Commit Graph

746 Commits (a9d51da83c0dc6bc0138c0a6321dbed8f50f2399)

Author SHA1 Message Date
VVX7 1198f8fe68 chg: [object] change narrative version 2020-03-27 15:46:31 -04:00
VVX7 e387009bdd new: [object] add narrative. 2020-03-27 15:10:22 -04:00
Raphaël Vinot b436f9f28b Merge branch 'master' of github.com:MISP/misp-objects 2020-03-24 13:24:40 +01:00
Raphaël Vinot 9eedb854de chg: Bump CSSE COVID-19 Daily report to new version 2020-03-24 13:24:31 +01:00
chrisr3d fdfe7d2e4c
add: External references attribute for attack-pattern object 2020-03-17 10:03:33 +01:00
Alexandre Dulaunoy 7ef9a2ba56
Merge pull request #240 from cudeso/master
Objects for data coming from the Cytomic Orion API
2020-03-10 09:40:50 +01:00
Koen Van Impe 2c58470654 JQ-all-the-things 2020-03-09 23:29:29 +01:00
Koen Van Impe ecac7ea52a Update object definition with first-|last- seen 2020-03-09 23:26:25 +01:00
Alexandre Dulaunoy a09f7f55a8
chg: [victim] add reference to case (as requested by law-enforcement - ENFORCE project) 2020-03-09 16:32:18 +01:00
Alexandre Dulaunoy 65a51a586f
chg: [http-request] fixed 2020-03-09 16:25:57 +01:00
Alexandre Dulaunoy 401b8a4619
Merge pull request #239 from cbboggs/cbboggs-http-request
Adding optional ip-src to http-request
2020-03-09 16:25:14 +01:00
Koen Van Impe bffae90c3d Remove -x from JSON files 2020-03-07 09:28:43 +01:00
Koen Van Impe bbac01aa1b Fix with jq_all_the_things 2020-03-07 09:24:51 +01:00
Koen Van Impe 8bb88fceaf Objects for data coming from the Cytomic Orion API 2020-03-07 09:03:01 +01:00
frpet 5fdec81530 Update definition.json
bump version
2020-03-06 14:08:20 +01:00
cbboggs fa6fe463a9
Adding optional ip-src to http-request
modified existing "ip" attribute to "ip-dst", and added attribute for ip-src.   This allows http-request to be used in scenarios where observed connections are source specific, not destination specific.
2020-03-05 12:24:14 -06:00
frpet 2c6c44ccf8 Use more explicit misp-attribute types
Use the apropriate misp-attribute type for *local_hostname, *fqdn, *.md5|*.sha*
2020-03-05 18:55:29 +01:00
Alexandre Dulaunoy 3d57ee4fd2
chg: [network-socket] add filename to object template
Reported-by: Belgian Defence - Tancred
2020-03-04 14:25:26 +01:00
Alexandre Dulaunoy 1e5bb552f8
chg: [microblog] add Twitter-id reference 2020-03-04 14:08:10 +01:00
Raphaël Vinot b29a360c02 new: Add covid19 dxy live object 2020-03-02 00:12:24 +01:00
Raphaël Vinot 89db1fc34e Merge branch 'master' of github.com:MISP/misp-objects 2020-02-29 01:17:04 +01:00
Raphaël Vinot eabd0c1e55 new: CSSE COVID-19 Dataset - Daily report
Source:
  https://github.com/CSSEGISandData/COVID-19/tree/master/csse_covid_19_data
2020-02-29 01:16:28 +01:00
Raphaël Vinot 416820edc0 new: [crypto-material] add generic-symmetric-key 2020-02-27 15:41:45 +01:00
Raphaël Vinot ef0c95bc9b Merge branch 'master' of github.com:MISP/misp-objects 2020-02-27 10:50:58 +01:00
Raphaël Vinot 6f5cd0d9d3 chg: [IntelMQ Event] replace non-ascii double quote by single quote 2020-02-27 10:50:47 +01:00
Raphaël Vinot 2f2315d4e2 fix: Typo in requiredOneOf 2020-02-26 14:52:06 +01:00
Raphaël Vinot d9226e0f5a fix: Typo in requiredOneOf 2020-02-26 14:49:59 +01:00
Alexandre Dulaunoy d110657604
chg: [vulnerability] remove underscore from the object 2020-02-25 10:53:17 +01:00
Alexandre Dulaunoy 8de8d85979
chg: [iot-device] reference added 2020-02-17 23:12:09 +01:00
Alexandre Dulaunoy 6ed76f4948
add: [iot-firmware] new object template to describe IoT firmware
The relationship will be often between iot-device and iot-firmware.

