.. |
ail-leak
|
raw data is now an attachment
|
2017-11-22 20:52:26 +01:00 |
android-permission
|
fix: update android permissions based on Google latest list
|
2017-11-28 15:59:01 +01:00 |
annotation
|
fix: annotation object
|
2018-01-08 11:47:19 +01:00 |
asn
|
disable correlation for last-seen/first-seen/text
|
2017-12-05 11:05:56 +01:00 |
av-signature
|
disabled AV software correlation and re-ran jq-all-the-things
|
2017-10-24 10:23:46 -04:00 |
bank-account
|
fix: jq all the things
|
2018-02-23 08:25:35 +01:00 |
cap-alert
|
fix: trailing dot removed
|
2018-02-07 14:54:15 +01:00 |
cap-info
|
add: Common Alerting Protocol Version (CAP) info object
|
2018-02-08 07:45:41 +01:00 |
cap-resource
|
add: Common Alerting Protocol Version (CAP) resource object
|
2018-02-08 11:53:05 +01:00 |
coin-address
|
added coin-address object(2)
|
2017-12-04 15:43:49 +01:00 |
cookie
|
Add descriptions in all the objects
|
2017-08-29 18:36:46 +02:00 |
course-of-action
|
Course of Action object
|
2018-04-11 16:48:05 +02:00 |
cowrie
|
fix: disable correlation for compression algorithms
|
2018-03-01 21:09:04 +01:00 |
credential
|
fix: origin of credential as sane_default
|
2017-11-02 21:37:53 +01:00 |
credit-card
|
Fixing typo in the credit-card object
|
2017-09-21 15:35:05 +02:00 |
ddos
|
disable correlation for last-seen/first-seen/text
|
2017-12-05 11:05:56 +01:00 |
diameter-attack
|
add: Diameter attack object targeting GSM, UMTS and 4G networks.
|
2018-01-05 14:34:20 +01:00 |
domain-ip
|
disable correlation for last-seen/first-seen/text
|
2017-12-05 11:05:56 +01:00 |
elf
|
fix: disable correlation on fields where is not needed
|
2017-12-30 19:39:55 +01:00 |
elf-section
|
Disable some correlations
|
2017-09-11 16:08:03 +02:00 |
email
|
chg: Update email template
|
2018-05-03 20:49:48 +02:00 |
fail2ban
|
new: Attach logfile to fail2ban
|
2018-03-27 10:25:54 +02:00 |
file
|
fix: file path added in file object
|
2018-04-09 15:56:39 +02:00 |
geolocation
|
chg: Added address and zip code attributes
|
2018-02-05 14:19:58 +01:00 |
gtp-attack
|
fix: GTPInterface updated
|
2018-01-05 14:26:28 +01:00 |
http-request
|
Changed http request object template
|
2018-02-09 09:43:39 +01:00 |
ip-port
|
fix: add hostname to ip-port template and make attributes multiple
|
2018-04-10 14:46:36 +02:00 |
ja3
|
disable correlation for last-seen/first-seen/text
|
2017-12-05 11:05:56 +01:00 |
legal-entity
|
Fixed disable_correlation variable type
|
2018-02-06 15:36:57 +01:00 |
macho
|
Typo fixed
|
2017-08-29 22:02:10 +02:00 |
macho-section
|
Update definitions of binaries
|
2017-08-29 13:25:58 +02:00 |
microblog
|
fix: disable correlation on microblog type (Twitter or alike)
|
2017-12-30 19:26:48 +01:00 |
mutex
|
add: Object to describe mutual exclusion locks (mutex) as seen in memory or computer program
|
2018-01-22 13:34:33 +01:00 |
netflow
|
Fix typo in the field
|
2017-10-13 15:08:25 +02:00 |
network-connection
|
fix: RequiredOneOf field
|
2018-05-03 14:28:46 +02:00 |
passive-dns
|
fix: Passive DNS records especially on the disabled_correlation fields
|
2018-01-25 15:07:19 +01:00 |
paste
|
New attributes: title
|
2017-10-04 13:24:29 +02:00 |
pe
|
fix: disable correlation on all filename-*
|
2017-12-24 15:05:12 +01:00 |
pe-section
|
Update definitions of binaries
|
2017-08-29 13:25:58 +02:00 |
person
|
description typo
|
2018-02-05 16:10:23 +01:00 |
phone
|
phone defintion fixed
|
2017-08-27 08:30:58 +02:00 |
process
|
First version of process object
|
2018-05-04 16:34:35 +02:00 |
r2graphity
|
fix: requiredOneOf list of r2graphity was wrong
|
2017-11-10 13:28:05 -08:00 |
regexp
|
regexp object - change version
|
2018-04-13 10:56:56 +02:00 |
registry-key
|
fix: registry-key updated
|
2018-01-18 13:49:03 +01:00 |
report
|
Add report object
|
2017-10-24 13:04:41 -04:00 |
rtir
|
add: RTIR object added (as requested by CSP - Cyber Security Core Service Platform)
|
2017-10-12 22:08:09 +02:00 |
sandbox-report
|
added sandbox-report object
|
2018-01-08 17:28:21 +01:00 |
sb-signature
|
fix: Make the schema happy.
|
2018-01-23 10:46:15 +01:00 |
ss7-attack
|
Update definition.json
|
2018-01-11 11:52:11 +01:00 |
stix2-pattern
|
fix: version field added if stix2-pattern has multiple version in the future
|
2018-03-19 17:33:45 +01:00 |
suricata
|
add: Suricata object added with context
|
2018-03-28 14:32:53 +02:00 |
target-system
|
moved object into internal
|
2018-04-10 16:08:04 +00:00 |
timestamp
|
add: new timestamp object
|
2018-04-30 16:27:17 +02:00 |
tor-node
|
Improved Tor node object to include support of the new Tor monitoring
|
2017-07-06 14:57:32 +02:00 |
transaction
|
Fixed the bank-account meta-category
|
2018-02-20 15:44:02 +01:00 |
url
|
fix: some parts of the URL can be repeated such as resource path, anchor...
|
2018-03-15 09:38:53 +01:00 |
victim
|
Never trust standards using Google docs to store list of machine parsable information.
|
2017-12-04 15:28:29 +01:00 |
virustotal-report
|
Adding ui-priority fields
|
2018-04-23 11:22:39 +02:00 |
vulnerability
|
fix: add missing attribute type for the state
|
2018-01-08 08:15:43 +01:00 |
whois
|
Update definition.json
|
2018-04-26 16:53:24 +02:00 |
x509
|
fix: Feedback from @sheidan
|
2018-03-28 15:26:35 +02:00 |
yabin
|
Updated following Andras feedback
|
2017-09-06 16:13:35 +02:00 |
yara
|
add: Context where the YARA rule can be applied
|
2018-05-01 11:21:05 +02:00 |