Commit Graph

808 Commits (b92243a8db2b21b86e8e77a93dcfc716efcd2573)

Author SHA1 Message Date
Alexandre Dulaunoy b6a7ccd2dc
Merge pull request #140 from Delta-Sierra/master
add interpol notice object
2019-01-28 15:59:54 +01:00
Deborah Servili db6297131f Merge https://github.com/MISP/misp-objects 2019-01-28 15:44:31 +01:00
Deborah Servili 0f6f7de384
fix required field for interpol notice 2019-01-28 15:40:07 +01:00
Deborah Servili 1533703894
add interpol notice object 2019-01-28 15:26:49 +01:00
Alexandre Dulaunoy beb0ec8bb7
chg: [script] added PHP in the most used programming language (at least when looking at malicious WebShells on the Internet)
- I sense a new stackoverflow survey category

Signed-off: 5c45721d-de08-4fff-b9b0-168a02de0b81
2019-01-24 13:36:09 +01:00
kx1499 a5ca2e1189 Merge remote-tracking branch 'upstream/master' 2019-01-15 21:19:19 -05:00
Alexandre Dulaunoy b25388c406
Merge pull request #139 from Delta-Sierra/master
Person object - add alias as a requiredOneof attribute
2019-01-11 20:31:03 +01:00
chrisr3d b94abc9182 Merge branch 'master' of github.com:MISP/misp-objects 2019-01-11 16:51:18 +01:00
chrisr3d cf8c50b72e
fix: Disabled correlation for original imported samples 2019-01-11 16:50:29 +01:00
Deborah Servili d6299e6542
update person object version 2019-01-11 15:03:11 +01:00
Deborah Servili b0d8e91f0f
add alias as a requiredOneof attribute 2019-01-11 15:02:06 +01:00
Alexandre Dulaunoy 7d7031a5e4
Merge pull request #138 from cvandeplas/master
chg: [http-request] IP as allowed type
2019-01-03 15:21:29 +01:00
Christophe Vandeplas ae32e23fbf chg: [http-request] IP as allowed type 2019-01-03 15:07:08 +01:00
Alexandre Dulaunoy 12f51e2ad5
chg: [doc] copyright date fixed 2019-01-02 22:05:02 +01:00
Alexandre Dulaunoy e43d7a027b
Merge pull request #137 from StefanKelm/master
New object: Information related to known scanning activity (e.g. from research projects)
2019-01-02 16:31:46 +01:00
Stefan Kelm d98cfd6d16 New object: Information related to known scanning activity (e.g. from research projects) 2019-01-02 16:19:08 +01:00
Alexandre Dulaunoy b6593451c2
Merge pull request #136 from eCrimeLabs/master
Updated JA3 to have own data type ja3-fingerprint-md5 and bumped the …
2018-12-30 13:13:47 +01:00
eCrimeLabs 68ca8b0a92 Updated JA3 to have own data type ja3-fingerprint-md5 and bumped the version 2018-12-30 12:31:17 +01:00
Christophe Vandeplas 14882579fb
Merge pull request #135 from cvandeplas/master
fix: [relationships] removed duplicate
2018-12-22 07:25:49 +01:00
Christophe Vandeplas 25dc125a30 fix: [relationships] removed duplicate 2018-12-22 07:23:17 +01:00
Alexandre Dulaunoy 39bd2641aa
chg: [relationships] witness-of added 2018-12-21 20:50:12 +01:00
Alexandre Dulaunoy e634e50e89
chg: [doc] facial-composite object added 2018-12-21 20:44:01 +01:00
Alexandre Dulaunoy 9b84576442
add: [facial-composite] new facial composite object 2018-12-21 20:41:45 +01:00
Alexandre Dulaunoy 5a9800ab6a
chg: [person] portrait added #133 2018-12-21 20:28:24 +01:00
Alexandre Dulaunoy e771672764
Merge pull request #134 from Delta-Sierra/master
Object Victim - Extended requiredOneof
