Commit Graph

1019 Commits (f762d5b2a4dc8efeb23596b33c572606fe66c9f3)

Author SHA1 Message Date
Alexandre Dulaunoy 50fe0c2993 Updated following Andras feedback 2017-09-06 16:13:35 +02:00
Alexandre Dulaunoy 8814be9527 yabin updated following Andras feedback 2017-09-06 16:13:02 +02:00
Alexandre Dulaunoy 317fd559d6 first version of a yabin object 2017-09-06 16:04:37 +02:00
Alexandre Dulaunoy 60f6c15655
Typo fixed 2017-08-29 22:02:10 +02:00
Raphaël Vinot 0445ebd350 Add descriptions in all the objects 2017-08-29 18:36:46 +02:00
Raphaël Vinot 9a3974f383 Update definitions of binaries 2017-08-29 13:25:58 +02:00
Raphaël Vinot d34dd5fb60 Allow multiple entries of type flag in the ELFSection object 2017-08-27 17:49:53 +02:00
Alexandre Dulaunoy 66e7397397
phone defintion fixed 2017-08-27 08:30:58 +02:00
Alexandre Dulaunoy 41f3792b49
first version of a mobile phone object 2017-08-27 08:16:58 +02:00
Raphaël Vinot 7c3aaa30c2 Update ELF definitions, add MachO. 2017-08-25 15:52:32 +02:00
Raphaël Vinot 49cd96aa2b Add mimetype to file object template 2017-08-23 11:01:48 +02:00
Alexandre Dulaunoy 2fd589e151
version updated 2017-08-08 20:39:36 +02:00
truckydev ea7bdb5bd7 add X509-fingerprint
https://github.com/MISP/MISP/pull/2357
2017-08-08 15:11:47 +02:00
Thomas Gardner 8558bef481 added http-request object 2017-08-03 16:11:33 -06:00
Alexandre Dulaunoy 10ca2819a1
Fix: tld type not existing in MISP 2017-08-03 18:27:34 +02:00
Alexandre Dulaunoy 113eb9e5a0
A cookie object has been added.
An HTTP cookie (web cookie, browser cookie) is a small piece of data
that a server sends to the user's web browser. The object includes
type which can help to describe the malicious use-case of the cookie.
2017-08-03 12:15:26 +02:00
Alexandre Dulaunoy 08e5ebe995
Typo fixed in key-size - Thanks to @StefanKelm 2017-08-03 12:00:00 +02:00
Raphaël Vinot ca24684e2f Update required entries for PE objects 2017-07-21 11:33:38 +02:00
Alexandre Dulaunoy 6e88746a67 Improved Tor node object to include support of the new Tor monitoring 2017-07-06 14:57:32 +02:00
Alexandre Dulaunoy afaf0d0e19 add a comment field 2017-07-05 07:41:07 +02:00
Alexandre Dulaunoy 30976be591 Tor node object template which are part of the Tor network at a time. 2017-07-05 07:33:35 +02:00
Alexandre Dulaunoy 9a1c5511f4 ui-priority 2017-07-03 16:55:14 +02:00
Alexandre Dulaunoy e8c74fbccc ui-priority 2017-07-03 16:50:13 +02:00
Alexandre Dulaunoy ea8885f317 ui-priority 2017-07-03 16:50:00 +02:00
Alexandre Dulaunoy 17e57b4a59 ui-priority 2017-07-03 16:49:43 +02:00
Alexandre Dulaunoy cb4af3ffce ui-priority 2017-07-03 16:45:54 +02:00
Alexandre Dulaunoy d2568c922e ui-priority 2017-07-03 16:45:41 +02:00
Alexandre Dulaunoy 611c0b8f55 ui-priority 2017-07-03 16:45:25 +02:00
Alexandre Dulaunoy 60ebdfc3e7 ui-priority 2017-07-03 16:44:39 +02:00
Alexandre Dulaunoy a0a922ee61 ui-priority 2017-07-03 16:44:11 +02:00
Alexandre Dulaunoy c59ed7394a ui-priority 2017-07-03 16:43:57 +02:00
Alexandre Dulaunoy eab13ff63c ui-priority 2017-07-03 16:43:25 +02:00
Alexandre Dulaunoy 65ec7b18a7 ui-priority 2017-07-03 16:43:12 +02:00
Alexandre Dulaunoy 89858f8f72 ui-priority 2017-07-03 16:42:40 +02:00
Alexandre Dulaunoy 13c7d100d0 ui-priority 2017-07-03 16:42:26 +02:00
Alexandre Dulaunoy 5615f18767 ui-priority 2017-07-03 16:42:07 +02:00
Alexandre Dulaunoy 48b17a11ed ui-priority 2017-07-03 16:41:53 +02:00
Alexandre Dulaunoy c0a78b1b25 ui-priority 2017-07-03 16:41:16 +02:00
Alexandre Dulaunoy 7e2214f9e9 ui-priority 2017-07-03 16:40:42 +02:00
Alexandre Dulaunoy e9859c4746 ui-frequency updated 2017-07-03 12:27:16 +02:00
