Alexandre Dulaunoy
d32f9b1add
fix: [virustotal-report] bump version
2023-09-01 09:34:08 +02:00
Christian Studer
1ddb03e342
fix: [artifact] Properly JQed the end of file
2023-08-17 14:49:44 +02:00
Christian Studer
9a63309ba4
chg: [artifact] Changed the `hashes` attribute into the different hash type attributes
...
- A change to adopt the same logic as file objects
regarding the different hash values
- In STIX 2.1 an Artifact object is not necessarily
linked to a File object and both referenced by
an Observed Data object. In some cases Artifact
objects are referenced for instance by Malware
objects, in which case they describe the actual
malware sample. It is then usefull to have the
different hash values in single attributes rather
than concatenated in a text attribute
2023-08-16 23:25:32 +02:00
Christian Studer
b87cafc35e
fix: [malware] Fixed `is_family` attribute type
2023-08-10 11:39:44 +02:00
Christian Studer
a9f836f751
Merge branch 'main' of github.com:MISP/misp-objects into chrisr3d_patch
2023-08-10 10:00:47 +02:00
Alexandre Dulaunoy
0037856e60
new: [x-header] new generic X header object for SMTP, HTTP and others
2023-08-07 14:36:24 +02:00
Alexandre Dulaunoy
3d81ef381c
fix: [scan-results] JSON and trailing comma ;-)
2023-08-03 10:47:45 +02:00
Alexandre Dulaunoy
2f5fb87c1a
Merge branch 'main' of https://github.com/mFaou/misp-objects into mFaou-main
2023-08-03 10:46:27 +02:00
Luciano Righetti
800d677af6
Merge pull request #398 from righel/add-sigmf-templates
...
new: add basic SigMF templates
2023-08-03 09:37:27 +02:00
Luciano Righetti
21b06c2f48
fix: jq all the things
2023-08-03 09:30:58 +02:00
Luciano Righetti
17a68d93ae
fix: minor fixes
2023-08-03 08:07:47 +02:00
Luciano Righetti
ac201f475a
new: sigmf archive object
2023-08-03 08:07:33 +02:00
Matthieu Faou
0515870942
Added requiredOneOf to scan-result object definition
2023-08-02 15:35:12 -04:00
Matthieu Faou
56941c6e93
Removed the scan-result field requirement in the scan-result object
2023-08-01 16:33:23 -04:00
Alexandre Dulaunoy
4da05293d7
fix: [malware-config] typo fixed
2023-07-31 11:21:29 +02:00
Alexandre Dulaunoy
fb0ffd5d4b
chg: [malware-config] to add attachment and description of the malware config
2023-07-31 11:17:23 +02:00
Alexandre Dulaunoy
17f71b39bd
chg: [scan-results] jq all the things
2023-07-28 22:25:37 +02:00
Matthieu Faou
5e201f4e0d
removed line break
2023-07-28 15:15:17 -04:00
Matthieu Faou
22477f7bc6
Added internet scanning tools to scan-result
2023-07-28 15:09:25 -04:00
Christian Studer
9486bbbab1
add: [malware] New object template to describe a malware
2023-07-25 16:30:00 +02:00
Christian Studer
5c830087a0
add: [malware-analysis] New object template to describe a static or dynamic analysis performed on a malware instance or family
2023-07-25 15:24:39 +02:00
417190e5c48babc7
ab1f97b881
chg: [ja3s] Add domain and hostname attributes
2023-07-20 10:24:42 +03:00
Alexandre Dulaunoy
0f5cbd49d0
Merge pull request #396 from MISP/chrisr3d_patch
...
