MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity
704 Commits
6 Branches
43 Tags
11 MiB
Commit Graph

704 Commits (bb9ff86b2ff61d3977807b99d57bc271ef17417a)

Author SHA1 Message Date
haxpak bb9ff86b2f added MAC address to device 
meta category of organization changed to organization
meta category of person object changed to organization
new object phishing-kit
 2019-04-14 10:53:57 +05:30
haxpak 9f3fb14ed5 changed organization meta category to misc 2019-04-13 14:57:55 +05:30
haxpak 6917beee5f reverted device to misc category 2019-04-13 14:02:26 +05:30
haxpak 63fff149f0 added requiredOneOf to device definition 2019-04-13 13:49:16 +05:30
haxpak df91c999e6 fixed typos and ran jq_all_things 2019-04-13 13:45:05 +05:30
haxpak 23ab735119 - added : attachment attribute to annotation 
- added : new object type device
 2019-04-13 13:32:56 +05:30
haxpak 26987ca80a added : meta_category "organization" #162 2019-04-13 12:11:43 +05:30
haxpak 161f72678a modified : person object "changed UI priority of the attributes" 
modified : report object "added attachment to report"
 2019-04-13 12:05:51 +05:30
haxpak 71419a999a new-object : Organization "Defines an organization" 2019-04-13 11:55:38 +05:30
haxpak bfa883751a add : relationship "creates" 2019-04-13 11:00:45 +05:30
Alexandre Dulaunoy c5532621b6
chg: [ip-port] ip-src added to fix #149 2019-04-07 22:28:36 +02:00
Alexandre Dulaunoy 006aa1d1a2
chg: [script] filename added to fix #149 2019-04-07 22:24:58 +02:00
Alexandre Dulaunoy bfcfe7aae9
chg: [doc] tor-hiddenservices added 2019-04-05 11:24:54 +02:00
Alexandre Dulaunoy b4478a6c2b
add: [tor-hiddenservice] a simple object template to describe Tor Onion Service 2019-04-05 11:22:22 +02:00
Alexandre Dulaunoy aca06cec1f
chg: [lnk] new LNK object (Windows Shortcut) 2019-04-03 14:05:39 +02:00
Alexandre Dulaunoy 4793bf33ae
chg: [process] fix the type - fix #160 2019-04-02 19:56:59 +02:00
Alexandre Dulaunoy ba31488e5a
Merge pull request #161 from geekscrapy/geekscrapy-patch-1 
Username is often utilised alongside a credential
 2019-04-02 19:55:59 +02:00
Alexandre Dulaunoy 302182e594
Merge pull request #159 from geekscrapy/patch-1 
Added current-directory to required field
 2019-04-02 19:55:03 +02:00
Alexandre Dulaunoy 4ae7448b0c
Merge pull request #158 from geekscrapy/patch-2 
Added issuer as one of the required fields
 2019-04-02 19:54:38 +02:00
molley a50986361f
Username is often utilised alongside a credential 
Username can often identify malicious behavior, and is usually part of the credential tuple - it can also be used to highlight common user accounts without password/api key
 2019-04-02 18:26:00 +01:00
molley 490d760a4b
Added current-directory to required field 
This field will often indicate where a malicious binary is started from, therefore a good candidate for solo use
 2019-04-02 17:41:07 +01:00
molley a85178255c
Added issuer as one of the required fields 
This is often a field used on it's own to identify a malicious cert
 2019-04-02 17:28:49 +01:00
Raphaël Vinot 0c6b7b4302 chg: Bump vehicle object 2019-04-02 17:09:02 +02:00
Alexandre Dulaunoy 047595ddeb
chg: [person] Spanish IDs added (NIE, NIF and DNI) 2019-03-15 14:36:12 +01:00
chrisr3d 59f8621fe2
add: New relationship "retrieved-from" 2019-03-12 17:21:52 +01:00
Alexandre Dulaunoy d0886ba6af
Merge pull request #155 from Delta-Sierra/master 
remove accent from ilr objects
 2019-02-27 07:14:02 +01:00
Deborah Servili 55f5716b5d
remove accent from ilr objects - bis 2019-02-26 16:00:23 +01:00
Deborah Servili 96751b2af7
remove accent from ilrobjects 2019-02-26 15:57:58 +01:00
Alexandre Dulaunoy 0f10d25558
Merge pull request #154 from Delta-Sierra/master 
add ilr-notification-incident object
 2019-02-26 15:54:24 +01:00
Deborah Servili 41dd469869
add ilr-notification-incident object 2019-02-26 15:51:20 +01:00
Alexandre Dulaunoy 8580eb2080
Merge pull request #153 from Delta-Sierra/master 
fix ilr-impact attributes names
 2019-02-26 14:56:34 +01:00
Deborah Servili bd9970b1c9
fix lr-impact attributes names 2019-02-26 14:26:29 +01:00
Alexandre Dulaunoy f172d47381
Merge pull request #152 from Delta-Sierra/master 
add ilr-impact object
 2019-02-26 14:13:56 +01:00
Deborah Servili bc05eca2b6
disable correlations on ilr-impact attributes 2019-02-26 14:05:01 +01:00
Deborah Servili ec2851d4eb
add ilr-impact object 2019-02-26 13:57:31 +01:00
Alexandre Dulaunoy c84ee804db
Merge pull request #151 from MISP/rommelfs-patch-3 
corrected order
 2019-02-25 09:34:20 +01:00
Sascha Rommelfangen 45f6aec0f5
corrected order 2019-02-25 09:29:15 +01:00
Alexandre Dulaunoy 140cdeb088
Merge pull request #148 from marcnil815/master 
Create splunk object definition.json
 2019-02-21 23:03:53 +01:00
marcnil815 03870031db
jq'ed definition.json 2019-02-21 19:36:07 +01:00
marcnil815 e26e54b54a
Create splunk object definition.json 
Adding misp-object for basic splunk search/correlation search values.
 2019-02-21 16:12:54 +01:00
Alexandre Dulaunoy b0f07156ae
Merge pull request #147 from Delta-Sierra/master 
Person object - Add a (or several) role to a person
 2019-02-21 07:20:40 +01:00
Alexandre Dulaunoy 18042c0749
chg: [elf] disable correlation on file type 2019-02-20 10:43:38 +01:00
Deborah Servili 0173504050
Person object - Add a (several) role to a person 2019-02-15 09:46:29 +01:00
Alexandre Dulaunoy 08798f1262
chg: [email] IP and hostname fields from extracted headers 2019-02-14 14:33:39 +01:00
Alexandre Dulaunoy 8a4f2c96b8
chg: [file] preferred charset used by the file (if decoded from mime-type parsing) 2019-02-14 14:16:01 +01:00
Alexandre Dulaunoy be9ea96c2a
chg: [doc] to_ids flag was missing in the README 2019-02-11 06:58:27 +01:00
Alexandre Dulaunoy f9bb8bfa9b
chg: [phishing] removed the IDS flag on the email used for takedown - and change attribute type 2019-02-11 06:45:18 +01:00
Alexandre Dulaunoy 3e965a5ee2
Merge pull request #144 from MISP/rommelfs-patch-1 
added hostname attribute to the phishing object
 2019-02-07 16:46:39 +01:00
Sascha Rommelfangen f09a392d49
added hostname attribute to the phishing object 2019-02-07 14:58:40 +01:00
Alexandre Dulaunoy 75ae30f44d
Merge pull request #143 from rommelfs/master 
added values valuable to operators
 2019-02-02 09:27:38 +01:00