Commit Graph

469 Commits (472c0debc59d69a8361dd74c7ad98eb92e5721d0)

Author SHA1 Message Date
Richard van den Berg a2f7a9bc9f Add Stealth Malware Taxonomy as defined by Joanna Rutkowska 2016-10-28 11:07:24 +02:00
Alexandre Dulaunoy 16a41daa91 Merge pull request #43 from cvandeplas/master
Galaxy elements as taxonomies
2016-10-27 15:48:32 +02:00
Alexandre Dulaunoy b62d5e577d MISP mapping changed key as object to add optional fields like colour,
description.
2016-10-27 10:04:33 +02:00
Alexandre Dulaunoy e4b88466ba Merge branch 'master' of github.com:MISP/misp-taxonomies 2016-10-27 08:19:05 +02:00
Alexandre Dulaunoy d2b66e2389 New mapping taxonomy library added
A simple JSON format where a vernacular/common name describes
all the potential associated machine tags.

The format is a simple JSON object with a key for the common name
which references a list of potential associated machine tags.

The usage (in a first step) in MISP will be the following:

- The replacement in the index UI of the corresponding list of machine
  tags by the vernacular/common name.

- The ability to add automatically associated machine tags when tagging with the
  vernacular/common name.

Even if the machine tags is not enabled in MISP, the tag will be added.
2016-10-27 07:56:02 +02:00
Christophe Vandeplas 63a1055fc9 converted galaxy to taxonomy 2016-10-26 16:45:29 +02:00
Christophe Vandeplas 1810d6f87a script to convert galaxy to taxonomy 2016-10-26 16:38:42 +02:00
Alexandre Dulaunoy b74b1f0d4e Merge pull request #41 from cvandeplas/master
dynamically build taxonomies list
2016-10-24 18:21:35 +02:00
Christophe Vandeplas f7a0f46868 dynamically build taxonomies list
solves the problem to update the list constantly
2016-10-24 17:01:32 +02:00
Raphaël Vinot 7f63453c0f Explicitely set values to null if there are none 2016-10-14 12:01:56 +02:00
Raphaël Vinot 0a6549d886 Fix Typos in TLP & PAP 2016-10-12 16:30:56 +02:00
Alexandre Dulaunoy 2148de947b Version of MISP taxonomy updated 2016-10-09 15:47:28 +02:00
Alexandre Dulaunoy d5dd9c2b5d misp:should-not-sync added (to be used with feeds or other local event
which are not recommended to be synced)
2016-10-09 15:46:12 +02:00
Alexandre Dulaunoy c22a4c86ff Manifest fixed 2016-10-09 12:59:03 +02:00
Alexandre Dulaunoy 30fdffd899 Merge branch 'master' of github.com:MISP/misp-taxonomies
Conflicts:
	osint/machinetag.json
2016-10-09 12:57:43 +02:00
Alexandre Dulaunoy a71a784bd0 Filter or block list added to the OSINT taxonomy 2016-10-09 12:54:13 +02:00
Alexandre Dulaunoy 8e9a0f2688 Merge pull request #39 from cvandeplas/master
added OSINT source-type expansion
2016-10-07 10:56:48 +02:00
Christophe Vandeplas 365580b5f9 added OSINT source-type expansion 2016-10-07 10:04:02 +02:00
Raphaël Vinot 1868fe7b37 Fix inconsistencies between MANIFEST, directory names and taxonomies 2016-10-05 14:42:41 +02:00
Alexandre Dulaunoy 84a3f89cf5 Merge pull request #38 from michael-hamm/rt_event_status
Status of events used in Request Tracker.
2016-09-29 14:26:22 +02:00
Michael Hamm 3122ff269d Status of events used in Request Tracker. 2016-09-29 11:39:02 +02:00
Alexandre Dulaunoy e97c939a07 Merge pull request #37 from bradh/patch-1
Typo fix
2016-09-29 10:08:00 +02:00
Brad Hards d68596c361 Typo fix 2016-09-29 14:33:06 +10:00
Alexandre Dulaunoy 5720452470 domain-abuse addetd 2016-09-22 15:07:22 +02:00
Alexandre Dulaunoy 5c28042175 Merge pull request #36 from mausding/master
Domain name abuse taxonomy
2016-09-22 15:02:54 +02:00
Michael Hausding 99118e55df added domain-abuse 2016-09-22 14:55:26 +02:00
Michael Hausding ff71eb197a Added domain-abuse taxonomy. 2016-09-22 14:53:21 +02:00
Michael Hausding 620ca15833 Merge branch 'master' of github.com:mausding/misp-taxonomies 2016-09-22 14:47:35 +02:00
Michael Hausding 1eee0633d8 Domain Name Abuse
Taxonomy to tag domain names used for cybercrime.
Use europol-incident to tag abuse-activity.