2018-12-21 20:06:48 +01:00
Deborah Servili 7dfa69a743
Object Victim - Extended requiredOneof 2018-12-21 12:27:11 +01:00
Alexandre Dulaunoy 11a462e79b
chg: [person] OFAC fields - Office of Foreign Assets Control 2018-12-04 15:39:51 +01:00
Alexandre Dulaunoy 6cc29aad3d
chg: [microblog] a small clarification about the username to avoid the @ 2018-11-26 22:21:51 +01:00
Raphaël Vinot 7fe77c02af
Merge pull request #130 from deralexxx/patch-2
new misp object for a timesketch message
2018-11-23 15:42:48 +01:00
Alexander J e44dd16b18
new misp object for a timesketch message
to be able to push timesketch messages (timesketch.org) to a misp event it is handy to have a specific type of object for it.
2018-11-23 15:40:57 +01:00
Alexandre Dulaunoy 7808850ce2
chg: [cortex] description updated as TheHive/Cortex observables will be attributes with
relationships from this object
2018-11-18 10:29:42 +01:00
Alexandre Dulaunoy 39dd150e2a
add: [cortex] new object based on a discussion with Jerome L. from TheHive (thanks to SNCF) 2018-11-18 10:28:18 +01:00
Alexandre Dulaunoy 3ec98a8a65
chg: [cortex-taxonomy] aka mini-report 2018-11-18 10:11:25 +01:00
Alexandre Dulaunoy 0f1f23fbb5
fix: [cortex-taxonomy] jq all the things(tm) 2018-11-09 14:21:10 +01:00
Alexandre Dulaunoy c3c3009ff8
Merge pull request #129 from tk-hendrik/cortex-taxonomy-obj
Added cortex taxonomy object definition
2018-11-09 14:20:43 +01:00
Hendrik d61a1f3390 Added cortex taxonomy object definition 2018-11-09 12:37:34 +01:00
Alexandre Dulaunoy 78bfd806e7
Merge pull request #127 from thomaspatzke/process-extension
Extension of process object
2018-11-02 08:56:14 +01:00
Alexandre Dulaunoy f9af7a965f
Merge pull request #126 from thomaspatzke/paste-fix
Fixed misp-attribute in link attribute of paste object
2018-11-02 08:55:44 +01:00
Thomas Patzke e12f15d5da Fixed misp-attribute in link attribute of paste object 2018-11-02 00:40:55 +01:00
Thomas Patzke d41b642bc4 Extension of process object 2018-11-02 00:35:28 +01:00
Alexandre Dulaunoy 6e03108fb1
Merge pull request #125 from SteveClement/master
chg: [definition] Extended crypto coin for enrichment module
2018-10-30 16:08:03 +01:00
Steve Clement e132ea8e03 fix: [definition] Fixed current balance type, is float. 2018-10-30 22:58:54 +09:00
Steve Clement 6560a53b80 chg: [definition] Extended crypto coin object to be able to enrich with interesting data 2018-10-30 21:30:09 +09:00
Alexandre Dulaunoy a4207d1f36
chg: [mactime-timeline-analysis] disable some correlations 2018-10-29 20:43:36 +01:00
Alexandre Dulaunoy ccab94e1b7
chg: [ip-api-adress] updated to ensure correlation disabled 2018-10-28 15:07:35 +01:00
Raphaël Vinot decd49b6fc fix: JQ things 2018-10-25 17:45:47 -04:00
Raphaël Vinot e3d5d636e4 chg: Add type of internal reference 2018-10-25 15:47:04 -04:00
Raphaël Vinot 1a0d055caa new: Internal reference object 2018-10-25 13:47:20 -04:00
Alexandre Dulaunoy 2f1ed1ee0c
chg: [regripper-sam-hive-single-user] uuid fixed 2018-10-25 17:49:20 +02:00
Alexandre Dulaunoy 5e952a4bf7
chg: [tsk-web-downloads] including link versus url (we assume it's malicious link by default) 2018-10-25 17:45:58 +02:00