MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

SMS object template added

pull/6/head
Alexandre Dulaunoy 2018-07-18 09:59:45 +02:00
parent ff0274dbdc
commit b47755c059
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
2 changed files with 33766 additions and 30955 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

222
objects.html
View File

@ -497,11 +497,13 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
<li><a href="#_sandbox_report">sandbox-report</a></li>
<li><a href="#_sb_signature">sb-signature</a></li>
<li><a href="#_script">script</a></li>
<li><a href="#_short_message_service">short-message-service</a></li>
<li><a href="#_shortened_link">shortened-link</a></li>
<li><a href="#_ss7_attack">ss7-attack</a></li>
<li><a href="#_stix2_pattern">stix2-pattern</a></li>
<li><a href="#_suricata">suricata</a></li>
<li><a href="#_target_system">target-system</a></li>
<li><a href="#_threatgrid_report">threatgrid-report</a></li>
<li><a href="#_timecode">timecode</a></li>
<li><a href="#_timesketch_timeline">timesketch-timeline</a></li>
<li><a href="#_timestamp">timestamp</a></li>
@ -1946,7 +1948,7 @@ coin-address is a MISP object available in JSON format at <a href="https://githu
<td class="tableblock halign-left valign-top"><p class="tableblock">symbol</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>The (uppercase) symbol of the cryptocurrency used. Symbol should be from <a href="https://coinmarketcap.com/all/views/all/" class="bare">https://coinmarketcap.com/all/views/all/</a> ['BTC', 'ETH', 'BCH', 'XRP', 'MIOTA', 'DASH', 'BTG', 'LTC', 'ADA', 'XMR', 'ETC', 'NEO', 'NEM', 'EOS', 'XLM', 'BCC', 'LSK', 'OMG', 'QTUM', 'ZEC', 'USDT', 'HSR', 'STRAT', 'WAVES', 'PPT']</p>
<p>The (uppercase) symbol of the cryptocurrency used. Symbol should be from <a href="https://coinmarketcap.com/all/views/all/" class="bare">https://coinmarketcap.com/all/views/all/</a> ['BTC', 'ETH', 'BCH', 'XRP', 'MIOTA', 'DASH', 'BTG', 'LTC', 'ADA', 'XMR', 'ETC', 'NEO', 'NEM', 'EOS', 'XLM', 'BCC', 'LSK', 'OMG', 'QTUM', 'ZEC', 'USDT', 'HSR', 'STRAT', 'WAVES', 'PPT', 'ETN']</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
@ -7783,6 +7785,104 @@ script is a MISP object available in JSON format at <a href="https://github.com/
</div>
</div>
<div class="sect1">
<h2 id="_short_message_service"><a class="anchor" href="#_short_message_service"></a><a class="link" href="#_short_message_service">short-message-service</a></h2>
<div class="sectionbody">
<div class="paragraph">
<p>Short Message Service (SMS) object template describing one or more SMS message. Restriction of the initial format 3GPP 23.038 GSM character set doesn&#8217;t apply..</p>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
short-message-service is a MISP object available in JSON format at <a href="https://github.com/MISP/misp-objects/blob/master/objects/short-message-service/definition.json"><strong>this location</strong></a> The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a>.
</td>
</tr>
</table>
</div>
<table class="tableblock frame-all grid-all stretch">
<colgroup>
<col style="width: 25%;">
<col style="width: 25%;">
<col style="width: 25%;">
<col style="width: 25%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Object attribute</th>
<th class="tableblock halign-left valign-top">MISP attribute type</th>
<th class="tableblock halign-left valign-top">Description</th>
<th class="tableblock halign-left valign-top">Disable correlation</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">body</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Message body of the SMS</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">url-rfc5724</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">url</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>url representing SMS using RFC 5724 (not url contained in the SMS which should use an url object)</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">from</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">phone-number</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Phone number used to send the SMS</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">to</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">phone-number</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Phone number receiving the SMS</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">sent-date</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">datetime</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Initial sent date of the SMS</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">received-date</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">datetime</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Received date of the SMS</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="sect1">
<h2 id="_shortened_link"><a class="anchor" href="#_shortened_link"></a><a class="link" href="#_shortened_link">shortened-link</a></h2>
<div class="sectionbody">
<div class="paragraph">
@ -8393,6 +8493,124 @@ target-system is a MISP object available in JSON format at <a href="https://gith
</div>
</div>
<div class="sect1">
<h2 id="_threatgrid_report"><a class="anchor" href="#_threatgrid_report"></a><a class="link" href="#_threatgrid_report">threatgrid-report</a></h2>
<div class="sectionbody">
<div class="paragraph">
<p>ThreatGrid report.</p>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
threatgrid-report is a MISP object available in JSON format at <a href="https://github.com/MISP/misp-objects/blob/master/objects/threatgrid-report/definition.json"><strong>this location</strong></a> The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a>.
</td>
</tr>
</table>
</div>
<table class="tableblock frame-all grid-all stretch">
<colgroup>
<col style="width: 25%;">
<col style="width: 25%;">
<col style="width: 25%;">
<col style="width: 25%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Object attribute</th>
<th class="tableblock halign-left valign-top">MISP attribute type</th>
<th class="tableblock halign-left valign-top">Description</th>
<th class="tableblock halign-left valign-top">Disable correlation</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">threat_score</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>threat_score</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">heuristic_raw_score</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>heuristic_raw_score</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">heuristic_score</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>heuristic_score</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">analysis_submitted_at</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Submission date</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">original_filename</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Original filename</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">permalink</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>permalink</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">id</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>ThreatGrid ID</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">iocs</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>iocs</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="sect1">
<h2 id="_timecode"><a class="anchor" href="#_timecode"></a><a class="link" href="#_timecode">timecode</a></h2>
<div class="sectionbody">
<div class="paragraph">
@ -10586,7 +10804,7 @@ yara is a MISP object available in JSON format at <a href="https://github.com/MI
</div>
<div id="footer">
<div id="footer-text">
Last updated 2018-07-10 11:37:18 CEST
Last updated 2018-07-18 09:57:52 CEST
</div>
</div>
</body>

64499
objects.pdf
View File

File diff suppressed because it is too large Load Diff