.. |
ADS
|
fix: [jq] JSON fixed
|
2022-12-15 14:39:52 +01:00 |
abuseipdb
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
ai-chat-prompt
|
fix: [ai-chat-prompt] improved ai-chat-prompt template
|
2023-04-16 10:50:30 +02:00 |
ail-leak
|
…
|
|
ais
|
fix: forgot to jq all the things.
|
2023-03-01 15:13:39 +01:00 |
ais-info
|
…
|
|
android-app
|
…
|
|
android-permission
|
…
|
|
annotation
|
…
|
|
anonymisation
|
…
|
|
apivoid-email-verification
|
…
|
|
artifact
|
chg: [artifact] Changed the `payload_bin` attribute to attachment type
|
2024-01-19 23:15:41 +01:00 |
asn
|
fix: [objects description] ref #384 - Grammar fixes included in the JSON files.
|
2023-02-02 10:51:32 +01:00 |
attack-pattern
|
…
|
|
attack-step
|
[attack-step] Fixed typo, added multiples.
|
2023-11-10 15:18:48 +01:00 |
authentication-failure-report
|
…
|
|
authenticode-signerinfo
|
…
|
|
av-signature
|
…
|
|
availability-impact
|
wip: [impacts] New template for different types of impacts as described in STIX 2.1 Incident object extensions
|
2023-06-22 15:16:48 +02:00 |
bank-account
|
…
|
|
bgp-hijack
|
…
|
|
bgp-ranking
|
…
|
|
blog
|
…
|
|
boleto
|
…
|
|
btc-transaction
|
…
|
|
btc-wallet
|
fix: [objects description] ref #384 - Grammar fixes included in the JSON files.
|
2023-02-02 10:51:32 +01:00 |
c2-list
|
reorder elements
|
2023-09-19 17:05:06 +02:00 |
cap-alert
|
…
|
|
cap-info
|
…
|
|
cap-resource
|
…
|
|
cert-pl-phishing
|
chg: [cert-pl-phishing] fixed
|
2024-04-04 16:53:46 +02:00 |
cloth
|
…
|
|
coin-address
|
chg: [coin-address] add a generic crypto address if the address format
|
2023-09-28 10:06:02 +02:00 |
command
|
…
|
|
command-line
|
chg: [command-line] added sane_default
|
2024-03-16 09:48:29 +01:00 |
concordia-mtmf-intrusion-set
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
confidentiality-impact
|
fix: [impacts] Typo
|
2023-06-22 15:50:54 +02:00 |
cookie
|
chg: [cookie] cookie can be also only a key or a value
|
2023-06-14 17:36:22 +02:00 |
cortex
|
fix: [objects description] ref #384 - Grammar fixes included in the JSON files.
|
2023-02-02 10:51:32 +01:00 |
cortex-taxonomy
|
fix: [objects description] ref #384 - Grammar fixes included in the JSON files.
|
2023-02-02 10:51:32 +01:00 |
course-of-action
|
…
|
|
covid19-csse-daily-report
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
covid19-dxy-live-city
|
…
|
|
covid19-dxy-live-province
|
…
|
|
cowrie
|
…
|
|
cpe-asset
|
…
|
|
credential
|
…
|
|
credit-card
|
…
|
|
crowdsec-ip-context
|
change type of ans name
|
2024-03-07 12:02:23 +00:00 |
crowdstrike-report
|
fix: [crowdstrike-report] jq all the things
|
2023-11-21 08:20:35 +01:00 |
crypto-material
|
…
|
|
cryptocurrency-transaction
|
chg: [cryptocurrency-transaction] fix the UUID
|
2023-09-28 10:18:32 +02:00 |
cs-beacon-config
|
chg: [cs-beacon-config] encoded-data as file attachment instead of text
|
2024-05-07 09:36:13 +02:00 |
cytomic-orion-file
|
…
|
|
cytomic-orion-machine
|
…
|
|
dark-pattern-item
|
…
|
|
ddos
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
ddos-claim
|
fix: [ddos-claim] descriptions fixed following CERT-SE feedback
|
2024-06-18 09:52:57 +02:00 |
