misp-objects/objects
VVX7 a7e9fd9697 chg: [object] disable correlation on some fields. add external references. 2020-03-28 19:23:28 -04:00
..
TSK-Chats fix: jq all the things(tm) 2018-10-25 17:31:36 +02:00
TSK-Web-Bookmark fix: jq all the things(tm) 2018-10-25 17:31:36 +02:00
TSK-Web-Cookie fix: jq all the things(tm) 2018-10-25 17:31:36 +02:00
TSK-Web-Downloads chg: [tsk-web-downloads] including link versus url (we assume it's malicious link by default) 2018-10-25 17:45:58 +02:00
TSK-Web-History fix: jq all the things(tm) 2018-10-25 17:31:36 +02:00
TSK-Web-Search-Query fix: jq all the things(tm) 2018-10-25 17:31:36 +02:00
ail-leak
ais-info
android-permission
annotation chg: [annotation] 'full report' type added 2019-12-26 18:29:57 +01:00
anonymisation chg: [anonymisation] add level-of-knowledge to request for more information if needed 2019-02-01 10:19:25 +01:00
asn
attack-pattern add: External references attribute for attack-pattern object 2020-03-17 10:03:33 +01:00
authenticode-signerinfo chg: [authenticode-signerinfo] first version 2019-05-06 07:10:33 +02:00
av-signature
bank-account fix: added iban as an alternative to bank account for the requirements 2020-02-04 11:46:24 +01:00
bgp-hijack
blog fix: attachment object relation does not exists. 2020-02-06 10:57:44 +01:00
btc-transaction disable correlation on the text field 2019-07-11 16:01:06 +02:00
btc-wallet bumped version 2019-07-11 15:18:55 +02:00
cap-alert
cap-info
cap-resource
coin-address fix: duplicate in coin-address 2019-10-01 13:21:28 -07:00
command Better wording 2019-09-11 21:59:37 +02:00
command-line Better wording 2019-09-11 22:02:48 +02:00
cookie Adding some parts from HAR format description (http://www.softwareishard.com/blog/har-12-spec/) (More to come) 2020-02-10 14:59:35 +01:00
cortex chg: [cortex] description updated as TheHive/Cortex observables will be attributes with 2018-11-18 10:29:42 +01:00
cortex-taxonomy chg: [cortex-taxonomy] aka mini-report 2018-11-18 10:11:25 +01:00
course-of-action added option "Further Analysis Required" to attribute stage 2019-04-15 17:41:39 +05:30
covid19-csse-daily-report chg: Bump CSSE COVID-19 Daily report to new version 2020-03-24 13:24:31 +01:00
covid19-dxy-live-city new: Add covid19 dxy live object 2020-03-02 00:12:24 +01:00
covid19-dxy-live-province new: Add covid19 dxy live object 2020-03-02 00:12:24 +01:00
cowrie chg: [cowrie] to add HASSH of the client SSH session following Salesforce algorithm 2019-10-05 10:05:26 +02:00
credential chg: [credential] adding disable correlation when required 2019-09-11 10:27:27 +02:00
credit-card Adding IIN and bank_name 2019-06-18 21:45:42 +02:00
crypto-material new: [crypto-material] add generic-symmetric-key 2020-02-27 15:41:45 +01:00
cytomic_orion JQ-all-the-things 2020-03-09 23:29:29 +01:00
cytomic_orion_machine Update object definition with first-|last- seen 2020-03-09 23:26:25 +01:00
dark-pattern chg: [dark-pattern] typos 2019-12-04 16:17:45 +01:00
ddos
device chg: [device] name of an object must be lowercase 2019-04-21 15:57:07 +02:00
diameter-attack
dns-record
domain-crawled chg: [domain-crawled] domain shouldn't be a multiple 2020-02-17 10:00:21 +01:00
domain-ip chg: [domain-ip] port added (required by AIL crawling) 2020-01-24 15:46:06 +01:00
elf chg: [elf] disable correlation on file type 2019-02-20 10:43:38 +01:00
elf-section
email update version 2020-02-13 12:30:08 +01:00
employee
exploit-poc
facial-composite add: [facial-composite] new facial composite object 2018-12-21 20:41:45 +01:00
fail2ban
file chg: [file] imphash removed as it should be at PE level 2020-02-17 14:29:30 +01:00
forensic-case
forensic-evidence
forged-document chg: [object fields] add forged-document types, add microblog state 2020-01-30 21:31:06 -05:00
geolocation change definition.json for vehicle and geolocation 2020-01-24 10:30:22 +01:00
gtp-attack
http-request chg: [http-request] fixed 2020-03-09 16:25:57 +01:00
ilr-impact remove accent from ilrobjects 2019-02-26 15:57:58 +01:00
ilr-notification-incident remove accent from ilr objects - bis 2019-02-26 16:00:23 +01:00
impersonation chg: [new object templates] various updates 2019-09-11 09:11:28 +02:00
imsi-catcher new: [imsi-catcher] object based on the output format of IMSI-catcher open source tools 2019-07-02 10:19:54 +02:00
