 +02:00
Sami Tainio 9178943a75
add: [email] Added display name attribute for reply-to 2021-11-26 15:26:40 +02:00
Alexandre Dulaunoy d2606f6688
chg: [ja3s] updated 2021-11-14 22:38:47 +01:00
Alexandre Dulaunoy b9ea4e1278
new: [ja3s] JA3 server object template added Fix #296 2021-11-14 22:33:58 +01:00
iglocska 3ed8f7ae6e
chg: [submarine] fixes and list of types added 2021-11-12 08:39:35 +01:00
iglocska 66c037177e
fix: [naval] meta category fixed 2021-11-12 08:36:00 +01:00
iglocska dba92cbd53
chg: jq all the things 2021-11-12 08:33:24 +01:00
iglocska 6a970c03a4
new: submarine object template added 2021-11-12 08:31:54 +01:00
iglocska 44c7a7fc56
Revert "new: added submarine"
This reverts commit d1401437cb.
2021-11-12 08:29:47 +01:00
iglocska d1401437cb
new: added submarine 2021-11-12 08:28:53 +01:00
Jeroen Pinoy e1a809ed2c
new: postal address object 2021-11-03 22:00:49 +01:00
Alexandre Dulaunoy ae6a527bcb
chg: [report] disable correlation on report type 2021-11-02 09:06:18 +01:00
Alexandre Dulaunoy 1cd5a3e9f0
chg: [passive-ssh] newlines disaster 2021-10-26 14:03:24 +02:00
Jean-Louis Huynen fa397128bf
chg: [passive-ssh] change fingerprint type 2021-10-26 11:50:23 +02:00
Alexandre Dulaunoy 95a23d219e
chg: [device] ui-priority added 2021-10-25 16:05:04 +02:00
Alexandre Dulaunoy 570a5c18b6
chg: [devices] fixed missing ui-priority 2021-10-25 15:56:50 +02:00
Alexandre Dulaunoy 3e491aa83b
Merge branch 'main' of github.com:MISP/misp-objects into main 2021-10-25 15:53:12 +02:00
Alexandre Dulaunoy dcc9e4c8be
chg: [device] added hits, status and infection_type (from ShadowServer)
- request for VarIOT project
2021-10-25 15:52:34 +02:00
Alexandre Dulaunoy c380279dca
Merge pull request #332 from gallypette/master
add: [passive-ssh] new object
2021-10-25 15:36:58 +02:00
Alexandre Dulaunoy 960a03be22
chg: [geolocation] countrycode added as requested for the VarIOT. 2021-10-25 15:35:23 +02:00
misp dac24a50c9 add: [passive-ssh] new object 2021-10-25 12:29:52 +02:00
chrisr3d b0eb0779df
fix: [report] Removed parenthesis from the object relation `report-file` 2021-10-25 12:02:25 +02:00
chrisr3d eb0af71d60
add: [email] Added display name attribute for CC and BCC 2021-10-25 12:00:25 +02:00
Sami Tainio 48e6ff2567 Ran jq_all_the_things_.sh 2021-10-23 10:58:55 +03:00
Sami Tainio aa2aa0814a
chg: [email] add a `bcc` field, `reply-to` can be multiple
Fix #329
2021-10-22 23:29:35 +03:00
Quentin JEROME 2394885553 Ran jq_all_the_things.sh 2021-10-06 20:13:39 +02:00
qjerome ce1aea0e14
Update descriptions of edr-report 2021-10-06 19:42:34 +02:00
Quentin JEROME 38303b282f Added edr-report MISP Object definition 2021-10-06 19:42:45 +02:00
Alexandre Dulaunoy 6ad5f18831
chg: [security-playbook] updated 2021-10-05 15:28:26 +02:00
Vasileios Mavroeidis ef16c5fe9a
Update definition.json
Improved the descriptions of the properties to aid their usability and resolve numerous ambiguities.
2021-10-02 13:01:11 +02:00
Alexandre Dulaunoy 3d52773e9d
fix: [playbook] it's always a newline story ;-) 2021-09-29 17:08:40 +02:00
Vasileios Mavroeidis 1b3447ffba
Update definition.json
person-role is not included in the attributes
2021-09-29 17:03:10 +02:00
Alexandre Dulaunoy 02e00959c4
fix: [security-playbook] newline issue 2021-09-28 14:49:28 +02:00
Alexandre Dulaunoy 4fed830b87
fix: [security-playbook] Categories are case sensitive 2021-09-28 14:48:27 +02:00
Pavel Eis ee9b978c5e new: [security-playbook] security-playbook added 2021-09-28 10:31:45 +02:00
Alexandre Dulaunoy c8cd002a3b
chg: [hashlookup] add KnownMalicious field in hashlookup record 2021-09-24 15:33:53 +02:00
Alexandre Dulaunoy 0ba346f194
chg: [hashlookup] add source, TLSH, SSDEEP fields in the object template 2021-09-24 15:23:04 +02:00
Alexandre Dulaunoy ffa6ed7963
chg: [process] remove ambiguity between user-creator and current user running the process
Following CISA/DHS feedback

Fix #322
2021-09-14 08:35:02 +02:00