Commit Graph

1299 Commits (bda91e63106528299ad833ff665e5204031c74e6)

Author SHA1 Message Date
Alexandre Dulaunoy ee3318c15b
chg: [ADS] updated 2024-08-22 10:56:11 +02:00
Alexandre Dulaunoy 201dc30c8a
Merge branch 'main' of https://github.com/th3r3d/misp-objects into th3r3d-main 2024-08-22 10:55:37 +02:00
th3r3d 1e01268720
Updated UUID
Updated UUID to last version.
2024-08-17 11:02:03 +02:00
th3r3d c7445733b3
Update ADS to v2
Added Categorization Others for more granular view of MITRE Att&ck TTP used
2024-08-16 15:27:34 +02:00
Alexandre Dulaunoy 51165e279a
chg: [google-threat-intelligene-report] JSON clean-up 2024-08-06 18:21:05 +02:00
Daniel Pascual 4020992286 Add Google Threat Intelligence report 2024-08-06 18:10:00 +02:00
Alexandre Dulaunoy e46ddddb4f
chg: [network-profile] new-line 2024-08-06 17:57:11 +02:00
Thomas Dupuy 14c2bd9b5f upd: [network-profile] add Yandex in `service-abuse` list. 2024-08-05 14:14:17 -04:00
Alexandre Dulaunoy b58fd9afaf
chg: [pe-optional-header] jq all the things 2024-07-26 16:39:28 +02:00
Raphaël Vinot 93977fe6ef fix: address_of_entrypoint -> address-of-entrypoint 2024-07-26 15:49:41 +02:00
Christian Studer 6165affd5b
fix: [pe-optional-header] Added missing `disable_correlation` flag 2024-07-26 08:58:27 +02:00
Christian Studer ea50f6f1de
fix: [pe-optional-header] Added a few missing `disable_correlation` flags 2024-07-26 08:55:14 +02:00
Christian Studer f3bc011d84
fix: [pe-optional-header] Bumped version 2024-07-25 10:42:59 +02:00
Christian Studer ecb061bb1b
fix: [pe-optional-header] Updated object template
- Harmonised object relations to match with the
  `pe` template object relations, especially the
  ones for hex values
- Added object relations for `magic` value and
  `subsystem` hex value
2024-07-25 10:34:05 +02:00
Christian Studer d062743502
chg: [pe] Updated `pe` object template
- Added object relation for machine type hex value
- Harmonised object relations
2024-07-24 12:13:50 +02:00
Alexandre Dulaunoy 454285fea5
chg: [ddos-config] as the config is mainly describing targets
to_ids and correlation don't make a lot of sense
2024-07-18 15:10:13 +02:00
Alexandre Dulaunoy 0833c40b05
fix: [ddos-config] `ui-priority` added 2024-07-18 12:16:39 +02:00
Alexandre Dulaunoy 2220f14ca4
new: [ddos-config] generic ddos configuration from ddos related binaries 2024-07-18 12:08:43 +02:00
Alexandre Dulaunoy 5c534d3701
chg: [ja4-plus] jq all the things 2024-06-26 18:15:04 +02:00
Alexandre Dulaunoy f93466cb3c
chg: [ja4-plus] version fixed 2024-06-26 18:08:59 +02:00
Alexandre Dulaunoy 610d5abe34
chg: [ja4-plus] template name fixed 2024-06-26 18:08:14 +02:00
Alexandre Dulaunoy 467c9b43ed
new: [ja4-plus] new MISP object template to describe JA4+ fingerprints
fix: https://github.com/MISP/MISP/issues/9759
2024-06-26 18:04:30 +02:00
Alexandre Dulaunoy 5a54cf6505
chg: [phishing] add an IP field for phishing website hosted on IP address or where the IP is important for the analytics 2024-06-25 09:11:17 +02:00
Alexandre Dulaunoy e3288ef6e5
fix: [ddos-claim] descriptions fixed following CERT-SE feedback 2024-06-18 09:52:57 +02:00
Alexandre Dulaunoy 1af532033b
fix: [ddos-claim] clarify the validity based on CERT-EU feedback 2024-06-14 08:09:20 +02:00
Alexandre Dulaunoy 386530d73a
new: [ddos-claim] new object added describing DDoS claim (a discussed st
FIRST2024
2024-06-14 07:42:28 +02:00
samitainio 23faffab2e chg: remove categories and object_relation definitions from phone-number 2024-06-09 22:39:41 +03:00
samitainio 0b971906ad Add: phone-number object 2024-06-09 22:30:04 +03:00
Alexandre Dulaunoy ffd9120eb1
fix: [research-scanner] version updated 2024-05-27 10:22:53 +02:00
Martin Waleczek 97eb9b974d add 'hostname' for scanning host to object 'research-scanner' 2024-05-24 10:20:40 +02:00
Alexandre Dulaunoy a193e03ad2
chg: [cs-beacon-config] encoded-data as file attachment instead of text
As encoded-data might be large and not really useful to be displayed in
the UI of MISP. We moved it to an `attachment` attribute type.