instant-message fix: Typo in requiredOneOf 2020-02-26 14:52:06 +01:00
instant-message-group new: [objects] add instant-message object. add instant-message-group object. 2020-02-09 11:39:36 -05:00
intelmq_event Update definition.json 2020-03-06 14:08:20 +01:00
intelmq_report fix: Type asn -> AS 2019-11-25 16:23:42 +01:00
internal-reference fix: JQ things 2018-10-25 17:45:47 -04:00
interpol-notice fix required field for interpol notice 2019-01-28 15:40:07 +01:00
iot-device chg: [iot-device] reference added 2020-02-17 23:12:09 +01:00
iot-firmware add: [iot-firmware] new object template to describe IoT firmware 2020-02-17 15:07:49 +01:00
ip-api-address chg: [ip-api-adress] updated to ensure correlation disabled 2018-10-28 15:07:35 +01:00
ip-port add: [ip-port] Added ip-dst as one of the required attributes 2019-07-05 16:11:31 +02:00
irc chg: [irc] add nickname used for associated IRC server and channel(s) 2019-04-27 10:32:10 +02:00
ja3 Updated JA3 to have own data type ja3-fingerprint-md5 and bumped the version 2018-12-30 12:31:17 +01:00
leaked-document chg: [misinfosec objects] add archive (Internet Archive, Archive.is, etc) fields, change blog post title description 2020-01-30 14:08:19 -05:00
legal-entity
lnk chg: [lnk] new LNK object (Windows Shortcut) 2019-04-03 14:05:39 +02:00
macho
macho-section
mactime-timeline-analysis update the definition files of various object types so that the `required` and `requiredOneOf` lists no longer specify attributes that do not exist in the objects. 2019-04-30 12:32:22 -05:00
malware-config
meme-image chg: [object fields] allow additional requiredOneOf fields in blog, microblog, meme-image objects. add attachment field to blog object. add username to news-media. 2020-02-02 20:08:44 -05:00
microblog chg: [microblog] add Twitter-id reference 2020-03-04 14:08:10 +01:00
mutex
narrative chg: [object] disable correlation on some fields. add external references. 2020-03-28 19:23:28 -04:00
netflow chg: [netflow] attribute community-id added in netflow object template 2019-07-13 10:02:15 +02:00
network-connection chg: [network-connection] community-id added 2019-07-13 10:22:18 +02:00
network-socket chg: [network-socket] add filename to object template 2020-03-04 14:25:26 +01:00
news-agency chg: [object fields] allow additional requiredOneOf fields in blog, microblog, meme-image objects. add attachment field to blog object. add username to news-media. 2020-02-02 20:08:44 -05:00
news-media chg: [object fields] allow additional requiredOneOf fields in blog, microblog, meme-image objects. add attachment field to blog object. add username to news-media. 2020-02-02 20:08:44 -05:00
organization chg: [organization] typo fixed + description added 2020-02-05 15:06:37 +01:00
original-imported-file update the definition files of various object types so that the `required` and `requiredOneOf` lists no longer specify attributes that do not exist in the objects. 2019-04-30 12:32:22 -05:00
passive-dns
paste Update version of paste object 2019-09-23 09:54:41 +02:00
pcap-metadata chg: [pcap-metadata] linktype added in the sane default 2018-10-24 07:35:31 +02:00
pe chg: [pe] imphash and impfuzzy can be as key attribute 2020-02-17 14:27:05 +01:00
pe-section new: Add offset, virtual_address and virtual_size to the pe section object 2019-05-03 11:19:42 +02:00
person chg: [person] Gender unknown added 2019-05-16 15:08:43 +02:00
pgp-meta fix: [new object pgp-meta] remove first seen/last seen + fix description 2020-02-03 16:45:28 +01:00
phishing corrected order 2019-02-25 09:29:15 +01:00
phishing-kit update the definition files of various object types so that the `required` and `requiredOneOf` lists no longer specify attributes that do not exist in the objects. 2019-04-30 12:32:22 -05:00
phone chg: [phone] add brand and model 2020-02-05 15:04:10 +01:00
process fix: [process] change undefined attributes 2019-08-06 10:39:43 +02:00
python-etvx-event-log update the definition files of various object types so that the `required` and `requiredOneOf` lists no longer specify attributes that do not exist in the objects. 2019-04-30 12:32:22 -05:00
r2graphity
regexp
registry-key
regripper-NTUser fix: jq all the things(tm) 2018-10-25 17:31:36 +02:00
regripper-sam-hive-single-user chg: [regripper-sam-hive-single-user] uuid fixed 2018-10-25 17:49:20 +02:00
