Christian Studer
d1d97fde08
Merge branch 'main' of github.com:MISP/misp-objects into chrisr3d_patch
2023-06-15 11:55:46 +02:00
Christian Studer
f0223f2b66
Merge branch 'main' of github.com:MISP/misp-objects
2023-06-15 11:55:27 +02:00
Alexandre Dulaunoy
e26541e89e
Merge branch 'main' of github.com:MISP/misp-objects into main
2023-06-14 19:21:37 +02:00
Alexandre Dulaunoy
5d307f7c30
chg: [cookie] cookie can be also only a key or a value
...
This change is required for the AIL project export
2023-06-14 17:36:22 +02:00
Alexandre Dulaunoy
e088768946
Merge pull request #394 from MichaelTrenker/new-Diamond-object
...
new:added Diamond Object
2023-06-14 08:13:52 -04:00
Michael Trenker
241f4455ac
ran jq_all_the_things.sh
2023-06-14 11:54:46 +00:00
Michael Trewen
25e1790e74
jq
2023-06-13 19:15:23 +02:00
Michael Trewen
71cc235a5d
new:added Diamond Object
2023-06-13 10:47:28 +02:00
Christian Studer
3568bc0e6a
Merge branch 'main' of github.com:MISP/misp-objects
2023-05-26 14:29:42 +02:00
Alexandre Dulaunoy
2ca2667d76
Merge pull request #393 from MISP/chrisr3d_patch
...
add: [crowdsec-ip-context] `classifications` & `false-positive` attributes
2023-05-26 14:25:27 +02:00
Christian Studer
ec8645f421
add: [crowdsec-ip-context] Added the `false-positives` attribute that comes alongside with the `classifications`
2023-05-26 14:17:10 +02:00
Christian Studer
35285505a1
add: [crowdsec-ip-context] Added the classifications multiple attribute
2023-05-24 16:29:06 +02:00
Christian Studer
37e43490c0
Merge branch 'main' of github.com:MISP/misp-objects into chrisr3d_patch
2023-05-24 16:20:27 +02:00
Alexandre Dulaunoy
61608e5d44
chg: [scan-result] updated list of potential scanning tool
...
Source: https://gist.github.com/SteveClement/baf3a9ae0ba030283ecc30acd6f7c2ae
2023-05-24 11:03:47 +02:00
Alexandre Dulaunoy
20f567757d
chg: [scan-result] jq all the things
2023-05-22 14:08:34 +02:00
Alexandre Dulaunoy
8b0276f3b4
Merge branch 'main' of github.com:MISP/misp-objects into main
2023-05-22 14:06:01 +02:00
Alexandre Dulaunoy
e33e893b44
new: [scan-result] object for scanning result
...
This is the metadata of a scanning result including the raw output of
the scan result.
This objects can be used for tools like Nessus or even source code
scanner to share the details about a scan.
For additional information such IP address or alike, other objects will
be used with the proper relationship added.
2023-05-22 14:04:48 +02:00
Alexandre Dulaunoy
dec2cbb917
new: [scan-result] object for scanning result
...
This is the metadata of a scanning result including the raw output of
the scan result.
This objects can be used for tools like Nessus or even source code
scanner to share the details about a scan.
For additional information such IP address or alike, other objects will
be used with the proper relationship added.
2023-05-22 13:59:57 +02:00
Alexandre Dulaunoy
f61702d030
Merge pull request #391 from tmbc-nl/fix-typo
...
chg: [relationships] Fixed a typo.
2023-05-20 00:28:57 +02:00
Alexandre Dulaunoy
9cfb239776
Merge pull request #392 from goodlandsecurity/cobaltstrike-beacon-config
...
adding cobalt strike beacon config object
2023-05-20 00:27:16 +02:00
goodlandsecurity
4e5719f29a
adding cobalt strike beacon config object
2023-05-19 14:07:24 -05:00
tmbc-nl
f1b5e54683
chg: [relationships] Fixed a typo.
2023-05-17 14:37:53 +02:00
Alexandre Dulaunoy
f7e6cab1bf
chg: [relationships] jq all the things
2023-05-16 21:18:28 +02:00
Alexandre Dulaunoy
48dd455196
chg: [relationships] `serves` added in relationships
...