We keep the `attachment` as Base64 to avoid any risk of people
downloading or executing as potential malicious file. So it MUST be
encoded in Base64 as it was before.
2024-05-07 09:36:13 +02:00
Alexandre Dulaunoy e65878874e
chg: [organization] add a MISP UUID if present 2024-05-03 22:04:04 +02:00
iglocska 73d94b8e2d
fix: [jq] all the things 2024-05-02 13:23:48 +02:00
Andras Iklody da5a569784
organization object
- Added "private" to the list of sectors as suggested by Monsieur Hamm.
2024-05-02 13:18:19 +02:00
Alexandre Dulaunoy c83372377e
chg: [registry-key] jq all the things 2024-04-25 11:20:46 +02:00
Christophe Vandeplas 28328aa53d
chg: [registry-key] added Artifacts dropped as potential category 2024-04-25 11:18:26 +02:00
Alexandre Dulaunoy 2061c353fe
fix: [ransomware-group-post] added the missing descriptions for `actor-geo-stats-30d` and `actor-total-stats-30d` 2024-04-24 16:47:47 +02:00
Alexandre Dulaunoy 42b48439da
chg: [ransomware-group-post] severity field sane default added 2024-04-24 16:42:39 +02:00
Alexandre Dulaunoy 9f98d15a6f
fix: [cs-beacong-config] typo fixed 2024-04-24 16:29:33 +02:00
Alexandre Dulaunoy f3724ad19b
fix: [cs-beacon-config] updated the NAICS description 2024-04-24 16:23:53 +02:00
Alexandre Dulaunoy 7f95d3290a
chg: [cs-beacon-config] major update following shadowserver.org requirements
- Fixed some matching type instead of text (like size-in-bytes or integer)
- Added many fields and replace name with `_` to `-`
- Added some basic description
2024-04-24 16:19:47 +02:00
Alexandre Dulaunoy 3d78e17c4b
chg: [ransomware-group-post] updated with shadowserver object template
format

- underscores replaced with hyphen
- descriptions added
- decorrelation added for some fields
2024-04-24 15:19:02 +02:00
Alexandre Dulaunoy 16b354c04c
chg: [instant-message] remove newlines 2024-04-24 14:30:19 +02:00
menewol 93b43a3191
Added Mattermost 2024-04-24 14:11:50 +02:00
David Cruciani b10d4680bc
Merge branch 'MISP:main' into main 2024-04-18 14:40:59 +02:00
David Cruciani 051605763e
chg: [flowintel-cm] notes 2024-04-18 14:40:16 +02:00
Christophe Vandeplas b37c347792
Merge pull request #424 from cvandeplas/main
new: Generalizing Persuasion (GP) Framework
2024-04-14 07:53:09 +02:00
Christophe Vandeplas f267c28d1f
new: [gpf] Split actors_speaker and settings_competition into more 2024-04-14 07:26:53 +02:00
Christian Studer e970e8d5a6
Merge branch 'main' of github.com:MISP/misp-objects 2024-04-13 12:25:17 +02:00
Christian Studer 2fe584ca6f
fix: Changed a few attribute types in different template 2024-04-13 12:24:58 +02:00