MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity
1,600 Commits
6 Branches
44 Tags
11 MiB
Commit Graph

1120 Commits (9b74873fe57181e91608fca28075d78b57a4f420)

Author SHA1 Message Date
Brad Chiappetta 9b74873fe5 add greynoise-ip object 2023-03-10 09:16:49 -05:00
Christian Studer 1da4760dcc
fix: [network-connection, network-socket] Bytes count if also better with an S 2023-03-07 23:26:51 +01:00
Christian Studer 437808339e
fix: [network-connection, network-socket] Packets count is better with an S 2023-03-07 23:19:08 +01:00
Christian Studer 1cab455a56
fix: [network-socket] Typo 2023-03-07 16:54:30 +01:00
Christian Studer d71cdf367d
add: [network-socket] Added bytes & packets count object relations for both the source and destination 2023-03-07 16:49:06 +01:00
Christian Studer 1651281d0b
add: [network-socket] Added the first & last packet seen object relation and made the protocol attribute multiple 2023-03-07 16:48:00 +01:00
Christian Studer 57beac3bc7
add: [network-connection] Added bytes & packets count object relations for both the source and destination 2023-03-07 16:45:51 +01:00
Christian Studer 0e9ae98b49
add: [network-connection] Added a `last-packet-seen` attribute 2023-03-06 12:02:24 +01:00
Christian Studer 9c51feb43b
add: [network-connection] Added MAC address attributes 2023-03-03 14:55:09 +01:00
Christian Studer 4b5faf196b
add: [registry-key-value] New template to describe registry key values 
- The `registry-key` object template includes
  already the `data`, `data-type` & `name` fields
  of a registry key value, but there is a
  limitation in the case of multiple registry key
  values
- In order to describe multiple registry key
  values, instead of adding a simple `multiple`
  field to the related and above mentioned fields,
  it is better to use the `registry-key-value`
  template so we know which data, data type and
  name values are related to a given registry key
  value
- It is then possible to have a reference between
  the registry key object and the related values
 2023-03-01 20:50:30 +01:00
Raphaël Vinot f579209884 fix: forgot to jq all the things. 2023-03-01 15:13:39 +01:00
Raphaël Vinot 38cfc975b5 fix: [ais] invalid ref name in requirements 2023-02-28 13:14:13 +01:00
Raphaël Vinot ba80167846 chg: rename AIS -> ais to match the directory name. 2023-02-28 13:10:31 +01:00
Christian Studer 79bf12de68
add: [directory] New object template for directories 2023-02-27 10:56:31 +01:00
Christophe Vandeplas 0c7eb831d8 chg: [AIS] Addition of AIS maritime ship identification and tracking 2023-02-25 18:48:11 +08:00
Christian Studer 892b7ee70f
add: [file] Added creation, modification & access time attributes 2023-02-20 19:31:59 +01:00
Alexandre Dulaunoy d60112ee66
new: [ransomware-group-post] First draft object for ransomlook.io 2023-02-17 10:33:59 +01:00
Alexandre Dulaunoy 13f173a3ce
fix: [victim] format fixed 2023-02-02 10:58:30 +01:00
Alexandre Dulaunoy 89010c466c
Merge pull request #383 from nyx0/main 
[victim] add information and cultural industries sector
 2023-02-02 10:57:08 +01:00
Alexandre Dulaunoy cd27802aab
fix: [objects description] ref #384 - Grammar fixes included in the JSON files. 2023-02-02 10:51:32 +01:00
Thomas Dupuy 9b56d1f427 fix: [victim] replace tab with spaces 2023-02-01 16:56:32 +00:00