device
|
…
|
|
diameter-attack
|
…
|
|
diamond
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
directory
|
add: [directory] New object template for directories
|
2023-02-27 10:56:31 +01:00 |
dkim
|
…
|
|
dns-record
|
…
|
|
domain-crawled
|
…
|
|
domain-ip
|
…
|
|
edr-report
|
…
|
|
elf
|
…
|
|
elf-section
|
…
|
|
email
|
chg: [email] email-body-attachment added
|
2023-09-11 11:28:39 +02:00 |
employee
|
…
|
|
error-message
|
…
|
|
event
|
wip: [event] New object template to describe events that can happen during an incident
|
2023-06-22 12:28:47 +02:00 |
exploit
|
Add software impacted by exploit
|
2024-03-18 14:19:35 +00:00 |
exploit-poc
|
…
|
|
external-impact
|
wip: [impacts] New template for different types of impacts as described in STIX 2.1 Incident object extensions
|
2023-06-22 15:16:48 +02:00 |
facebook-account
|
…
|
|
facebook-group
|
fix: [facebook-group] add an optional ID reference to the facebook id
|
2022-09-09 07:24:05 +02:00 |
facebook-page
|
…
|
|
facebook-post
|
…
|
|
facebook-reaction
|
new: [facebook-reaction] new object to link reaction with facebook posts or alike
|
2022-09-09 07:21:59 +02:00 |
facial-composite
|
…
|
|
fail2ban
|
fix: [fail2ban] incorrect UUID fixed
|
2022-12-11 12:54:24 +01:00 |
favicon
|
…
|
|
file
|
add: [file] Added creation, modification & access time attributes
|
2023-02-20 19:31:59 +01:00 |
flowintel-cm-case
|
chg: [flowintel-cm] notes
|
2024-04-18 14:40:16 +02:00 |
flowintel-cm-task
|
chg: [flowintel-cm] notes
|
2024-04-18 14:40:16 +02:00 |
flowintel-cm-task-note
|
chg: [flowintel-cm] notes
|
2024-04-18 14:40:16 +02:00 |
forensic-case
|
…
|
|
forensic-evidence
|
…
|
|
forged-document
|
…
|
|
ftm-Airplane
|
…
|
|
ftm-Assessment
|
…
|
|
ftm-Asset
|
…
|
|
ftm-Associate
|
…
|
|
ftm-Audio
|
…
|
|
ftm-BankAccount
|
…
|
|
ftm-Call
|
…
|
|
ftm-Company
|
…
|
|
ftm-Contract
|
…
|
|
ftm-ContractAward
|
…
|
|
ftm-CourtCase
|
…
|
|
ftm-CourtCaseParty
|
…
|
|
ftm-Debt
|
…
|
|
ftm-Directorship
|
…
|
|
ftm-Document
|
…
|
|
ftm-Documentation
|
…
|
|
ftm-EconomicActivity
|
…
|
|
ftm-Email
|
…
|
|
ftm-Event
|
…
|
|
ftm-Family
|
…
|
|
ftm-Folder
|
…
|
|
ftm-HyperText
|
…
|
|
ftm-Image
|
…
|
|
ftm-Land
|
…
|
|
ftm-LegalEntity
|
…
|
|
ftm-License
|
…
|
|
ftm-Membership
|
…
|
|
ftm-Message
|
…
|
|
ftm-Organization
|
…
|
|
ftm-Ownership
|
…
|
|
ftm-Package
|
…
|
|
ftm-Page
|
…
|
|
ftm-Pages
|
…
|
|
ftm-Passport
|
…
|
|
ftm-Payment
|
…
|
|
ftm-Person
|
…
|
|
ftm-PlainText
|
…
|
|
ftm-PublicBody
|
…
|
|
ftm-RealEstate
|
…
|
|
ftm-Representation
|
…
|
|
ftm-Row
|
…
|
|
ftm-Sanction
|
…
|
|
ftm-Succession
|
…
|
|
ftm-Table
|
…
|
|
ftm-TaxRoll
|
…
|
|
ftm-UnknownLink
|
…
|
|
ftm-UserAccount
|
…
|
|
ftm-Vehicle
|
…
|
|
ftm-Vessel
|
…
|
|
ftm-Video
|
…
|
|
ftm-Workbook
|
…
|
|
game-cheat
|
…
|
|
generalizing-persuasion-framework
|
new: [gpf] Split actors_speaker and settings_competition into more
|
2024-04-14 07:26:53 +02:00 |
geolocation
|
…
|
|
git-vuln-finder
|
…
|
|
github-user
|
…
|
|
gitlab-user
|
…
|
|
google-safe-browsing
|
Added a is-malicious attribute for abuseipdb and added a google-safe-browsing object for the google-safe-browsing expansion module