regripper-sam-hive-user-group fix: jq all the things(tm) 2018-10-25 17:31:36 +02:00
regripper-software-hive-BHO fix: jq all the things(tm) 2018-10-25 17:31:36 +02:00
regripper-software-hive-appInit-DLLS fix: jq all the things(tm) 2018-10-25 17:31:36 +02:00
regripper-software-hive-application-paths fix: jq all the things(tm) 2018-10-25 17:31:36 +02:00
regripper-software-hive-applications-installed fix: jq all the things(tm) 2018-10-25 17:31:36 +02:00
regripper-software-hive-command-shell fix: jq all the things(tm) 2018-10-25 17:31:36 +02:00
regripper-software-hive-general-windows-info fix: various typos 2018-10-25 17:38:26 +02:00
regripper-software-hive-software-run fix: jq all the things(tm) 2018-10-25 17:31:36 +02:00
regripper-software-hive-userprofile-winlogon fix: jq all the things(tm) 2018-10-25 17:31:36 +02:00
regripper-system-hive-firewall-configuration typo fixed 2018-10-25 17:42:57 +02:00
regripper-system-hive-general-configuration chg: [regripper] version updated 2019-05-01 21:32:14 +02:00
regripper-system-hive-network-information fix: jq all the things(tm) 2018-10-25 17:31:36 +02:00
regripper-system-hive-service-drivers chg: [regripper] version updated 2019-05-01 21:32:14 +02:00
report fixed typos and ran jq_all_things 2019-04-13 13:45:05 +05:30
research-scanner New object: Information related to known scanning activity (e.g. from research projects) 2019-01-02 16:19:08 +01:00
rogue-dns chg: [rogue-dns] new object template expressing rogue dns 2019-06-18 17:39:47 +02:00
rtir chg: [rtir] disable correlation on incident state 2020-02-06 11:55:27 +01:00
sandbox-report fix failing check via running .jq_all_the_things.sh 2018-10-24 14:14:32 +02:00
sb-signature Change undefined category to "External analysis" 2019-08-02 14:37:08 +02:00
scrippsco2-c13-daily chg: Rename category environment -> climate 2019-07-24 09:31:15 +02:00
scrippsco2-c13-monthly chg: Rename category environment -> climate 2019-07-24 09:31:15 +02:00
scrippsco2-co2-daily chg: Rename category environment -> climate 2019-07-24 09:31:15 +02:00
scrippsco2-co2-monthly chg: Rename category environment -> climate 2019-07-24 09:31:15 +02:00
scrippsco2-o18-daily chg: Rename category environment -> climate 2019-07-24 09:31:15 +02:00
scrippsco2-o18-monthly chg: Rename category environment -> climate 2019-07-24 09:31:15 +02:00
script fix: Wrong name in requiredOneOf 2020-01-28 10:47:18 +01:00
shell-commands switch requiredOneOf list to required since it contains only one element 2019-11-08 15:35:14 +01:00
shodan-report
short-message-service chg: [sms] the SMS center is a phone number 2020-02-06 12:06:26 +01:00
shortened-link
splunk jq'ed definition.json 2019-02-21 19:36:07 +01:00
ss7-attack
ssh-authorized-keys add: [ssh-authorized-keys] object to add elements from SSH authorized 2019-05-19 17:47:51 +02:00
stix2-pattern
suricata
target-system
threatgrid-report
timecode
timesketch-timeline fix: [timesketch] fix incorrect attribute type 2019-08-08 12:11:13 +02:00
timesketch_message new misp object for a timesketch message 2018-11-23 15:40:57 +01:00
timestamp
tor-hiddenservice add: [tor-hiddenservice] a simple object template to describe Tor Onion Service 2019-04-05 11:22:22 +02:00
tor-node
tracking-id
transaction
translation chg: [translation] double entry fixed in requiredOneOf 2019-09-20 09:05:49 +02:00
trustar_report new: TruStar report object 2020-01-24 12:58:28 +01:00
url chg: Update crypto-material and url 2019-11-18 18:03:01 +01:00
user-account chg: [object field] add profile picture to user-account 2020-01-31 18:27:42 -05:00
vehicle chg: [vehicule] image + type of vehicle added 2020-02-05 15:15:23 +01:00
victim chg: [victim] add reference to case (as requested by law-enforcement - ENFORCE project) 2020-03-09 16:32:18 +01:00
virustotal-graph new: [virustotal-graph] VirusTotal graph object added 2019-12-03 07:39:28 +01:00
virustotal-report fix: [virustotal] corrected typo in category 2019-08-08 14:01:09 +02:00
vulnerability fix: Typo in requiredOneOf 2020-02-26 14:49:59 +01:00
weakness fix: JQed all the things 2019-08-01 15:50:29 +02:00
whois
x509 chg: [x509, crypto-material] several changes: 2019-10-31 10:09:40 +01:00
yabin
yara chg: [yara] add a yara-rule-name field which can be optional or the only field 2019-07-11 22:59:05 +02:00