Commit Graph

1281 Commits (df58f2b29fe421907b78dacf3a1e25880e68cada)

Author SHA1 Message Date
Koen Van Impe ecac7ea52a Update object definition with first-|last- seen 2020-03-09 23:26:25 +01:00
Alexandre Dulaunoy a09f7f55a8
chg: [victim] add reference to case (as requested by law-enforcement - ENFORCE project) 2020-03-09 16:32:18 +01:00
Alexandre Dulaunoy 65a51a586f
chg: [http-request] fixed 2020-03-09 16:25:57 +01:00
Alexandre Dulaunoy 401b8a4619
Merge pull request #239 from cbboggs/cbboggs-http-request
Adding optional ip-src to http-request
2020-03-09 16:25:14 +01:00
Koen Van Impe bffae90c3d Remove -x from JSON files 2020-03-07 09:28:43 +01:00
Koen Van Impe bbac01aa1b Fix with jq_all_the_things 2020-03-07 09:24:51 +01:00
Koen Van Impe 8bb88fceaf Objects for data coming from the Cytomic Orion API 2020-03-07 09:03:01 +01:00
Alexandre Dulaunoy b457df2a36
Merge pull request #238 from pettai/intelmq_event
More explicit misp-attribute types
2020-03-06 15:24:49 +01:00
frpet 5fdec81530 Update definition.json
bump version
2020-03-06 14:08:20 +01:00
cbboggs fa6fe463a9
Adding optional ip-src to http-request
modified existing "ip" attribute to "ip-dst", and added attribute for ip-src.   This allows http-request to be used in scenarios where observed connections are source specific, not destination specific.
2020-03-05 12:24:14 -06:00
frpet 2c6c44ccf8 Use more explicit misp-attribute types
Use the apropriate misp-attribute type for *local_hostname, *fqdn, *.md5|*.sha*
2020-03-05 18:55:29 +01:00
Alexandre Dulaunoy 3d57ee4fd2
chg: [network-socket] add filename to object template
Reported-by: Belgian Defence - Tancred
2020-03-04 14:25:26 +01:00
Alexandre Dulaunoy 1e5bb552f8
chg: [microblog] add Twitter-id reference 2020-03-04 14:08:10 +01:00
Raphaël Vinot b29a360c02 new: Add covid19 dxy live object 2020-03-02 00:12:24 +01:00
Raphaël Vinot 75028d3adf new: health object meta type 2020-02-29 01:18:12 +01:00
Raphaël Vinot 89db1fc34e Merge branch 'master' of github.com:MISP/misp-objects 2020-02-29 01:17:04 +01:00
Raphaël Vinot eabd0c1e55 new: CSSE COVID-19 Dataset - Daily report
Source:
  https://github.com/CSSEGISandData/COVID-19/tree/master/csse_covid_19_data
2020-02-29 01:16:28 +01:00
Alexandre Dulaunoy 346503f433
Merge pull request #235 from MISP/gen_sym_key
new: [crypto-material] add generic-symmetric-key
2020-02-28 19:51:47 +01:00
Raphaël Vinot 416820edc0 new: [crypto-material] add generic-symmetric-key 2020-02-27 15:41:45 +01:00
Raphaël Vinot ef0c95bc9b Merge branch 'master' of github.com:MISP/misp-objects 2020-02-27 10:50:58 +01:00
Raphaël Vinot 6f5cd0d9d3 chg: [IntelMQ Event] replace non-ascii double quote by single quote 2020-02-27 10:50:47 +01:00
Raphaël Vinot 2f2315d4e2 fix: Typo in requiredOneOf 2020-02-26 14:52:06 +01:00
Raphaël Vinot d9226e0f5a fix: Typo in requiredOneOf 2020-02-26 14:49:59 +01:00
Alexandre Dulaunoy d110657604
chg: [vulnerability] remove underscore from the object 2020-02-25 10:53:17 +01:00
Alexandre Dulaunoy 8de8d85979
chg: [iot-device] reference added 2020-02-17 23:12:09 +01:00
Alexandre Dulaunoy 6ed76f4948
add: [iot-firmware] new object template to describe IoT firmware
The relationship will be often between iot-device and iot-firmware.