Ref: https://github.com/C00kie-/workshop-materials
2020-02-17 15:07:49 +01:00
Alexandre Dulaunoy 8fa25f4f47
chg: [file] imphash removed as it should be at PE level 2020-02-17 14:29:30 +01:00
Alexandre Dulaunoy 36ae20bf02
chg: [pe] imphash and impfuzzy can be as key attribute 2020-02-17 14:27:05 +01:00
Alexandre Dulaunoy 1d2bfe97ce
Merge pull request #233 from Terrtia/master
chg: [domain-crawled] domain shouldn't be a multiple
2020-02-17 10:51:35 +01:00
Terrtia 566612302f
chg: [domain-crawled] domain shouldn't be a multiple 2020-02-17 10:00:21 +01:00
Alexandre Dulaunoy 83073d8c65
chg: [iot] add SPI, Serial and JTAG status 2020-02-17 08:55:47 +01:00
Alexandre Dulaunoy cf30efabc6
chg: [iot] because reusing UUID is bad 2020-02-17 08:33:51 +01:00
Alexandre Dulaunoy 1d0065e852
new: [iot] a first version of the IoT object
Ref: based on the workshop discussion in https://github.com/C00kie-/workshop-materials

The idea is to have this root object when a new IoT device is documented
and further objects will be connected such as firmware or even file object
2020-02-17 07:46:58 +01:00
Alexandre Dulaunoy 48bb38d67a
Merge pull request #232 from Terrtia/master
domain-crawled object
2020-02-16 21:04:16 +01:00
Terrtia 42df9d2e2f
chg: [crawled domain] rename object 2020-02-14 17:11:42 +01:00
Terrtia 5c46a3aad4
chg: add domain crawled object 2020-02-14 17:08:37 +01:00
Deborah Servili fdc24a8df8
update version 2020-02-13 12:30:08 +01:00
Deborah Servili 6380007b10
allow several subjects or sender for email objects 2020-02-13 12:28:47 +01:00
ater49 2738648e81 Adding some parts from HAR format description (http://www.softwareishard.com/blog/har-12-spec/) (More to come) 2020-02-10 14:59:35 +01:00
VVX7 1a40095f1a new: [objects] add instant-message object. add instant-message-group object. 2020-02-09 11:39:36 -05:00
Alexandre Dulaunoy 3ba77c9d2c
chg: [sms] the SMS center is a phone number 2020-02-06 12:06:26 +01:00
Alexandre Dulaunoy 371788589c
chg: [rtir] disable correlation on incident state 2020-02-06 11:55:27 +01:00
Alexandre Dulaunoy c32c7f4155
chg: [sms] missing Cellebrite fields added 2020-02-06 11:36:13 +01:00
Alexandre Dulaunoy 013c2c9c22
Merge branch 'master' of github.com:MISP/misp-objects 2020-02-06 11:04:53 +01:00
Alexandre Dulaunoy 3f9aca8e27
chg: [email] ip-src added in the email object templated as requested by Norberto Chavez
Ref: https://twitter.com/NORBERTOCHAVEZ/status/1225213457429127170
2020-02-06 11:03:33 +01:00
Raphaël Vinot 0c3aa14165 fix: attachment object relation does not exists. 2020-02-06 10:57:44 +01:00
Alexandre Dulaunoy 78fe4325b7
chg: [vehicule] image + type of vehicle added 2020-02-05 15:15:23 +01:00
Alexandre Dulaunoy ab6d7c3885
chg: [organization] typo fixed + description added 2020-02-05 15:06:37 +01:00
Alexandre Dulaunoy ccc0f4dd1f
chg: [phone] add brand and model 2020-02-05 15:04:10 +01:00
Andras Iklody 195fc46a13
fix: added iban as an alternative to bank account for the requirements
- fixes https://github.com/MISP/MISP/issues/5358
2020-02-04 11:46:24 +01:00
Alexandre Dulaunoy 5897fa7c37
Merge pull request #227 from Terrtia/master
chg: [new object pgp-meta]
2020-02-03 18:47:37 +01:00
Terrtia ae11730a82
fix: [new object pgp-meta] remove first seen/last seen + fix description 2020-02-03 16:45:28 +01:00
Terrtia b036b52e36
chg: [new object pgp-meta] Metadata extracted from a PGP keyblock, message or signature 2020-02-03 16:03:34 +01:00
VVX7 bde68265e3 chg: [object fields] allow additional requiredOneOf fields in blog, microblog, meme-image objects. add attachment field to blog object. add username to news-media. 2020-02-02 20:08:44 -05:00
VVX7 bc052e17f4 chg: [object field] add profile picture to user-account 2020-01-31 18:27:42 -05:00
VVX7 ed8e72bdb4 chg: [object field] enable multiple URL/link in microblog 2020-01-31 17:11:29 -05:00
VVX7 3bb42c766f chg: [object field] add title to microblog 2020-01-31 17:01:57 -05:00
VVX7 e4d217172e chg: [object field] add link for user-account page 2020-01-30 21:51:56 -05:00
