Commit Graph

1646 Commits (c5c8f35fb40444bc21c1db634729806c090eb43f)

Author SHA1 Message Date
Christian Studer c5c8f35fb4
wip: [event] New object template to describe events that can happen during an incident 2023-06-22 12:28:47 +02:00
Christian Studer 1a05a9f253
add: [incident] Added the required object relation 2023-06-22 12:28:04 +02:00
Christian Studer ef04ff8020
add: [incident] Incident object based on the STIX 2.1 Incident object as well as its core extension 2023-06-21 16:32:30 +02:00
Christian Studer acfb208406 Merge branch 'main' of github.com:MISP/misp-objects into chrisr3d_patch 2023-06-21 16:29:45 +02:00
Alexandre Dulaunoy e2fd7a0290
Merge pull request #395 from MISP/chrisr3d_patch
Added `contact_information` & `sector` attributes to the `organization` template
2023-06-15 23:24:49 +02:00
Christian Studer f6d069dc3d
fix: [organization] Fixed missing comma
- Managed to improve the description too
2023-06-15 13:51:08 +02:00
Christian Studer 1f3b9312cc
add: [organization] Added the generic `contact_information` and `sector` fields for an organization 2023-06-15 13:27:55 +02:00
Christian Studer d1d97fde08 Merge branch 'main' of github.com:MISP/misp-objects into chrisr3d_patch 2023-06-15 11:55:46 +02:00
Alexandre Dulaunoy e26541e89e
Merge branch 'main' of github.com:MISP/misp-objects into main 2023-06-14 19:21:37 +02:00
Alexandre Dulaunoy 5d307f7c30
chg: [cookie] cookie can be also only a key or a value
This change is required for the AIL project export
2023-06-14 17:36:22 +02:00
Alexandre Dulaunoy e088768946
Merge pull request #394 from MichaelTrenker/new-Diamond-object
new:added Diamond Object
2023-06-14 08:13:52 -04:00
Michael Trenker 241f4455ac ran jq_all_the_things.sh 2023-06-14 11:54:46 +00:00
Michael Trewen 25e1790e74 jq 2023-06-13 19:15:23 +02:00
Michael Trewen 71cc235a5d new:added Diamond Object 2023-06-13 10:47:28 +02:00
Alexandre Dulaunoy 2ca2667d76
Merge pull request #393 from MISP/chrisr3d_patch
add: [crowdsec-ip-context] `classifications` & `false-positive` attributes
2023-05-26 14:25:27 +02:00
Christian Studer ec8645f421
add: [crowdsec-ip-context] Added the `false-positives` attribute that comes alongside with the `classifications` 2023-05-26 14:17:10 +02:00
Christian Studer 35285505a1
add: [crowdsec-ip-context] Added the classifications multiple attribute 2023-05-24 16:29:06 +02:00
Christian Studer 37e43490c0 Merge branch 'main' of github.com:MISP/misp-objects into chrisr3d_patch 2023-05-24 16:20:27 +02:00
Alexandre Dulaunoy 61608e5d44
chg: [scan-result] updated list of potential scanning tool
Source: https://gist.github.com/SteveClement/baf3a9ae0ba030283ecc30acd6f7c2ae
2023-05-24 11:03:47 +02:00
Alexandre Dulaunoy 20f567757d
chg: [scan-result] jq all the things 2023-05-22 14:08:34 +02:00
Alexandre Dulaunoy 8b0276f3b4
Merge branch 'main' of github.com:MISP/misp-objects into main 2023-05-22 14:06:01 +02:00
Alexandre Dulaunoy e33e893b44
new: [scan-result] object for scanning result
This is the metadata of a scanning result including the raw output of
the scan result.

This objects can be used for tools like Nessus or even source code
scanner to share the details about a scan.

For additional information such IP address or alike, other objects will
be used with the proper relationship added.
2023-05-22 14:04:48 +02:00
Alexandre Dulaunoy dec2cbb917
new: [scan-result] object for scanning result
This is the metadata of a scanning result including the raw output of
the scan result.

This objects can be used for tools like Nessus or even source code
scanner to share the details about a scan.

