Alexandre Dulaunoy
50fe0c2993
Updated following Andras feedback
2017-09-06 16:13:35 +02:00
Alexandre Dulaunoy
8814be9527
yabin updated following Andras feedback
2017-09-06 16:13:02 +02:00
Alexandre Dulaunoy
317fd559d6
first version of a yabin object
2017-09-06 16:04:37 +02:00
Alexandre Dulaunoy
60f6c15655
Typo fixed
2017-08-29 22:02:10 +02:00
Raphaël Vinot
0445ebd350
Add descriptions in all the objects
2017-08-29 18:36:46 +02:00
Raphaël Vinot
9a3974f383
Update definitions of binaries
2017-08-29 13:25:58 +02:00
Raphaël Vinot
d34dd5fb60
Allow multiple entries of type flag in the ELFSection object
2017-08-27 17:49:53 +02:00
Alexandre Dulaunoy
66e7397397
phone defintion fixed
2017-08-27 08:30:58 +02:00
Alexandre Dulaunoy
41f3792b49
first version of a mobile phone object
2017-08-27 08:16:58 +02:00
Raphaël Vinot
7c3aaa30c2
Update ELF definitions, add MachO.
2017-08-25 15:52:32 +02:00
Raphaël Vinot
49cd96aa2b
Add mimetype to file object template
2017-08-23 11:01:48 +02:00
Alexandre Dulaunoy
2fd589e151
version updated
2017-08-08 20:39:36 +02:00
truckydev
ea7bdb5bd7
add X509-fingerprint
...
https://github.com/MISP/MISP/pull/2357
2017-08-08 15:11:47 +02:00
Thomas Gardner
8558bef481
added http-request object
2017-08-03 16:11:33 -06:00
Alexandre Dulaunoy
10ca2819a1
Fix: tld type not existing in MISP
2017-08-03 18:27:34 +02:00
Alexandre Dulaunoy
113eb9e5a0
A cookie object has been added.
...
An HTTP cookie (web cookie, browser cookie) is a small piece of data
that a server sends to the user's web browser. The object includes
type which can help to describe the malicious use-case of the cookie.
2017-08-03 12:15:26 +02:00
Alexandre Dulaunoy
08e5ebe995
Typo fixed in key-size - Thanks to @StefanKelm
2017-08-03 12:00:00 +02:00
Raphaël Vinot
ca24684e2f
Update required entries for PE objects
2017-07-21 11:33:38 +02:00
Alexandre Dulaunoy
6e88746a67
Improved Tor node object to include support of the new Tor monitoring
2017-07-06 14:57:32 +02:00
Alexandre Dulaunoy
afaf0d0e19
add a comment field
2017-07-05 07:41:07 +02:00
Alexandre Dulaunoy
30976be591
Tor node object template which are part of the Tor network at a time.
2017-07-05 07:33:35 +02:00
Alexandre Dulaunoy
9a1c5511f4
ui-priority
2017-07-03 16:55:14 +02:00
Alexandre Dulaunoy
e8c74fbccc
ui-priority
2017-07-03 16:50:13 +02:00
Alexandre Dulaunoy
ea8885f317
ui-priority
2017-07-03 16:50:00 +02:00
Alexandre Dulaunoy
17e57b4a59
ui-priority
2017-07-03 16:49:43 +02:00
Alexandre Dulaunoy
cb4af3ffce
ui-priority
2017-07-03 16:45:54 +02:00
Alexandre Dulaunoy
d2568c922e
ui-priority
2017-07-03 16:45:41 +02:00
Alexandre Dulaunoy
611c0b8f55
ui-priority
2017-07-03 16:45:25 +02:00
Alexandre Dulaunoy
60ebdfc3e7
ui-priority
2017-07-03 16:44:39 +02:00
Alexandre Dulaunoy
a0a922ee61
ui-priority
2017-07-03 16:44:11 +02:00
Alexandre Dulaunoy
c59ed7394a
ui-priority
2017-07-03 16:43:57 +02:00
Alexandre Dulaunoy
eab13ff63c
ui-priority
2017-07-03 16:43:25 +02:00
Alexandre Dulaunoy
65ec7b18a7
ui-priority
2017-07-03 16:43:12 +02:00
Alexandre Dulaunoy
89858f8f72
ui-priority
2017-07-03 16:42:40 +02:00
Alexandre Dulaunoy
13c7d100d0
ui-priority
2017-07-03 16:42:26 +02:00
Alexandre Dulaunoy
5615f18767
ui-priority
2017-07-03 16:42:07 +02:00
Alexandre Dulaunoy
48b17a11ed
ui-priority
2017-07-03 16:41:53 +02:00
Alexandre Dulaunoy
c0a78b1b25
ui-priority
2017-07-03 16:41:16 +02:00
Alexandre Dulaunoy
7e2214f9e9
ui-priority
2017-07-03 16:40:42 +02:00
Alexandre Dulaunoy
e9859c4746
ui-frequency updated
2017-07-03 12:27:16 +02:00
Alexandre Dulaunoy
4915d6688d
ui-frequency is the one!