|
2023-07-13 09:25:26 -04:00 |
greynoise-ip
|
chg: [greynoise-intelligence] JSON fixed
|
2023-03-10 15:34:32 +01:00 |
gtp-attack
|
…
|
|
hashlookup
|
…
|
|
hhhash
|
chg: [hhhash] newline fixed
|
2023-07-10 16:40:22 +02:00 |
http-request
|
…
|
|
identity
|
…
|
|
ilr-impact
|
…
|
|
ilr-notification-incident
|
fix: [ilr-notification-incident] Typo
|
2023-09-14 16:58:22 +02:00 |
image
|
…
|
|
impersonation
|
…
|
|
imsi-catcher
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
incident
|
add: [incident] Added the score attribute
|
2023-07-07 11:36:42 +02:00 |
infrastructure
|
…
|
|
instant-message
|
chg: [instant-message] remove newlines
|
2024-04-24 14:30:19 +02:00 |
instant-message-group
|
…
|
|
integrity-impact
|
fix: [impacts] Typo
|
2023-06-22 15:50:54 +02:00 |
intel471-vulnerability-intelligence
|
…
|
|
intelmq_event
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
intelmq_report
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
internal-reference
|
…
|
|
interpol-notice
|
…
|
|
intrusion-set
|
add: [intrusion-set] Added `first_seen` & `last_seen` attributes
|
2023-11-09 12:10:52 +01:00 |
iot-device
|
…
|
|
iot-firmware
|
…
|
|
ip-api-address
|
…
|
|
ip-port
|
…
|
|
irc
|
…
|
|
ja3
|
…
|
|
ja3s
|
chg: [ja3s] Add domain and hostname attributes
|
2023-07-20 10:24:42 +03:00 |
jarm
|
…
|
|
keybase-account
|
…
|
|
language-content
|
…
|
|
leaked-document
|
…
|
|
legal-entity
|
…
|
|
lnk
|
…
|
|
macho
|
…
|
|
macho-section
|
…
|
|
mactime-timeline-analysis
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
malware
|
fix: [malware] Fixed `is_family` attribute type
|
2023-08-10 11:39:44 +02:00 |
malware-analysis
|
add: [malware-analysis] New object template to describe a static or dynamic analysis performed on a malware instance or family
|
2023-07-25 15:24:39 +02:00 |
malware-config
|
fix: [malware-config] typo fixed
|
2023-07-31 11:21:29 +02:00 |
meme-image
|
…
|
|
microblog
|
…
|
|
monetary-impact
|
wip: [impacts] New template for different types of impacts as described in STIX 2.1 Incident object extensions
|
2023-06-22 15:16:48 +02:00 |
mutex
|
…
|
|
narrative
|
…
|
|
netflow
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
network-connection
|
fix: [network-connection] Using the `size-in-bytes` attribute type for information expressed in bytes
|
2024-04-11 09:42:06 +02:00 |
network-profile
|
…
|
|
network-socket
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
network-traffic
|
chg: [network-traffic] Going for the `protocol` attribute in singular
|
2024-04-11 12:04:55 +02:00 |
news-agency
|
…
|
|
news-media
|
chg: [news-media] add governmental communication and also news agency
|
2024-04-12 10:22:53 +02:00 |
open-data-security
|
…
|
|
organization
|
chg: [organization] add a MISP UUID if present
|
2024-05-03 22:04:04 +02:00 |
original-imported-file
|
…
|
|
paloalto-threat-event
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
parler-account
|
…
|
|
parler-comment
|
…
|
|
parler-post
|
…
|
|
passive-dns
|
…
|
|
passive-dns-dnsdbflex
|
…
|
|
passive-ssh
|
…
|
|
paste
|
…
|
|
pcap-metadata
|
…
|
|
pe
|