For additional information such IP address or alike, other objects will
be used with the proper relationship added.
2023-05-22 13:59:57 +02:00
Alexandre Dulaunoy f61702d030
Merge pull request #391 from tmbc-nl/fix-typo
chg: [relationships] Fixed a typo.
2023-05-20 00:28:57 +02:00
Alexandre Dulaunoy 9cfb239776
Merge pull request #392 from goodlandsecurity/cobaltstrike-beacon-config
adding cobalt strike beacon config object
2023-05-20 00:27:16 +02:00
goodlandsecurity 4e5719f29a
adding cobalt strike beacon config object 2023-05-19 14:07:24 -05:00
tmbc-nl f1b5e54683 chg: [relationships] Fixed a typo. 2023-05-17 14:37:53 +02:00
Alexandre Dulaunoy f7e6cab1bf
chg: [relationships] jq all the things 2023-05-16 21:18:28 +02:00
Alexandre Dulaunoy 48dd455196
chg: [relationships] `serves` added in relationships
Additional verb as an alternative to `hosts`
2023-05-16 09:25:57 +02:00
Alexandre Dulaunoy a605792844
chg: [crowdsec] jq all the things 2023-05-12 10:34:19 +02:00
Alexandre Dulaunoy b0e5f39f26
Update definition.json 2023-05-12 10:31:33 +02:00
Alexandre Dulaunoy 65f4be51d5
chg: [crowdsec] updated 2023-05-12 08:52:19 +02:00
Alexandre Dulaunoy 3d736c427c
new: [crowdsec-ip-context] new initial object for crowdsec expansion 2023-05-11 16:52:24 +02:00
Alexandre Dulaunoy 45bb7539a0
chg: [doc] misp object template list updated 2023-04-16 17:33:33 +02:00
Alexandre Dulaunoy fd12a1bcd7
fix: [ai-chat-prompt] improved ai-chat-prompt template 2023-04-16 10:50:30 +02:00
Alexandre Dulaunoy 302697e045
chg: [ai-chat-prompt] ui-priority fixed 2023-04-15 16:38:13 +02:00
Alexandre Dulaunoy b81698ae10
new: [ai-chat-prompt] new object template for AI chat prompt such as ChatGPT
Following a discussion with @aaronkaplan in Vienna, this object is a
first version to describe an AI chat prompt. The template can describe
the model used, the actual quality of results and also what's the actor
context.

Reference #388
2023-04-15 16:31:22 +02:00
Alexandre Dulaunoy e1327d02bb
new: [risk-assessment-report] New object template Risk assessment report
To be used to share risk assessment report from risk assessment platform
such as [MONARC](https://github.com/monarc-project/).

This extension is done in the scope of the [NISDUC project](https://www.nisduc.eu/).

TODO: Maybe add a field for machine-readable version of the report
2023-04-13 10:41:39 +02:00
Alexandre Dulaunoy 059b669d9a
chg: [relationships] fix newline 2023-04-04 07:58:18 +02:00
Alexandre Dulaunoy 27df249584
chg: [relationships] `rewrite` relationship type added
Ref: https://github.com/MISP/misp-galaxy/pull/833

Following an idea from @jloehel - a new relationship has been added
2023-04-04 07:56:32 +02:00
Christian Studer 9e4afdfb7a
add: [network-socket] Added MAC address attributes
- Even though they are not exactly part of the
  socket fields, it could be interesting to have
  them to have the information about them like
  they are described within the packets that are
  sent using the socket
2023-03-31 11:30:33 +02:00
Christian Studer b1b7981854 Merge branch 'main' of github.com:MISP/misp-objects 2023-03-31 10:50:57 +02:00
Alexandre Dulaunoy 402d7ad649
chg: [doc] updated 2023-03-10 15:40:48 +01:00
Alexandre Dulaunoy 05a642ec88
Merge branch 'GreyNoise-Intelligence-add_greynoise_ip_object' into main 2023-03-10 15:34:57 +01:00
Alexandre Dulaunoy b49c6824ba
chg: [greynoise-intelligence] JSON fixed 2023-03-10 15:34:32 +01:00
Brad Chiappetta 9b74873fe5 add greynoise-ip object 2023-03-10 09:16:49 -05:00
Christian Studer 1da4760dcc
fix: [network-connection, network-socket] Bytes count if also better with an S 2023-03-07 23:26:51 +01:00
Christian Studer 437808339e
fix: [network-connection, network-socket] Packets count is better with an S 2023-03-07 23:19:08 +01:00
Christian Studer 1cab455a56
fix: [network-socket] Typo 2023-03-07 16:54:30 +01:00
Christian Studer d71cdf367d
add: [network-socket] Added bytes & packets count object relations for both the source and destination 2023-03-07 16:49:06 +01:00