2017-07-03 12:26:40 +02:00
Alexandre Dulaunoy
17d4fab43e
ui-priority is now the King!
2017-07-03 12:25:06 +02:00
Alexandre Dulaunoy
fb18a4ec29
ui-priority is now the new frequency
2017-07-03 12:24:21 +02:00
Alexandre Dulaunoy
ce9f50013c
misp-usage-frequency updated
2017-07-03 12:19:04 +02:00
Alexandre Dulaunoy
1f0d512b7d
misp-usage-frequency updated
2017-07-03 12:18:47 +02:00
Alexandre Dulaunoy
86f8ad974a
misp-usage-frequency updated
2017-07-03 12:18:25 +02:00
Alexandre Dulaunoy
405a5451cc
misp-usage-frequency updated
2017-07-03 12:17:46 +02:00
Alexandre Dulaunoy
dc2b6524c1
misp-usage-frequency updated
2017-07-03 12:15:50 +02:00
Alexandre Dulaunoy
edcf0d1a90
misp-usage-frequency updated
2017-07-03 12:14:48 +02:00
Alexandre Dulaunoy
eff1b8ba39
misp-usage-frequency updated
2017-07-03 12:14:13 +02:00
Alexandre Dulaunoy
82bdbbbd4f
misp-usage-frequency updated
2017-07-03 12:13:38 +02:00
Alexandre Dulaunoy
5f0755859e
misp-usage-frequency updated
2017-07-03 12:11:54 +02:00
Alexandre Dulaunoy
a8b1a0a512
misp-usage-frequency updated
2017-07-03 12:09:46 +02:00
Alexandre Dulaunoy
0949bd47ca
misp-usage-frequency updated
2017-07-03 12:08:42 +02:00
Alexandre Dulaunoy
a04174c1c1
misp-usage-frequency updated
2017-07-03 12:06:11 +02:00
Alexandre Dulaunoy
b18eed04ae
misp-usage-frequency
2017-07-03 12:04:56 +02:00
Alexandre Dulaunoy
aed89b835d
misp-usage-frequency -> ui-priority
2017-07-03 12:03:18 +02:00
Alexandre Dulaunoy
45230db220
Fix #14
2017-07-03 11:59:25 +02:00
Andras Iklody
ef05cd5f06
Changed DDOS port attributes to port type
2017-07-03 06:33:53 +02:00
Raphaël Vinot
9186771eb7
Update versions
2017-06-28 11:57:36 +02:00
Raphaël Vinot
16af934386
Enforce meta-category
2017-06-28 11:21:24 +02:00
Alexandre Dulaunoy
c3186cbcb2
Now meta category for ail to misc
2017-06-28 11:11:44 +02:00
Alexandre Dulaunoy
3e19326efa
jq of geolocation object
2017-03-22 07:32:07 +01:00
Alexandre Dulaunoy
ff8e9c0a36
geolocation - an object to describe a geographic location.
2017-03-22 07:30:42 +01:00
Alexandre Dulaunoy
d413434463
jq of ail-leak
2017-03-22 06:55:15 +01:00
Alexandre Dulaunoy
e6fbcf9d53
information leak object as defined by the AIL Analysis Information Leak framework.
2017-03-22 06:54:11 +01:00
Raphaël Vinot
d7a1f85100
Update attributes os r2graphity object
2017-03-21 16:46:41 +01:00
Raphaël Vinot
2f74b709d4
Updade r2graphity definition
2017-03-20 14:30:45 +01:00
Raphaël Vinot
29a66cd4d6
Add initial version of the r2graphity object
2017-03-17 18:42:10 +01:00
Raphaël Vinot
c0d95f58b5
Remove duplicate entries in file object
2017-03-17 18:00:37 +01:00
Raphaël Vinot
2c5208aab2
Merge branch 'master' of github.com:MISP/misp-objects
2017-03-17 17:32:21 +01:00
Raphaël Vinot
2c2c11c9ca
Add and enforce UUID in the object definitions
2017-03-17 17:31:09 +01:00
Alexandre Dulaunoy
6fb4acb9da
jq all
2017-03-16 23:06:36 +01:00
Alexandre Dulaunoy
0da065163a
Merge branch 'master' of github.com:MISP/misp-objects
2017-03-16 23:05:11 +01:00
Raphaël Vinot
c0bd545347
Add malware-sample to file object
2017-03-16 18:18:51 +01:00
Sébastien Larinier
140fcbf251
correct travis
2017-03-15 11:30:54 +01:00
Sébastien Larinier
22f2bb8825
add impfuzzy
2017-03-15 11:19:08 +01:00
Alexandre Dulaunoy
37c1722d3e
disable_correlation added
2017-03-15 07:42:14 +01:00
Raphaël Vinot
15488f0633
Update PE object
2017-03-14 15:57:05 +01:00
Sébastien Larinier
16f41b2b4a
correct travis failed
2017-03-14 10:05:48 +01:00
Sébastien Larinier
fb5ec25000
add type of sections
2017-03-13 18:04:21 +01:00
Sébastien Larinier
681d18f4eb
add attributes
2017-03-13 17:58:56 +01:00
Sébastien Larinier
684d4d0631
delete attribute
2017-03-13 17:32:51 +01:00
Sébastien Larinier
3ec78c72e4
add elf,elf-section and number of sections in a pe, and move pehash in pe
2017-03-13 17:23:42 +01:00
Sébastien Larinier
47725c5742
correct bug on characteristics
2017-03-13 16:37:20 +01:00
Sébastien Larinier
6c1020b98a
correct bug
2017-03-13 16:33:50 +01:00
Sébastien Larinier
2838d5aed4
correct bug
2017-03-13 16:08:27 +01:00
Sébastien Larinier
878d0a30ca
add characteristics and ssdeep to pe-sections
2017-03-13 15:55:29 +01:00
Raphaël Vinot
16c7164816
Merge branch 'master' of github.com:MISP/misp-objects
2017-03-13 14:50:08 +01:00
Raphaël Vinot
b90fd9ddc1
Update file/PE objects
...