fix: [pe] Removing the `disable_correlation` flag for a `size-in-bytes` attribute type
|
2024-04-03 17:33:30 +02:00 |
pe-optional-header
|
add: [pe-optional-header] New object template for PE optional headers
|
2024-04-03 17:32:47 +02:00 |
pe-section
|
…
|
|
persnona
|
fix: [jq] JSON fixed
|
2022-12-15 14:39:52 +01:00 |
person
|
chg: [person/organization] `impersonated` added to the role of person
|
2024-03-05 08:59:45 +01:00 |
personification
|
…
|
|
pgp-meta
|
…
|
|
phishing
|
…
|
|
phishing-kit
|
…
|
|
phone
|
…
|
|
phone-number
|
chg: remove categories and object_relation definitions from phone-number
|
2024-06-09 22:39:41 +03:00 |
physical-impact
|
wip: [impacts] New template for different types of impacts as described in STIX 2.1 Incident object extensions
|
2023-06-22 15:16:48 +02:00 |
postal-address
|
…
|
|
probabilistic-data-structure
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
process
|
add: [process] Environment variables attribute
|
2024-01-30 15:19:54 +01:00 |
publication
|
…
|
|
python-etvx-event-log
|
…
|
|
query
|
…
|
|
r2graphity
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
ransom-negotiation
|
…
|
|
ransomware-group-post
|
fix: [ransomware-group-post] added the missing descriptions for `actor-geo-stats-30d` and `actor-total-stats-30d`
|
2024-04-24 16:47:47 +02:00 |
reddit-account
|
…
|
|
reddit-comment
|
…
|
|
reddit-post
|
…
|
|
reddit-subreddit
|
…
|
|
regexp
|
…
|
|
registry-key
|
chg: [registry-key] jq all the things
|
2024-04-25 11:20:46 +02:00 |
registry-key-value
|
add: [registry-key-value] New template to describe registry key values
|
2023-03-01 20:50:30 +01:00 |
regripper-NTUser
|
…
|
|
regripper-sam-hive-single-user
|
…
|
|
regripper-sam-hive-user-group
|
…
|
|
regripper-software-hive-BHO
|
…
|
|
regripper-software-hive-appInit-DLLS
|
…
|
|
regripper-software-hive-application-paths
|
…
|
|
regripper-software-hive-applications-installed
|
…
|
|
regripper-software-hive-command-shell
|
…
|
|
regripper-software-hive-software-run
|
…
|
|
regripper-software-hive-userprofile-winlogon
|
…
|
|
regripper-software-hive-windows-general-info
|
…
|
|
regripper-system-hive-firewall-configuration
|
…
|
|
regripper-system-hive-general-configuration
|
…
|
|
regripper-system-hive-network-information
|
…
|
|
regripper-system-hive-services-drivers
|
…
|
|
report
|
fix: [report] typo fixed
|
2023-12-06 09:32:13 +01:00 |
research-scanner
|
fix: [research-scanner] version updated
|
2024-05-27 10:22:53 +02:00 |
risk-assessment-report
|
new: [risk-assessment-report] New object template Risk assessment report
|
2023-04-13 10:41:39 +02:00 |
rogue-dns
|
…
|
|
rtir
|
…
|
|
sandbox-report
|
…
|
|
sb-signature
|
…
|
|
scan-result
|
fix: [scan-results] JSON and trailing comma ;-)
|
2023-08-03 10:47:45 +02:00 |
scheduled-event
|
…
|
|
scheduled-task
|
…
|
|
scrippsco2-c13-daily
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
scrippsco2-c13-monthly
|
…
|
|
scrippsco2-co2-daily
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
scrippsco2-co2-monthly
|
…
|
|
scrippsco2-o18-daily
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
scrippsco2-o18-monthly
|
…
|
|
script
|
…
|
|