Additional verb as an alternative to `hosts`
2023-05-16 09:25:57 +02:00
Alexandre Dulaunoy
a605792844
chg: [crowdsec] jq all the things
2023-05-12 10:34:19 +02:00
Alexandre Dulaunoy
b0e5f39f26
Update definition.json
2023-05-12 10:31:33 +02:00
Alexandre Dulaunoy
65f4be51d5
chg: [crowdsec] updated
2023-05-12 08:52:19 +02:00
Alexandre Dulaunoy
3d736c427c
new: [crowdsec-ip-context] new initial object for crowdsec expansion
2023-05-11 16:52:24 +02:00
Alexandre Dulaunoy
45bb7539a0
chg: [doc] misp object template list updated
2023-04-16 17:33:33 +02:00
Alexandre Dulaunoy
fd12a1bcd7
fix: [ai-chat-prompt] improved ai-chat-prompt template
2023-04-16 10:50:30 +02:00
Alexandre Dulaunoy
302697e045
chg: [ai-chat-prompt] ui-priority fixed
2023-04-15 16:38:13 +02:00
Alexandre Dulaunoy
b81698ae10
new: [ai-chat-prompt] new object template for AI chat prompt such as ChatGPT
...
Following a discussion with @aaronkaplan in Vienna, this object is a
first version to describe an AI chat prompt. The template can describe
the model used, the actual quality of results and also what's the actor
context.
Reference #388
2023-04-15 16:31:22 +02:00
Alexandre Dulaunoy
e1327d02bb
new: [risk-assessment-report] New object template Risk assessment report
...
To be used to share risk assessment report from risk assessment platform
such as [MONARC](https://github.com/monarc-project/ ).
This extension is done in the scope of the [NISDUC project](https://www.nisduc.eu/ ).
TODO: Maybe add a field for machine-readable version of the report
2023-04-13 10:41:39 +02:00
Alexandre Dulaunoy
059b669d9a
chg: [relationships] fix newline
2023-04-04 07:58:18 +02:00
Alexandre Dulaunoy
27df249584
chg: [relationships] `rewrite` relationship type added
...
Ref: https://github.com/MISP/misp-galaxy/pull/833
Following an idea from @jloehel - a new relationship has been added
2023-04-04 07:56:32 +02:00
Christian Studer
9e4afdfb7a
add: [network-socket] Added MAC address attributes
...
- Even though they are not exactly part of the
socket fields, it could be interesting to have
them to have the information about them like
they are described within the packets that are
sent using the socket
2023-03-31 11:30:33 +02:00
Christian Studer
b1b7981854
Merge branch 'main' of github.com:MISP/misp-objects
2023-03-31 10:50:57 +02:00
Alexandre Dulaunoy
402d7ad649
chg: [doc] updated
2023-03-10 15:40:48 +01:00
Alexandre Dulaunoy
05a642ec88
Merge branch 'GreyNoise-Intelligence-add_greynoise_ip_object' into main
2023-03-10 15:34:57 +01:00
Alexandre Dulaunoy
b49c6824ba
chg: [greynoise-intelligence] JSON fixed
2023-03-10 15:34:32 +01:00
Brad Chiappetta
9b74873fe5
add greynoise-ip object
2023-03-10 09:16:49 -05:00
Christian Studer
1da4760dcc
fix: [network-connection, network-socket] Bytes count if also better with an S
2023-03-07 23:26:51 +01:00
Christian Studer
437808339e
fix: [network-connection, network-socket] Packets count is better with an S
2023-03-07 23:19:08 +01:00
Christian Studer
1cab455a56
fix: [network-socket] Typo
2023-03-07 16:54:30 +01:00
Christian Studer
d71cdf367d
add: [network-socket] Added bytes & packets count object relations for both the source and destination
2023-03-07 16:49:06 +01:00
Christian Studer
1651281d0b
add: [network-socket] Added the first & last packet seen object relation and made the protocol attribute multiple
2023-03-07 16:48:00 +01:00
Christian Studer
57beac3bc7
add: [network-connection] Added bytes & packets count object relations for both the source and destination
2023-03-07 16:45:51 +01:00
Christian Studer
0e9ae98b49
add: [network-connection] Added a `last-packet-seen` attribute
2023-03-06 12:02:24 +01:00
Christian Studer
9c51feb43b
add: [network-connection] Added MAC address attributes
2023-03-03 14:55:09 +01:00
Christian Studer
4b5faf196b
add: [registry-key-value] New template to describe registry key values
...
- The `registry-key` object template includes
already the `data`, `data-type` & `name` fields
of a registry key value, but there is a
limitation in the case of multiple registry key
values
- In order to describe multiple registry key
values, instead of adding a simple `multiple`
field to the related and above mentioned fields,
it is better to use the `registry-key-value`
template so we know which data, data type and
name values are related to a given registry key
value
- It is then possible to have a reference between
the registry key object and the related values
2023-03-01 20:50:30 +01:00