misp-objects/objects
Alexandre Dulaunoy f91929738b
add: an object describing bank account information based on account description from goAML 4.0.
A generic bank account partially based on the goAML 4.0 standard.
The bank account alone can convey information regarding the type
of transactions seen or suspected which allow to use the object alone
without the need to describe the full list of transactions.

Additional objects could be created like report, transactions and like
to fully support AML.

The existing person in MISP objects was previously updated to include
the field missing from AML.

A potential evolution is based on the transaction status which can
be described as a simple relationship between MISP objects like:

Bought, Sold, Let, Hired, Exchanged, Donated, Destroyed and Other
2018-01-29 07:42:30 +01:00
..
ail-leak raw data is now an attachment 2017-11-22 20:52:26 +01:00
android-permission fix: update android permissions based on Google latest list 2017-11-28 15:59:01 +01:00
annotation fix: annotation object 2018-01-08 11:47:19 +01:00
asn disable correlation for last-seen/first-seen/text 2017-12-05 11:05:56 +01:00
av-signature disabled AV software correlation and re-ran jq-all-the-things 2017-10-24 10:23:46 -04:00
bank-account add: an object describing bank account information based on account description from goAML 4.0. 2018-01-29 07:42:30 +01:00
coin-address added coin-address object(2) 2017-12-04 15:43:49 +01:00
cookie Add descriptions in all the objects 2017-08-29 18:36:46 +02:00
credential fix: origin of credential as sane_default 2017-11-02 21:37:53 +01:00
credit-card Fixing typo in the credit-card object 2017-09-21 15:35:05 +02:00
ddos disable correlation for last-seen/first-seen/text 2017-12-05 11:05:56 +01:00
diameter-attack add: Diameter attack object targeting GSM, UMTS and 4G networks. 2018-01-05 14:34:20 +01:00
domain-ip disable correlation for last-seen/first-seen/text 2017-12-05 11:05:56 +01:00
elf fix: disable correlation on fields where is not needed 2017-12-30 19:39:55 +01:00
elf-section Disable some correlations 2017-09-11 16:08:03 +02:00
email Added file attribute screenshot to email object 2017-11-09 16:07:54 +01:00
file fix: Disable correlation on filename by default 2017-12-24 15:02:47 +01:00
geolocation ui-priority 2017-07-03 16:43:12 +02:00
gtp-attack fix: GTPInterface updated 2018-01-05 14:26:28 +01:00
http-request added http-request object 2017-08-03 16:11:33 -06:00
ip-port disable correlation for last-seen/first-seen/text 2017-12-05 11:05:56 +01:00
ja3 disable correlation for last-seen/first-seen/text 2017-12-05 11:05:56 +01:00
macho Typo fixed 2017-08-29 22:02:10 +02:00
macho-section Update definitions of binaries 2017-08-29 13:25:58 +02:00
microblog fix: disable correlation on microblog type (Twitter or alike) 2017-12-30 19:26:48 +01:00
mutex add: Object to describe mutual exclusion locks (mutex) as seen in memory or computer program 2018-01-22 13:34:33 +01:00
netflow Fix typo in the field 2017-10-13 15:08:25 +02:00
passive-dns fix: Passive DNS records especially on the disabled_correlation fields 2018-01-25 15:07:19 +01:00
paste New attributes: title 2017-10-04 13:24:29 +02:00
pe fix: disable correlation on all filename-* 2017-12-24 15:05:12 +01:00
pe-section Update definitions of binaries 2017-08-29 13:25:58 +02:00
person fix: person object updated to match AML client record + various fixes 2018-01-22 14:16:46 +01:00
phone phone defintion fixed 2017-08-27 08:30:58 +02:00
r2graphity fix: requiredOneOf list of r2graphity was wrong 2017-11-10 13:28:05 -08:00
regexp jq all the things! 2017-12-12 21:57:45 +01:00
registry-key fix: registry-key updated 2018-01-18 13:49:03 +01:00
report Add report object 2017-10-24 13:04:41 -04:00
rtir add: RTIR object added (as requested by CSP - Cyber Security Core Service Platform) 2017-10-12 22:08:09 +02:00
sandbox-report added sandbox-report object 2018-01-08 17:28:21 +01:00
sb-signature fix: Make the schema happy. 2018-01-23 10:46:15 +01:00
ss7-attack Update definition.json 2018-01-11 11:52:11 +01:00
stix2-pattern add: new stix2-pattern object to include STIX 2 patterning 2017-12-21 16:16:33 +01:00
tor-node Improved Tor node object to include support of the new Tor monitoring 2017-07-06 14:57:32 +02:00
url disable correlation for last-seen/first-seen/text 2017-12-05 11:05:56 +01:00
victim Never trust standards using Google docs to store list of machine parsable information. 2017-12-04 15:28:29 +01:00
virustotal-report disabled AV software correlation and re-ran jq-all-the-things 2017-10-24 10:23:46 -04:00
vulnerability fix: add missing attribute type for the state 2018-01-08 08:15:43 +01:00
whois whois - adds nameserver attributes 2017-12-20 15:22:45 +01:00
x509 Fix: x509 object now uses the new and proper fp type 2017-12-13 17:39:59 +01:00
yabin Updated following Andras feedback 2017-09-06 16:13:35 +02:00