TF-CSIRT hackathon Zurich:

sykaeh
mausding
2016-09-22 14:30:10 +02:00
Alexandre Dulaunoy ab94a8fb42 name of taxonomies updated 2016-09-21 10:37:13 +02:00
Alexandre Dulaunoy 48976bf656 OSINT: numerical value added to confidence level 2016-09-16 07:29:43 +02:00
Alexandre Dulaunoy 180b8e5642 threat-level predicate fixed 2016-09-15 22:54:28 +02:00
Andras Iklody d7cec10395 Added predicate description 2016-09-15 22:05:43 +02:00
Alexandre Dulaunoy 859b2e1648 low risk added 2016-09-15 22:03:18 +02:00
Alexandre Dulaunoy b3bb4cfb4c New threat level created (including CEUS mapping) 2016-09-15 21:57:51 +02:00
Alexandre Dulaunoy b48ba68ecd Merge pull request #34 from rommelfs/patch-1
Update, language related
2016-09-12 11:01:15 +02:00
Sascha Rommelfangen df876d75ba Update, language related 2016-09-12 10:57:12 +02:00
Alexandre Dulaunoy 6d2e4de0b0 Typo fixed 2016-09-10 12:22:01 +02:00
Alexandre Dulaunoy ec10ec4594 MISP confidence level updated
The confidence levels have been changed to 100, 75, 50, 25 and 0.
Undefined confidences are not set to avoid ambiguities.
2016-09-10 12:13:41 +02:00
Alexandre Dulaunoy c1dcf64bd0 Merge branch 'master' of github.com:MISP/misp-taxonomies 2016-09-09 22:22:10 +02:00
Alexandre Dulaunoy 6c0b71a760 First experimental confidence level for MISP taxonomy. 2016-09-09 22:21:12 +02:00
Andras Iklody e5e553a7ba Fixed a typo in the MUST NOT tag
As discovered by @packet-rat in https://github.com/MISP/misp-taxonomies/issues/33
2016-09-08 14:15:52 +02:00
Alexandre Dulaunoy 5429632d88 License clarification - CC0 2016-09-02 17:20:23 +02:00
Alexandre Dulaunoy 9a88d14b23 TLP updated according to FIRST SIG about TLP.
For more info: https://www.first.org/tlp
2016-08-29 11:34:21 +02:00
Alexandre Dulaunoy cd609b76f5 Merge pull request #31 from Delta-Sierra/master
add Botnet to malware_classification:malware-category
2016-08-12 15:25:08 +02:00
Raphaël Vinot 8d95adf353 add Botnet to malware_classification:malware-category 2016-08-12 10:29:28 +02:00
Alexandre Dulaunoy fcd3160d61 Galaxy mapping removed - moved to the galaxy repo 2016-08-12 09:45:22 +02:00
Alexandre Dulaunoy 91ff875dc9 Galaxy moved to galaxy repo 2016-08-12 09:44:20 +02:00
Alexandre Dulaunoy fee61b2f60 URLs to galaxy, clusters and elements fixed 2016-08-12 09:03:20 +02:00
Alexandre Dulaunoy 5e6e049275 Simplify the mapping
KISS KISS KISS principle
2016-08-12 08:46:40 +02:00