Alexandre Dulaunoy 4915d6688d ui-frequency is the one! 2017-07-03 12:26:40 +02:00
Alexandre Dulaunoy 17d4fab43e ui-priority is now the King! 2017-07-03 12:25:06 +02:00
Alexandre Dulaunoy fb18a4ec29 ui-priority is now the new frequency 2017-07-03 12:24:21 +02:00
Alexandre Dulaunoy ce9f50013c misp-usage-frequency updated 2017-07-03 12:19:04 +02:00
Alexandre Dulaunoy 1f0d512b7d misp-usage-frequency updated 2017-07-03 12:18:47 +02:00
Alexandre Dulaunoy 86f8ad974a misp-usage-frequency updated 2017-07-03 12:18:25 +02:00
Alexandre Dulaunoy 405a5451cc misp-usage-frequency updated 2017-07-03 12:17:46 +02:00
Alexandre Dulaunoy dc2b6524c1 misp-usage-frequency updated 2017-07-03 12:15:50 +02:00
Alexandre Dulaunoy edcf0d1a90 misp-usage-frequency updated 2017-07-03 12:14:48 +02:00
Alexandre Dulaunoy eff1b8ba39 misp-usage-frequency updated 2017-07-03 12:14:13 +02:00
Alexandre Dulaunoy 82bdbbbd4f misp-usage-frequency updated 2017-07-03 12:13:38 +02:00
Alexandre Dulaunoy 5f0755859e misp-usage-frequency updated 2017-07-03 12:11:54 +02:00
Alexandre Dulaunoy a8b1a0a512 misp-usage-frequency updated 2017-07-03 12:09:46 +02:00
Alexandre Dulaunoy 0949bd47ca misp-usage-frequency updated 2017-07-03 12:08:42 +02:00
Alexandre Dulaunoy a04174c1c1 misp-usage-frequency updated 2017-07-03 12:06:11 +02:00
Alexandre Dulaunoy b18eed04ae misp-usage-frequency 2017-07-03 12:04:56 +02:00
Alexandre Dulaunoy aed89b835d misp-usage-frequency -> ui-priority 2017-07-03 12:03:18 +02:00
Alexandre Dulaunoy 45230db220 Fix #14 2017-07-03 11:59:25 +02:00
Andras Iklody ef05cd5f06 Changed DDOS port attributes to port type 2017-07-03 06:33:53 +02:00
Raphaël Vinot 9186771eb7 Update versions 2017-06-28 11:57:36 +02:00
Raphaël Vinot 16af934386 Enforce meta-category 2017-06-28 11:21:24 +02:00
Alexandre Dulaunoy c3186cbcb2 Now meta category for ail to misc 2017-06-28 11:11:44 +02:00
Alexandre Dulaunoy 3e19326efa jq of geolocation object 2017-03-22 07:32:07 +01:00
Alexandre Dulaunoy ff8e9c0a36 geolocation - an object to describe a geographic location. 2017-03-22 07:30:42 +01:00
Alexandre Dulaunoy d413434463 jq of ail-leak 2017-03-22 06:55:15 +01:00
Alexandre Dulaunoy e6fbcf9d53 information leak object as defined by the AIL Analysis Information Leak framework. 2017-03-22 06:54:11 +01:00
Raphaël Vinot d7a1f85100 Update attributes os r2graphity object 2017-03-21 16:46:41 +01:00
Raphaël Vinot 2f74b709d4 Updade r2graphity definition 2017-03-20 14:30:45 +01:00
Raphaël Vinot 29a66cd4d6 Add initial version of the r2graphity object 2017-03-17 18:42:10 +01:00
Raphaël Vinot c0d95f58b5 Remove duplicate entries in file object 2017-03-17 18:00:37 +01:00
Raphaël Vinot 2c5208aab2 Merge branch 'master' of github.com:MISP/misp-objects 2017-03-17 17:32:21 +01:00
Raphaël Vinot 2c2c11c9ca Add and enforce UUID in the object definitions 2017-03-17 17:31:09 +01:00
Alexandre Dulaunoy 6fb4acb9da jq all 2017-03-16 23:06:36 +01:00
Alexandre Dulaunoy 0da065163a Merge branch 'master' of github.com:MISP/misp-objects 2017-03-16 23:05:11 +01:00
Raphaël Vinot c0bd545347 Add malware-sample to file object 2017-03-16 18:18:51 +01:00
Sébastien Larinier 140fcbf251 correct travis 2017-03-15 11:30:54 +01:00
Sébastien Larinier 22f2bb8825 add impfuzzy 2017-03-15 11:19:08 +01:00
Alexandre Dulaunoy 37c1722d3e disable_correlation added 2017-03-15 07:42:14 +01:00
Raphaël Vinot 15488f0633 Update PE object 2017-03-14 15:57:05 +01:00
Sébastien Larinier 16f41b2b4a correct travis failed 2017-03-14 10:05:48 +01:00
Sébastien Larinier fb5ec25000 add type of sections 2017-03-13 18:04:21 +01:00
