Commit Graph

1600 Commits (9b74873fe57181e91608fca28075d78b57a4f420)

Author SHA1 Message Date
Alexandre Dulaunoy 2cb16e7be0
chg: [trustar_report] Updated to add "THREAT_ACTOR"
Fixing #273
2021-01-05 09:30:28 +01:00
Alexandre Dulaunoy d6d515d3d8
chg: [yara] disable correlations on some fields 2020-12-30 14:46:04 +01:00
Alexandre Dulaunoy 4d1c42e491
chg: [crypto-material] add a public field for public cryptographic materials 2020-12-30 14:21:37 +01:00
Alexandre Dulaunoy 3650498630
chg: [favicon] jq all the things 2020-12-27 16:21:09 +01:00
Alexandre Dulaunoy 179bd48bec
chg: [favicon] A favicon, also known as a shortcut icon, website icon, tab icon, URL icon, or bookmark icon, is a file containing one or more small icons, associated with a particular web
site or web page. The object template can include the murmur3 hash of the favicon to facilitate correlation.
2020-12-27 16:19:04 +01:00
Alexandre Dulaunoy 8921a0c8a2
chg: [type] favicon-mmh3 is the murmur3 hash of a favicon as used in Shodan. 2020-12-24 12:00:45 +01:00
Alexandre Dulaunoy 1634d3218f
chg: [doc] MISP objects list updated 2020-12-20 11:07:18 +01:00
Alexandre Dulaunoy b71e7c3458
chg: [twitter-post] jq 2020-12-20 10:52:40 +01:00
Alexandre Dulaunoy 8eae725e49
fix: [twitter-post] underscore - minus are difficult to choose from ;-) 2020-12-20 10:41:39 +01:00
Alexandre Dulaunoy ed1ceebdf4
chg: [jq] all the things 2020-12-20 10:37:14 +01:00
Alexandre Dulaunoy 85e37b360e
Merge pull request #302 from ater49/main
Adding fields in twitter-post and paste
2020-12-20 10:34:11 +01:00
Alexandre Dulaunoy 413a2618b6
Merge pull request #303 from seamustuohy/pymisp-pr/631
Updated for support for msg format.
2020-12-20 10:30:04 +01:00
seamus tuohy 7e65e5dfaf Updated for support for msg format.
Adding first class support for Emails in .msg format to the email definition.
This includes making the  attribute support multiple bodies. Msg formats
nearly always have at least 2, if not 3, versions of the body (plain text, rtf, html).
2020-12-19 17:03:26 -05:00
ater49 a410c7c7a6 Typo and version number correction + adding a field in twitter-post
Adding created-at field in twitter-post
2020-12-14 23:01:12 +01:00
ater49 a47ba8c5b8 Add media in twitter-post in order to store attached medias in a tweet
Add pastebin.fr in source of paste and paste_file for storing whole
paste file.
2020-12-14 22:25:58 +01:00
Alexandre Dulaunoy 5bc046c97e
chg: [doc] travis removed 2020-12-10 22:59:40 +01:00
Alexandre Dulaunoy f517d6691c
Merge branch 'main' of github.com:MISP/misp-objects into main 2020-12-10 19:13:07 +01:00
Alexandre Dulaunoy 499392ca0a
chg: [domain-ip] hostname added as an attribute 2020-12-10 19:12:33 +01:00
Alexandre Dulaunoy 475a610ab0
Merge pull request #299 from beaujeant/main
chg: can have mutliple text attributes
2020-11-25 17:37:24 +01:00
Beaujeant a65aa06859 chg: can have mutliple text attributes 2020-11-25 16:17:54 +01:00
Raphaël Vinot 6b50c50170 new: GH workflow 2020-11-24 18:53:49 +01:00
Alexandre Dulaunoy 7bbab1fdf4
Merge branch 'main' of github.com:MISP/misp-objects into main 2020-11-24 12:22:01 +01:00
Alexandre Dulaunoy 2401e6026e
chg: [schema] process-state updated 2020-11-24 12:20:59 +01:00
Raphaël Vinot c234a4b36d chg: Add type in schema 2020-11-24 11:55:30 +01:00
Alexandre Dulaunoy 3bfd0cc160
Merge branch 'SteveClement-process' into main 2020-11-24 11:48:44 +01:00
Alexandre Dulaunoy 9185d69d14
chg: [jq] all the [things] 2020-11-24 11:48:22 +01:00
Alexandre Dulaunoy 75d972bdfa
Merge branch 'process' of https://github.com/SteveClement/misp-objects into SteveClement-process 2020-11-24 11:48:07 +01:00
Alexandre Dulaunoy 1bb199e2de
chg: [types] jarm-fingerprint added 2020-11-24 11:28:37 +01:00
Steve Clement 506116f0ac
chg: [json] sort 2020-11-24 14:58:19 +09:00
Steve Clement dd6ebe5385
new: [sh] Added process state 2020-11-24 14:55:47 +09:00
Steve Clement 4997dc575c
Merge remote-tracking branch 'upstream/main' into process 2020-11-24 14:45:04 +09:00
chrisr3d 0a3e94839c
add: [passive-dns] Added a raw_rdata object relation 2020-11-13 20:09:46 +01:00
Alexandre Dulaunoy abf42cc8fb
Merge pull request #297 from MISP/chrisr3d_patch
Using the actual attribute type for cpe and weakness instead of text
2020-10-22 23:40:36 +02:00
chrisr3d 903935c1fe
chg: Using the actual attribute type for cpe and weakness instead of text 2020-10-22 22:11:50 +02:00
Alexandre Dulaunoy 27a554ab12
chg: [cpe-asset] updated 2020-10-16 12:31:44 +02:00
Alexandre Dulaunoy 89f4f6dbc1
new: [cpe-asset] an asset as defined with a CPE value
This object was created to support the use-case of pisax.org for the
following use-case:

 - They define well-known assets which are used by IXPs and GRXs via
 their CPEs;
 - The assets are defined in a set of fixed/master MISP events;
 - Those events are used to query NVD/CVE database via cve-search
 (https://github.com/cve-search/cve-search) using a PyMISP script
 - Then the CVEs matching the CPE are added in MISP and dispatched to the
 sharing community of users as specific MISP events.

Ref: PISAX - pan-European Information Sharing and Analysis Center (ISAC) to IXPs and GRXs
Ref: https://nvlpubs.nist.gov/nistpubs/Legacy/IR/nistir7695.pdf ((NIST Interagency Report 7695))
2020-10-16 09:21:40 +02:00
Alexandre Dulaunoy 141a8d2e2f
chg: [vulnerability] fixed 2020-10-15 22:49:29 +02:00
Alexandre Dulaunoy 25c888cecb
chg: [vulnerability] vulnerable_configuration are now cpe type 2020-10-15 22:40:50 +02:00
Alexandre Dulaunoy 5c935172ea
chg: [file] because sorted is always better 2020-10-13 22:47:10 +02:00
Alexandre Dulaunoy 0196285c0f
chg: [file] imphash and telfhash added 2020-10-13 22:46:24 +02:00
Alexandre Dulaunoy 5d8bdd1e46
chg: [attribute type] new telfhash added 2020-10-13 22:35:27 +02:00
Alexandre Dulaunoy 8ee7728e84
chg: [gitlab-user] because -r is important 2020-10-07 09:20:54 +02:00
Alexandre Dulaunoy b4d21455fd
new: [gitlab-user] GitLab user. Gitlab.com user or self-hosted GitLab instance object template 2020-10-07 09:13:29 +02:00
Alexandre Dulaunoy d2cfeb7c3e
chg: [type] new type added 2020-10-01 15:09:08 +02:00
Alexandre Dulaunoy e6fd3867e8
chg: [doc] object lists updated 2020-09-24 19:50:28 +02:00
Raphaël Vinot e7b71d5df7
Merge pull request #295 from rhallick/intel471-1
Addition of intel471-vulnerability-intelligence object
2020-09-24 08:46:30 +02:00
Richard Hallick 6669d6ba86 .DS_Store file removed.
.DS_Store file removed.
2020-09-23 16:17:06 +01:00
Richard Hallick f6f419cadc Addition of Intel 471 vulnerability intelligence object
Intel 471 object to contain structured vulnerability related data.
2020-09-23 13:20:33 +01:00
Richard Hallick f116494ac9 Addition of intel471-vulnerability-intelligence object
Intel 471 object to contain structured vulnerability related data.
2020-09-23 13:02:02 +01:00
Alexandre Dulaunoy bd6aad0cd9
Merge branch 'main' of github.com:MISP/misp-objects into main 2020-09-17 08:19:03 +02:00