New object templates to support new STIX 2.1 Incident extension objects
2023-07-19 08:39:56 +02:00
Steph S
32e21c8806
Fixed json formatting
2023-07-13 09:48:12 -04:00
Steph S
c7bade5c8b
Added a is-malicious attribute for abuseipdb and added a google-safe-browsing object for the google-safe-browsing expansion module
2023-07-13 09:25:26 -04:00
Luciano Righetti
316a4b07d1
new: add fft and waterfall attributes
2023-07-12 15:33:23 +02:00
Luciano Righetti
ba6bad723b
fix: jq all the things
2023-07-11 17:04:18 +02:00
Luciano Righetti
59d2a301b9
new: add basic SigMF templates
2023-07-11 16:54:11 +02:00
Steph S
1374b0c7f0
Added AbuseIPDB object template for the AbuseIPDB expansion module
2023-07-10 15:22:27 -04:00
Alexandre Dulaunoy
e6864eb745
chg: [hhhash] newline fixed
2023-07-10 16:40:22 +02:00
Alexandre Dulaunoy
f7da39c557
new: [hhhassh object] An object describing a HHHash object with the hash value along with the crawling parameters. For more information: https://www.foo.be/2023/07/HTTP-Headers-Hashing_HHHash
2023-07-10 16:38:12 +02:00
Christian Studer
e215a0ff1a
add: [incident] Added the score attribute
...
- We will probably parse scores and build the
attribute value the following way:
"{name} - {description}: {score}"
2023-07-07 11:36:42 +02:00
Christian Studer
ae62d5f9b3
fix: [impacts] Typo
2023-06-22 15:50:54 +02:00
Christian Studer
49a715e1cf
fix: [confidentiality-impact] JQed
2023-06-22 15:41:06 +02:00
Christian Studer
e3556784b5
wip: [task] New object template for tasks as described in STIX 2.1 Incident object extensions
2023-06-22 15:39:02 +02:00
Christian Studer
3c17729f0e
wip: [impacts] New template for different types of impacts as described in STIX 2.1 Incident object extensions
2023-06-22 15:16:48 +02:00
Christian Studer
c5c8f35fb4
wip: [event] New object template to describe events that can happen during an incident
2023-06-22 12:28:47 +02:00
Christian Studer
1a05a9f253
add: [incident] Added the required object relation
2023-06-22 12:28:04 +02:00
Christian Studer
ef04ff8020
add: [incident] Incident object based on the STIX 2.1 Incident object as well as its core extension
2023-06-21 16:32:30 +02:00
Christian Studer
f6d069dc3d
fix: [organization] Fixed missing comma
...
- Managed to improve the description too
2023-06-15 13:51:08 +02:00
Christian Studer
1f3b9312cc
add: [organization] Added the generic `contact_information` and `sector` fields for an organization
2023-06-15 13:27:55 +02:00
Alexandre Dulaunoy
e26541e89e
Merge branch 'main' of github.com:MISP/misp-objects into main
2023-06-14 19:21:37 +02:00
Alexandre Dulaunoy
5d307f7c30
chg: [cookie] cookie can be also only a key or a value
...
This change is required for the AIL project export
2023-06-14 17:36:22 +02:00
Michael Trenker
241f4455ac
ran jq_all_the_things.sh
2023-06-14 11:54:46 +00:00
Michael Trewen
25e1790e74
jq
2023-06-13 19:15:23 +02:00
Michael Trewen
71cc235a5d
new:added Diamond Object
2023-06-13 10:47:28 +02:00
Christian Studer
ec8645f421
add: [crowdsec-ip-context] Added the `false-positives` attribute that comes alongside with the `classifications`
2023-05-26 14:17:10 +02:00
Christian Studer
35285505a1
add: [crowdsec-ip-context] Added the classifications multiple attribute
2023-05-24 16:29:06 +02:00
Alexandre Dulaunoy
61608e5d44
chg: [scan-result] updated list of potential scanning tool
...
Source: https://gist.github.com/SteveClement/baf3a9ae0ba030283ecc30acd6f7c2ae
2023-05-24 11:03:47 +02:00
Alexandre Dulaunoy
20f567757d
chg: [scan-result] jq all the things
2023-05-22 14:08:34 +02:00