Ref: https://github.com/C00kie-/workshop-materials
2020-02-17 15:07:49 +01:00
Alexandre Dulaunoy 8fa25f4f47
chg: [file] imphash removed as it should be at PE level 2020-02-17 14:29:30 +01:00
Alexandre Dulaunoy 36ae20bf02
chg: [pe] imphash and impfuzzy can be as key attribute 2020-02-17 14:27:05 +01:00
Alexandre Dulaunoy 1d2bfe97ce
Merge pull request #233 from Terrtia/master
chg: [domain-crawled] domain shouldn't be a multiple
2020-02-17 10:51:35 +01:00
Terrtia 566612302f
chg: [domain-crawled] domain shouldn't be a multiple 2020-02-17 10:00:21 +01:00
Alexandre Dulaunoy 83073d8c65
chg: [iot] add SPI, Serial and JTAG status 2020-02-17 08:55:47 +01:00
Alexandre Dulaunoy cf30efabc6
chg: [iot] because reusing UUID is bad 2020-02-17 08:33:51 +01:00
Alexandre Dulaunoy e45c2df33a
chg: [schema] iot category added 2020-02-17 08:28:58 +01:00
Alexandre Dulaunoy 1d0065e852
new: [iot] a first version of the IoT object
Ref: based on the workshop discussion in https://github.com/C00kie-/workshop-materials

The idea is to have this root object when a new IoT device is documented
and further objects will be connected such as firmware or even file object
2020-02-17 07:46:58 +01:00
Alexandre Dulaunoy 48bb38d67a
Merge pull request #232 from Terrtia/master
domain-crawled object
2020-02-16 21:04:16 +01:00
Terrtia 42df9d2e2f
chg: [crawled domain] rename object 2020-02-14 17:11:42 +01:00
Terrtia 5c46a3aad4
chg: add domain crawled object 2020-02-14 17:08:37 +01:00
Alexandre Dulaunoy 1634e6388f
Merge pull request #231 from Delta-Sierra/master
allow several subjects or sender for email objects
2020-02-13 13:12:48 +01:00
Deborah Servili fdc24a8df8
update version 2020-02-13 12:30:08 +01:00
Deborah Servili 6380007b10
allow several subjects or sender for email objects 2020-02-13 12:28:47 +01:00
Alexandre Dulaunoy 3b9aaaf79d
Merge pull request #229 from ater49/master
Adding compatibility with some HAR fields
2020-02-10 15:25:12 +01:00
ater49 2738648e81 Adding some parts from HAR format description (http://www.softwareishard.com/blog/har-12-spec/) (More to come) 2020-02-10 14:59:35 +01:00
Alexandre Dulaunoy f43c2c2c6e
chg: [relationships] 'knows' relationship added
Request: via Twitter DM message
2020-02-10 11:15:17 +01:00
Alexandre Dulaunoy 6c7a8f4524 Merge pull request #228 from VVX7/master
new: [objects] instant message objects
2020-02-09 17:47:12 +01:00
VVX7 1a40095f1a new: [objects] add instant-message object. add instant-message-group object. 2020-02-09 11:39:36 -05:00
Alexandre Dulaunoy 3ba77c9d2c
chg: [sms] the SMS center is a phone number 2020-02-06 12:06:26 +01:00
Alexandre Dulaunoy 371788589c
chg: [rtir] disable correlation on incident state 2020-02-06 11:55:27 +01:00
Alexandre Dulaunoy c32c7f4155
chg: [sms] missing Cellebrite fields added 2020-02-06 11:36:13 +01:00
Alexandre Dulaunoy 013c2c9c22
Merge branch 'master' of github.com:MISP/misp-objects 2020-02-06 11:04:53 +01:00
Alexandre Dulaunoy 3f9aca8e27
chg: [email] ip-src added in the email object templated as requested by Norberto Chavez
Ref: https://twitter.com/NORBERTOCHAVEZ/status/1225213457429127170
2020-02-06 11:03:33 +01:00