Commit Graph

932 Commits (e1a809ed2c3832e8369381072c23b1933ff667a6)

Author SHA1 Message Date
Jeroen Pinoy e1a809ed2c
new: postal address object 2021-11-03 22:00:49 +01:00
Alexandre Dulaunoy ae6a527bcb
chg: [report] disable correlation on report type 2021-11-02 09:06:18 +01:00
Alexandre Dulaunoy 1cd5a3e9f0
chg: [passive-ssh] newlines disaster 2021-10-26 14:03:24 +02:00
Jean-Louis Huynen fa397128bf
chg: [passive-ssh] change fingerprint type 2021-10-26 11:50:23 +02:00
Alexandre Dulaunoy 95a23d219e
chg: [device] ui-priority added 2021-10-25 16:05:04 +02:00
Alexandre Dulaunoy 570a5c18b6
chg: [devices] fixed missing ui-priority 2021-10-25 15:56:50 +02:00
Alexandre Dulaunoy 3e491aa83b
Merge branch 'main' of github.com:MISP/misp-objects into main 2021-10-25 15:53:12 +02:00
Alexandre Dulaunoy dcc9e4c8be
chg: [device] added hits, status and infection_type (from ShadowServer)
- request for VarIOT project
2021-10-25 15:52:34 +02:00
Alexandre Dulaunoy c380279dca
Merge pull request #332 from gallypette/master
add: [passive-ssh] new object
2021-10-25 15:36:58 +02:00
Alexandre Dulaunoy 960a03be22
chg: [geolocation] countrycode added as requested for the VarIOT. 2021-10-25 15:35:23 +02:00
misp dac24a50c9 add: [passive-ssh] new object 2021-10-25 12:29:52 +02:00
chrisr3d b0eb0779df
fix: [report] Removed parenthesis from the object relation `report-file` 2021-10-25 12:02:25 +02:00
chrisr3d eb0af71d60
add: [email] Added display name attribute for CC and BCC 2021-10-25 12:00:25 +02:00
Sami Tainio 48e6ff2567 Ran jq_all_the_things_.sh 2021-10-23 10:58:55 +03:00
Sami Tainio aa2aa0814a
chg: [email] add a `bcc` field, `reply-to` can be multiple
Fix #329
2021-10-22 23:29:35 +03:00
Quentin JEROME 2394885553 Ran jq_all_the_things.sh 2021-10-06 20:13:39 +02:00
qjerome ce1aea0e14
Update descriptions of edr-report 2021-10-06 19:42:34 +02:00
Quentin JEROME 38303b282f Added edr-report MISP Object definition 2021-10-06 19:42:45 +02:00
Alexandre Dulaunoy 6ad5f18831
chg: [security-playbook] updated 2021-10-05 15:28:26 +02:00
Vasileios Mavroeidis ef16c5fe9a
Update definition.json
Improved the descriptions of the properties to aid their usability and resolve numerous ambiguities.
2021-10-02 13:01:11 +02:00
Alexandre Dulaunoy 3d52773e9d
fix: [playbook] it's always a newline story ;-) 2021-09-29 17:08:40 +02:00
Vasileios Mavroeidis 1b3447ffba
Update definition.json
person-role is not included in the attributes
2021-09-29 17:03:10 +02:00
Alexandre Dulaunoy 02e00959c4
fix: [security-playbook] newline issue 2021-09-28 14:49:28 +02:00
Alexandre Dulaunoy 4fed830b87
fix: [security-playbook] Categories are case sensitive 2021-09-28 14:48:27 +02:00
Pavel Eis ee9b978c5e new: [security-playbook] security-playbook added 2021-09-28 10:31:45 +02:00
Alexandre Dulaunoy c8cd002a3b
chg: [hashlookup] add KnownMalicious field in hashlookup record 2021-09-24 15:33:53 +02:00
Alexandre Dulaunoy 0ba346f194
chg: [hashlookup] add source, TLSH, SSDEEP fields in the object template 2021-09-24 15:23:04 +02:00
Alexandre Dulaunoy ffa6ed7963
chg: [process] remove ambiguity between user-creator and current user running the process
Following CISA/DHS feedback

Fix #322
2021-09-14 08:35:02 +02:00
Alexandre Dulaunoy 3f6a653b0d
fix: [user-account] replace the unclear text in description
Feedback from CISA/DHS - fix #323
2021-09-14 08:31:01 +02:00
Alexandre Dulaunoy 8c86f26e78
chg: [domain-ip] newline fix 2021-09-11 07:53:21 +02:00
Andras Iklody 12612abdcb
remove multiple from ip field 2021-09-10 15:24:50 +02:00
Alexandre Dulaunoy b42a9d8fe0
chg: [ss7-attack] order and newline 2021-09-04 10:19:25 +02:00
Alexandre De Oliveira 9f2f46faa7
Added few fields for GT Leasing - v3 2021-09-02 13:57:40 +02:00
chrisr3d d2b93f5aa6
chg: [hashlookup] Using the `filename` type for the FileName attribute instead of `text` 2021-08-26 15:13:14 +02:00
Alexandre Dulaunoy 633a84df03
chg: [hashlookup] newline because you know 2021-08-25 12:02:17 +02:00
Alexandre Dulaunoy 7e849963f1
chg: [hashlookup] filename changed 2021-08-25 12:00:11 +02:00
Alexandre Dulaunoy 1e4f39f728
new: [hashlookup] new hashlookup.circl.lu object 2021-08-25 11:55:57 +02:00
Alexandre Dulaunoy 8ecdd68eb8
chg: [tsk-web-search-query] jq all the things 2021-07-25 09:11:42 +02:00
Alexandre Dulaunoy 7d7cea0459
Fix incorrect type for domain 2021-07-25 09:09:53 +02:00
Alexandre Dulaunoy d37c575ee0
chg: [email] add a from-domain field to add domain when full email is not known or a wild card
Fix #318

Feedback from Eurocontrol training
2021-06-22 15:23:41 +02:00
Alexandre Dulaunoy b6366988f4
chg: [paloalto-threat-event] fix newline 2021-05-28 23:07:49 +02:00
phmazzoni df58f2b29f
Disabling some field correlations
Disabling some field correlations to avoid excessive number of events
2021-05-27 17:24:58 -03:00
Alexandre Dulaunoy 212e410258
chg: [ddos] fix newline 2021-05-27 16:25:52 +02:00
Alexandre Dulaunoy a31f7d0f26
Multiple fields for port, ip-src,dst-port following feedback from CONCORDIA
Multiple fields for port, ip-src,dst-port following feedback from CONCORDIA
2021-05-27 16:19:12 +02:00
Alexandre Dulaunoy 195f0fe46a
fix: [passive-dns-dnsdbflex] newline 2021-05-26 14:12:10 +02:00
aaronkaplan 094d61a51a
dnsdbflex object 2021-05-26 12:34:34 +02:00
Alexandre Dulaunoy 93b99230e3
chg: [jq] all the things 2021-05-25 23:15:59 +02:00
Alexandre Dulaunoy 265f8d3fc7
chg: [geolocation] fix UUID to be valid UUIDv4 2021-05-25 23:11:01 +02:00
Alexandre Dulaunoy d89296b542
new: [open-data-security] new object template based on open data
security definition

To be used in VARIoT project. https://www.variot.eu/
2021-05-17 15:55:23 +02:00
Alexandre Dulaunoy 5d986dc25e
chg: [phishing] newline 2021-05-11 15:44:35 +02:00