molley
a50986361f
Username is often utilised alongside a credential
...
Username can often identify malicious behavior, and is usually part of the credential tuple - it can also be used to highlight common user accounts without password/api key
2019-04-02 18:26:00 +01:00
molley
490d760a4b
Added current-directory to required field
...
This field will often indicate where a malicious binary is started from, therefore a good candidate for solo use
2019-04-02 17:41:07 +01:00
molley
a85178255c
Added issuer as one of the required fields
...
This is often a field used on it's own to identify a malicious cert
2019-04-02 17:28:49 +01:00
Raphaël Vinot
0c6b7b4302
chg: Bump vehicle object
2019-04-02 17:09:02 +02:00
Alexandre Dulaunoy
047595ddeb
chg: [person] Spanish IDs added (NIE, NIF and DNI)
2019-03-15 14:36:12 +01:00
chrisr3d
59f8621fe2
add: New relationship "retrieved-from"
2019-03-12 17:21:52 +01:00
Alexandre Dulaunoy
d0886ba6af
Merge pull request #155 from Delta-Sierra/master
...
remove accent from ilr objects
2019-02-27 07:14:02 +01:00
Deborah Servili
55f5716b5d
remove accent from ilr objects - bis
2019-02-26 16:00:23 +01:00
Deborah Servili
96751b2af7
remove accent from ilrobjects
2019-02-26 15:57:58 +01:00
Alexandre Dulaunoy
0f10d25558
Merge pull request #154 from Delta-Sierra/master
...
add ilr-notification-incident object
2019-02-26 15:54:24 +01:00
Deborah Servili
41dd469869
add ilr-notification-incident object
2019-02-26 15:51:20 +01:00
Alexandre Dulaunoy
8580eb2080
Merge pull request #153 from Delta-Sierra/master
...
fix ilr-impact attributes names
2019-02-26 14:56:34 +01:00
Deborah Servili
bd9970b1c9
fix lr-impact attributes names
2019-02-26 14:26:29 +01:00
Alexandre Dulaunoy
f172d47381
Merge pull request #152 from Delta-Sierra/master
...
add ilr-impact object
2019-02-26 14:13:56 +01:00
Deborah Servili
bc05eca2b6
disable correlations on ilr-impact attributes
2019-02-26 14:05:01 +01:00
Deborah Servili
ec2851d4eb
add ilr-impact object
2019-02-26 13:57:31 +01:00
Alexandre Dulaunoy
c84ee804db
Merge pull request #151 from MISP/rommelfs-patch-3
...
corrected order
2019-02-25 09:34:20 +01:00
Sascha Rommelfangen
45f6aec0f5
corrected order
2019-02-25 09:29:15 +01:00
Alexandre Dulaunoy
140cdeb088
Merge pull request #148 from marcnil815/master
...
Create splunk object definition.json
2019-02-21 23:03:53 +01:00
marcnil815
03870031db
jq'ed definition.json
2019-02-21 19:36:07 +01:00
marcnil815
e26e54b54a
Create splunk object definition.json
...
Adding misp-object for basic splunk search/correlation search values.
2019-02-21 16:12:54 +01:00
Alexandre Dulaunoy
b0f07156ae
Merge pull request #147 from Delta-Sierra/master
...
Person object - Add a (or several) role to a person
2019-02-21 07:20:40 +01:00
Alexandre Dulaunoy
18042c0749
chg: [elf] disable correlation on file type
2019-02-20 10:43:38 +01:00
Deborah Servili
0173504050
Person object - Add a (several) role to a person
2019-02-15 09:46:29 +01:00
Alexandre Dulaunoy
08798f1262
chg: [email] IP and hostname fields from extracted headers
2019-02-14 14:33:39 +01:00
Alexandre Dulaunoy
8a4f2c96b8
chg: [file] preferred charset used by the file (if decoded from mime-type parsing)
2019-02-14 14:16:01 +01:00
Alexandre Dulaunoy
be9ea96c2a
chg: [doc] to_ids flag was missing in the README
2019-02-11 06:58:27 +01:00
Alexandre Dulaunoy
f9bb8bfa9b
chg: [phishing] removed the IDS flag on the email used for takedown - and change attribute type
2019-02-11 06:45:18 +01:00
Alexandre Dulaunoy
3e965a5ee2
Merge pull request #144 from MISP/rommelfs-patch-1
...
added hostname attribute to the phishing object
2019-02-07 16:46:39 +01:00
Sascha Rommelfangen
f09a392d49
added hostname attribute to the phishing object
2019-02-07 14:58:40 +01:00
Alexandre Dulaunoy
75ae30f44d
Merge pull request #143 from rommelfs/master
...
added values valuable to operators
2019-02-02 09:27:38 +01:00
Alexandre Dulaunoy
36dc6efab3
chg: [anonymisation] add level-of-knowledge to request for more information if needed
2019-02-01 10:19:25 +01:00
Sascha Rommelfangen
732476d7ca
added values valuable to operators
2019-02-01 09:37:31 +01:00
Alexandre Dulaunoy
f5c7530e0b
chg: [anonymisation] algo list fixed
2019-01-31 23:01:08 +01:00
Andras Iklody
86a116770b
Update definition.json
2019-01-31 22:57:49 +01:00
Alexandre Dulaunoy
b141dce581
add: [anonymisation] Anonymisation object describing an anonymisation technique which is used in MISP anonymised attributes.
2019-01-31 22:41:23 +01:00
Alexandre Dulaunoy
aec965086f
Merge pull request #141 from Delta-Sierra/master
...
fix jq_all_the_things script
2019-01-29 21:24:27 +01:00
Deborah Servili
b4c2de001c
fix jq_all_the_things script
2019-01-28 16:06:05 +01:00
Alexandre Dulaunoy
b6a7ccd2dc
Merge pull request #140 from Delta-Sierra/master
...
add interpol notice object
2019-01-28 15:59:54 +01:00
Deborah Servili
db6297131f
Merge https://github.com/MISP/misp-objects
2019-01-28 15:44:31 +01:00
Deborah Servili
0f6f7de384
fix required field for interpol notice
2019-01-28 15:40:07 +01:00
Deborah Servili
1533703894
add interpol notice object
2019-01-28 15:26:49 +01:00
Alexandre Dulaunoy
beb0ec8bb7
chg: [script] added PHP in the most used programming language (at least when looking at malicious WebShells on the Internet)
...
- I sense a new stackoverflow survey category
Signed-off: 5c45721d-de08-4fff-b9b0-168a02de0b81
2019-01-24 13:36:09 +01:00
Alexandre Dulaunoy
b25388c406
Merge pull request #139 from Delta-Sierra/master
...
Person object - add alias as a requiredOneof attribute
2019-01-11 20:31:03 +01:00
chrisr3d
b94abc9182
Merge branch 'master' of github.com:MISP/misp-objects
2019-01-11 16:51:18 +01:00
chrisr3d
cf8c50b72e
fix: Disabled correlation for original imported samples
2019-01-11 16:50:29 +01:00
Deborah Servili
d6299e6542
update person object version
2019-01-11 15:03:11 +01:00
Deborah Servili
b0d8e91f0f
add alias as a requiredOneof attribute
2019-01-11 15:02:06 +01:00
Alexandre Dulaunoy
7d7031a5e4
Merge pull request #138 from cvandeplas/master
...
chg: [http-request] IP as allowed type
2019-01-03 15:21:29 +01:00
Christophe Vandeplas
ae32e23fbf
chg: [http-request] IP as allowed type
2019-01-03 15:07:08 +01:00