..
ail-leak
raw data is now an attachment
2017-11-22 20:52:26 +01:00
android-permission
fix: update android permissions based on Google latest list
2017-11-28 15:59:01 +01:00
annotation
fix: annotation object
2018-01-08 11:47:19 +01:00
asn
disable correlation for last-seen/first-seen/text
2017-12-05 11:05:56 +01:00
av-signature
disabled AV software correlation and re-ran jq-all-the-things
2017-10-24 10:23:46 -04:00
bank-account
add: an object describing bank account information based on account description from goAML 4.0.
2018-01-29 07:42:30 +01:00
coin-address
added coin-address object(2)
2017-12-04 15:43:49 +01:00
cookie
Add descriptions in all the objects
2017-08-29 18:36:46 +02:00
credential
fix: origin of credential as sane_default
2017-11-02 21:37:53 +01:00
credit-card
Fixing typo in the credit-card object
2017-09-21 15:35:05 +02:00
ddos
disable correlation for last-seen/first-seen/text
2017-12-05 11:05:56 +01:00
diameter-attack
add: Diameter attack object targeting GSM, UMTS and 4G networks.
2018-01-05 14:34:20 +01:00
domain-ip
disable correlation for last-seen/first-seen/text
2017-12-05 11:05:56 +01:00
elf
fix: disable correlation on fields where is not needed
2017-12-30 19:39:55 +01:00
elf-section
Disable some correlations
2017-09-11 16:08:03 +02:00
email
Added file attribute screenshot to email object
2017-11-09 16:07:54 +01:00
file
fix: Disable correlation on filename by default
2017-12-24 15:02:47 +01:00
geolocation
ui-priority
2017-07-03 16:43:12 +02:00
gtp-attack
fix: GTPInterface updated
2018-01-05 14:26:28 +01:00
http-request
added http-request object
2017-08-03 16:11:33 -06:00
ip-port
disable correlation for last-seen/first-seen/text
2017-12-05 11:05:56 +01:00
ja3
disable correlation for last-seen/first-seen/text
2017-12-05 11:05:56 +01:00
macho
Typo fixed
2017-08-29 22:02:10 +02:00
macho-section
Update definitions of binaries
2017-08-29 13:25:58 +02:00
microblog
fix: disable correlation on microblog type (Twitter or alike)
2017-12-30 19:26:48 +01:00
mutex
add: Object to describe mutual exclusion locks (mutex) as seen in memory or computer program
2018-01-22 13:34:33 +01:00
netflow
Fix typo in the field
2017-10-13 15:08:25 +02:00
passive-dns
fix: Passive DNS records especially on the disabled_correlation fields
2018-01-25 15:07:19 +01:00
paste
New attributes: title
2017-10-04 13:24:29 +02:00
pe
fix: disable correlation on all filename-*
2017-12-24 15:05:12 +01:00
pe-section
Update definitions of binaries
2017-08-29 13:25:58 +02:00
person
fix: person object updated to match AML client record + various fixes
2018-01-22 14:16:46 +01:00
phone
phone defintion fixed
2017-08-27 08:30:58 +02:00
r2graphity
fix: requiredOneOf list of r2graphity was wrong
2017-11-10 13:28:05 -08:00
regexp
jq all the things!
2017-12-12 21:57:45 +01:00
registry-key
fix: registry-key updated
2018-01-18 13:49:03 +01:00
report
Add report object
2017-10-24 13:04:41 -04:00
rtir
add: RTIR object added (as requested by CSP - Cyber Security Core Service Platform)
2017-10-12 22:08:09 +02:00
sandbox-report
added sandbox-report object
2018-01-08 17:28:21 +01:00
sb-signature
fix: Make the schema happy.
2018-01-23 10:46:15 +01:00
ss7-attack
Update definition.json
2018-01-11 11:52:11 +01:00
stix2-pattern
add: new stix2-pattern object to include STIX 2 patterning
2017-12-21 16:16:33 +01:00
tor-node
Improved Tor node object to include support of the new Tor monitoring
2017-07-06 14:57:32 +02:00
url
disable correlation for last-seen/first-seen/text
2017-12-05 11:05:56 +01:00
victim
Never trust standards using Google docs to store list of machine parsable information.
2017-12-04 15:28:29 +01:00
virustotal-report
disabled AV software correlation and re-ran jq-all-the-things
2017-10-24 10:23:46 -04:00
vulnerability
fix: add missing attribute type for the state
2018-01-08 08:15:43 +01:00
whois
whois - adds nameserver attributes
2017-12-20 15:22:45 +01:00
x509
Fix: x509 object now uses the new and proper fp type
2017-12-13 17:39:59 +01:00
yabin
Updated following Andras feedback
2017-09-06 16:13:35 +02:00