* Add sane defaults
* Disable correlation when it doesn't make sense
2017-03-13 14:49:25 +01:00
Alexandre Dulaunoy
6185e68498
JQifized
2017-03-13 08:19:27 +01:00
Alexandre Dulaunoy
8685efd136
url object JQified
2017-03-13 07:45:38 +01:00
Alexandre Dulaunoy
1da88ddb99
url object describes an url along with its normalized field (e.g. using
...
faup parsing library) and its metadata.
2017-03-13 07:45:06 +01:00
Raphaël Vinot
a755d50e92
Update file and pe, add pe-section
2017-03-12 23:06:39 +01:00
Raphaël Vinot
e931bbbd1c
Add PE object
2017-03-09 14:14:36 +01:00
Alexandre Dulaunoy
7e00825715
jq all the things
2017-03-05 16:51:02 +01:00
Alexandre Dulaunoy
18e84ca2c8
required_value for protocol added
2017-03-05 16:41:52 +01:00
Alexandre Dulaunoy
1ec1761307
First proposal of a DDoS object in MISP
2017-03-05 13:01:02 +01:00
Raphaël Vinot
a68e678f50
JQ all the things
2017-02-13 11:18:42 +01:00
Alexandre Dulaunoy
284c4e4084
Merge pull request #1 from mike1703/master
...
email object added
2016-12-12 20:54:03 +01:00
Raphaël Vinot
72ca71a1cc
Update definition.json
2016-12-12 20:10:31 +01:00
Michael Kerscher
30512f69af
registry key object added
2016-12-07 16:39:31 +01:00
Michael Kerscher
1d97cbbd2d
email object added
2016-12-07 16:06:52 +01:00
Alexandre Dulaunoy
497b7b7b7e
First version of the vulnerability object (basic CVE support)
2016-05-27 22:36:18 +02:00
Raphaël Vinot
a493cc59a3
Fix json files (file and whois)
2016-04-11 13:00:04 +02:00
Alexandre Dulaunoy
7bcc98177c
x509 object added
2016-02-16 07:43:17 +01:00
Alexandre Dulaunoy
f3afabc91b
ip-port added.
...
An IP address and a port seen as a tuple (or as a triple) in a specific
time frame.
2016-02-16 07:25:54 +01:00
Alexandre Dulaunoy
7c30ab3977
Passive DNS object added
2016-02-13 18:19:27 +01:00
Alexandre Dulaunoy
2fe9742251
Typo fixed
2016-02-13 18:17:22 +01:00
Alexandre Dulaunoy
10431c3c42
optional text attributes added
2016-02-09 21:46:45 +01:00
Alexandre Dulaunoy
415adea9a7
pattern-in-file added
2016-02-09 21:23:48 +01:00
Alexandre Dulaunoy
8587b1a71b
First version of the file object
2016-02-09 21:04:39 +01:00
Alexandre Dulaunoy
fc5ecd7c69
Whois object added
2016-02-09 16:08:15 +01:00
Alexandre Dulaunoy
433d7c5669
misp-attribute is more logical
2016-02-08 17:52:30 +01:00
Alexandre Dulaunoy
88f20e3b24
Everything is meta...
2016-02-08 16:56:11 +01:00
Alexandre Dulaunoy
474c9d8b98
Adding a category field to classify the object (e.g. quick filter)
2016-02-08 16:55:24 +01:00
Alexandre Dulaunoy
095a75d282
Updated version based on feedback from Andras
2016-02-08 16:51:38 +01:00
Alexandre Dulaunoy
f8f67f77c9
Proposal updated based on feedback from Andras
2016-02-08 15:26:49 +01:00
Alexandre Dulaunoy
39c570824a
A first experimental description of a MISP combined object
2016-02-08 15:09:46 +01:00