Sébastien Larinier 681d18f4eb add attributes 2017-03-13 17:58:56 +01:00
Sébastien Larinier 684d4d0631 delete attribute 2017-03-13 17:32:51 +01:00
Sébastien Larinier 3ec78c72e4 add elf,elf-section and number of sections in a pe, and move pehash in pe 2017-03-13 17:23:42 +01:00
Sébastien Larinier 47725c5742 correct bug on characteristics 2017-03-13 16:37:20 +01:00
Sébastien Larinier 6c1020b98a correct bug 2017-03-13 16:33:50 +01:00
Sébastien Larinier 2838d5aed4 correct bug 2017-03-13 16:08:27 +01:00
Sébastien Larinier 878d0a30ca add characteristics and ssdeep to pe-sections 2017-03-13 15:55:29 +01:00
Raphaël Vinot 16c7164816 Merge branch 'master' of github.com:MISP/misp-objects 2017-03-13 14:50:08 +01:00
Raphaël Vinot b90fd9ddc1 Update file/PE objects
* Add sane defaults
* Disable correlation when it doesn't make sense
2017-03-13 14:49:25 +01:00
Alexandre Dulaunoy 6185e68498 JQifized 2017-03-13 08:19:27 +01:00
Alexandre Dulaunoy 8685efd136 url object JQified 2017-03-13 07:45:38 +01:00
Alexandre Dulaunoy 1da88ddb99 url object describes an url along with its normalized field (e.g. using
faup parsing library) and its metadata.
2017-03-13 07:45:06 +01:00
Raphaël Vinot a755d50e92 Update file and pe, add pe-section 2017-03-12 23:06:39 +01:00
Raphaël Vinot e931bbbd1c Add PE object 2017-03-09 14:14:36 +01:00
Alexandre Dulaunoy 7e00825715 jq all the things 2017-03-05 16:51:02 +01:00
Alexandre Dulaunoy 18e84ca2c8 required_value for protocol added 2017-03-05 16:41:52 +01:00
Alexandre Dulaunoy 1ec1761307 First proposal of a DDoS object in MISP 2017-03-05 13:01:02 +01:00
Raphaël Vinot a68e678f50 JQ all the things 2017-02-13 11:18:42 +01:00
Alexandre Dulaunoy 284c4e4084 Merge pull request #1 from mike1703/master
email object added
2016-12-12 20:54:03 +01:00
Raphaël Vinot 72ca71a1cc Update definition.json 2016-12-12 20:10:31 +01:00
Michael Kerscher 30512f69af registry key object added 2016-12-07 16:39:31 +01:00
Michael Kerscher 1d97cbbd2d email object added 2016-12-07 16:06:52 +01:00
Alexandre Dulaunoy 497b7b7b7e First version of the vulnerability object (basic CVE support) 2016-05-27 22:36:18 +02:00
Raphaël Vinot a493cc59a3 Fix json files (file and whois) 2016-04-11 13:00:04 +02:00
Alexandre Dulaunoy 7bcc98177c x509 object added 2016-02-16 07:43:17 +01:00
Alexandre Dulaunoy f3afabc91b ip-port added.
An IP address and a port seen as a tuple (or as a triple) in a specific
time frame.
2016-02-16 07:25:54 +01:00
Alexandre Dulaunoy 7c30ab3977 Passive DNS object added 2016-02-13 18:19:27 +01:00
Alexandre Dulaunoy 2fe9742251 Typo fixed 2016-02-13 18:17:22 +01:00
Alexandre Dulaunoy 10431c3c42 optional text attributes added 2016-02-09 21:46:45 +01:00
Alexandre Dulaunoy 415adea9a7 pattern-in-file added 2016-02-09 21:23:48 +01:00
Alexandre Dulaunoy 8587b1a71b First version of the file object 2016-02-09 21:04:39 +01:00
Alexandre Dulaunoy fc5ecd7c69 Whois object added 2016-02-09 16:08:15 +01:00
Alexandre Dulaunoy 433d7c5669 misp-attribute is more logical 2016-02-08 17:52:30 +01:00
Alexandre Dulaunoy 88f20e3b24 Everything is meta... 2016-02-08 16:56:11 +01:00
Alexandre Dulaunoy 474c9d8b98 Adding a category field to classify the object (e.g. quick filter) 2016-02-08 16:55:24 +01:00
Alexandre Dulaunoy 095a75d282 Updated version based on feedback from Andras 2016-02-08 16:51:38 +01:00
Alexandre Dulaunoy f8f67f77c9 Proposal updated based on feedback from Andras 2016-02-08 15:26:49 +01:00
Alexandre Dulaunoy 39c570824a A first experimental description of a MISP combined object 2016-02-08 15:09:46 +01:00