VVX7 329d92162c chg: [object fields] add forged-document types, add microblog state 2020-01-30 21:31:06 -05:00
VVX7 4c4a3aabe5 new: [objects] news-agency, news-media 2020-01-30 19:57:39 -05:00
VVX7 8fa0166b24 chg: [microblog] allow multiple attachments per the enhancement request 2020-01-30 16:41:40 -05:00
VVX7 804e2116ce chg: [microblog] add attachment field for issue #186 2020-01-30 16:36:56 -05:00
VVX7 ce20ea05fe chg: [misinfosec objects] add archive (Internet Archive, Archive.is, etc) fields, change blog post title description 2020-01-30 14:08:19 -05:00
VVX7 0b5c9bde29 chg: [blog] add title field to object 2020-01-29 21:55:26 -05:00
VVX7 acf22d496c chg: [meme-image] uuid and name duplicate 2020-01-28 22:08:45 -05:00
VVX7 79026cb1d6 Merge remote-tracking branch 'upstream/master' 2020-01-28 21:49:12 -05:00
VVX7 84909f1ff2 new: [objects] blog, forged-document, leaked-document, meme-image 2020-01-28 21:24:04 -05:00
Raphaël Vinot fb878a6901 fix: Wrong name in requiredOneOf 2020-01-28 10:47:18 +01:00
Alexandre Dulaunoy cdc463ef1a
chg: [domain-ip] port added (required by AIL crawling) 2020-01-24 15:46:06 +01:00
Raphaël Vinot e6659c7c7e new: TruStar report object 2020-01-24 12:58:28 +01:00
Alexandre Dulaunoy 1a3d6392f3
Merge pull request #219 from N1col4s5742/master
Add vehicle state
2020-01-24 11:23:28 +01:00
Nicolas e8583c5e13 change definition.json for vehicle and geolocation with verification sponge 2020-01-24 10:40:50 +01:00
Nicolas 6fd7dfc896 change definition.json for vehicle and geolocation 2020-01-24 10:30:22 +01:00
Nicolas 6cc3f4a51c change definition.json for vehicle 2020-01-24 10:25:32 +01:00
Raphaël Vinot fa63480391 fix: to_ids must be a bool 2020-01-16 13:46:53 +01:00
Andras Iklody 92ebb542c2
fix: [microblog] to_ids changes 2020-01-16 10:44:51 +01:00
StefanKelm 1e096535ef
Update definition.json
Add compilation timestamp (similar to pe object)
2020-01-10 15:00:19 +01:00
Alexandre Dulaunoy ce80fb6384
chg: [microblog] disable correlation for the verified-username state 2019-12-27 11:27:53 +01:00
Alexandre Dulaunoy faf2b07599
chg: [annotation] 'full report' type added 2019-12-26 18:29:57 +01:00
N1col4s5742 c611736e35
Vehicle state 2019-12-20 14:20:08 +01:00
N1col4s5742 59027ddc6a
Bump version 2019-12-20 14:18:10 +01:00
N1col4s5742 5f1e6c5fec
Add vehicle state 2019-12-20 14:14:49 +01:00
Alexandre Dulaunoy bce1018325
Merge branch 'master' of github.com:MISP/misp-objects 2019-12-17 14:59:50 +01:00
Alexandre Dulaunoy e832f5ce64
chg: [organization] VAT - TAX-ID added in the template 2019-12-17 14:59:00 +01:00
Deborah Servili 33a7d6b574
Merge pull request #217 from Delta-Sierra/master
add imphash in file object
2019-12-10 12:26:08 +01:00
Deborah Servili c0877cfd7c
add imphash in file object 2019-12-10 12:19:29 +01:00
Alexandre Dulaunoy ab484998ff
chg: [microblog] add the ability to have non-malicious links
Fix #215
2019-12-06 14:59:12 +01:00
Jean-Louis Huynen 0fd9ff6670
chg: [dark-pattern] typos 2019-12-04 16:17:45 +01:00
Alexandre Dulaunoy 4185e2b8e2
chg: [script] attachment field added 2019-12-04 13:41:08 +01:00
Jean-Louis Huynen b69657b7b1
add: [dark-pattern] new object to share dark-patterns 2019-12-03 16:23:54 +01:00
Alexandre Dulaunoy 5e9aeadc7a
Merge branch 'master' of github.com:MISP/misp-objects 2019-12-03 08:07:50 +01:00
Alexandre Dulaunoy 34ac927065
new: [virustotal-graph] VirusTotal graph object added
Based on the discussion with VT, virustotal-graph object has been added which will
be used with the expansion modules and also to trigger the specific
quick-tab in MISP to display the VT graph result in an iframe if this
object is present.
2019-12-03 07:39:28 +01:00
m4tze 33a75fe4f2
updated "version" to 4 2019-11-29 09:09:30 +01:00
m4tze cd08dc32a0
added "type" to "requiredOneOf" 2019-11-29 08:56:55 +01:00
Raphaël Vinot 68d61d25d9 fix: Type asn -> AS 2019-11-25 16:23:42 +01:00
Raphaël Vinot 2ce8794528 fix: ui-priority is required in the object template 2019-11-25 16:21:19 +01:00