Thomas Dupuy 92ed5d48ad new: [victim] add information and cultural industries sector 2023-02-01 16:48:01 +00:00
Thomas Dupuy bd168c639a chg: [victim] sort sectors 2023-02-01 16:40:24 +00:00
Alexandre Dulaunoy fa39a64dc4
chg: [transport-ticket] update to add the type of ticket (e.g. boarding pass versus ticket) 2023-01-27 15:55:08 +01:00
Alexandre Dulaunoy 5a45977e23
fix: [transport-ticket] JSON orders 2023-01-27 15:33:22 +01:00
Alexandre Dulaunoy 81214acbbe
new: [transport-ticket] new object template to describe a transport ticket 
Credits for the idea: Maxime Benoit
 2023-01-27 15:30:32 +01:00
David Cruciani 350c9b07cf chg: [typosquatting] jq_all_the_things 2023-01-16 08:45:20 +01:00
David Cruciani 7518752dff add: [object] typosquatting-finder 2023-01-16 07:48:03 +01:00
Alexandre Dulaunoy 5cb7e98e20
fix: [victim] jq run 2023-01-06 15:08:28 +01:00
Thomas Dupuy 9e9540524d new: Add legal sector. 2023-01-04 17:10:18 +00:00
Alexandre Dulaunoy 322cbaa21e
fix: [vehicle] jq all the things 2022-12-30 07:37:54 +01:00
Andras Iklody 3e8730cc1f
fix: [language] Turning french fries into freedom fries 2022-12-23 08:59:16 +01:00
Alexandre Dulaunoy a3263d72d6
fix: [jq] all 2022-12-22 13:15:10 +01:00
Alexandre Dulaunoy c52481cac1
fix: [thaicert-group-cards] name is singular has a single value which 
can be multiple
 2022-12-22 13:12:05 +01:00
Alexandre Dulaunoy 2b65dedb4d
fix: [objects] jq all the things 2022-12-22 13:10:03 +01:00
Alexandre Dulaunoy 83930e211f
chg: [groups->thaicert-group-cards] to make it more logical 2022-12-22 13:08:34 +01:00
Alexandre Dulaunoy b9c512a71b
fix: [jq] JSON fixed 2022-12-15 14:39:52 +01:00
th3r3d 56c6b9148c
Create definition 
Faked persnona template inspired by MITRE
 2022-12-12 19:03:29 +01:00
th3r3d 5ff1dff7b0
Create definition in groups 
Inspired by threat actor group cards
 2022-12-12 19:02:23 +01:00
th3r3d 262e2bee90
Created definition for ADS 
For ADS framework - create
 2022-12-12 19:01:23 +01:00
Alexandre Dulaunoy 858e485263
fix: [mactim-timeline-analysis] invalid UUID fixed 2022-12-11 13:03:18 +01:00
Alexandre Dulaunoy d491cde4b1
fix: [fail2ban] incorrect UUID fixed 2022-12-11 12:54:24 +01:00
Alexandre Dulaunoy 2787dc45d7
fix: [person] add a missing passport-creation date field. 2022-11-19 12:21:16 +01:00
Christian Studer b877eb0815
add: [exploit] Added `description` and `title` attributes 2022-10-23 23:11:48 +02:00
Delta-Sierra e7b9a8e7cf add username field in telegram-bot object 2022-10-13 13:45:52 +02:00
Alexandre Dulaunoy 82c699cc5f
new: [telegram-bot] new object to describe Telegram bots 2022-10-13 10:32:58 +02:00
Alexandre Dulaunoy 06df368890
new: [intrusion-set] based on the STIX 2.1 definition 
TODO - "Open Vocabularies" - value versus description.
 2022-09-29 07:32:52 +02:00
Alexandre Dulaunoy 35df5bad01
new: [exploit] Exploit object template to describe code or program used 
to exploit specific vulnerabilities. The objet can be linked to
`vulnerability` objects but also device, iot, firmware or alike.
 2022-09-26 07:40:11 +02:00
Alexandre Dulaunoy 3cf9307b24
Merge branch 'main' of github.com:MISP/misp-objects into main 2022-09-09 07:26:37 +02:00
Alexandre Dulaunoy fa26cdf15e
fix: [facebook-group] add an optional ID reference to the facebook id 2022-09-09 07:24:05 +02:00