security-playbook
|
chg: [security-playbook] JSON fixed
|
2022-08-25 10:17:48 +02:00 |
shadowserver-malware-url-report
|
chg: [shadowserver-malware-url-report] resource path added to improve
|
2023-12-08 15:18:32 +01:00 |
shell-commands
|
…
|
|
shodan-report
|
…
|
|
short-message-service
|
…
|
|
shortened-link
|
…
|
|
sigma
|
…
|
|
sigmf-archive
|
fix: jq all the things
|
2023-08-03 09:30:58 +02:00 |
sigmf-expanded-recording
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
sigmf-recording
|
fix: minor fixes
|
2023-08-03 08:07:47 +02:00 |
social-media-group
|
…
|
|
software
|
…
|
|
spearphishing-attachment
|
jq_all_the_things
|
2022-08-25 16:03:59 -05:00 |
spearphishing-link
|
jq_all_the_things
|
2022-08-25 16:03:59 -05:00 |
splunk
|
…
|
|
ss7-attack
|
…
|
|
ssh-authorized-keys
|
…
|
|
stairwell
|
fixed parse error
|
2024-03-15 14:04:07 -05:00 |
stix2-pattern
|
…
|
|
stock
|
…
|
|
submarine
|
fix: Changed a few attribute types in different template
|
2024-04-13 12:24:58 +02:00 |
suricata
|
…
|
|
target-system
|
…
|
|
task
|
wip: [task] New object template for tasks as described in STIX 2.1 Incident object extensions
|
2023-06-22 15:39:02 +02:00 |
tattoo
|
…
|
|
telegram-account
|
…
|
|
telegram-bot
|
add username field in telegram-bot object
|
2022-10-13 13:45:52 +02:00 |
temporal-event
|
…
|
|
thaicert-group-cards
|
fix: [jq] all
|
2022-12-22 13:15:10 +01:00 |
threatgrid-report
|
…
|
|
timecode
|
…
|
|
timesketch-timeline
|
…
|
|
timesketch_message
|
…
|
|
timestamp
|
…
|
|
tor-hiddenservice
|
…
|
|
tor-node
|
…
|
|
traceability-impact
|
wip: [impacts] New template for different types of impacts as described in STIX 2.1 Incident object extensions
|
2023-06-22 15:16:48 +02:00 |
tracking-id
|
…
|
|
transaction
|
…
|
|
translation
|
…
|
|
transport-ticket
|
chg: [transport-ticket] update to add the type of ticket (e.g. boarding pass versus ticket)
|
2023-01-27 15:55:08 +01:00 |
trustar_report
|
…
|
|
tsk-chats
|
…
|
|
tsk-web-bookmark
|
…
|
|
tsk-web-cookie
|
…
|
|
tsk-web-downloads
|
…
|
|
tsk-web-history
|
…
|
|
tsk-web-search-query
|
…
|
|
twitter-account
|
…
|
|
twitter-list
|
…
|
|
twitter-post
|
…
|
|
typosquatting-finder
|
chg: [typosquatting] jq_all_the_things
|
2023-01-16 08:45:20 +01:00 |
typosquatting-finder-result
|
chg: [typosquatting] jq_all_the_things
|
2023-01-16 08:45:20 +01:00 |
url
|
…
|
|
user-account
|
add: [user-account] Added email attribute
|
2023-10-31 15:49:44 +01:00 |
vehicle
|
fix: [vehicle] jq all the things
|
2022-12-30 07:37:54 +01:00 |
victim
|
fix: [victim] object updated
|
2023-12-05 20:58:22 +01:00 |
virustotal-graph
|
…
|
|
virustotal-report
|
fix: [virustotal-report] bump version
|
2023-09-01 09:34:08 +02:00 |
virustotal-submission
|
…
|
|
vulnerability
|
…
|
|
weakness
|
…
|
|
whois
|
…
|
|
windows-service
|
…
|
|
x-header
|
new: [x-header] new generic X header object for SMTP, HTTP and others
|
2023-08-07 14:36:24 +02:00 |
x509
|
…
|
|
yabin
|
…
|
|
yara
|
fix: [yara] add a reference link to the YARA object template
|
2022-08-03 11:46:30 +02:00 |
youtube-channel
|
…
|
|
youtube-comment
|
…
|
|
youtube-playlist
|
…
|
|
youtube-video
|
…
|
|