MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [static] updated

pull/83/head
Alexandre Dulaunoy 2023-07-11 08:07:26 +02:00
parent 038d92592d
commit c7fc5803db
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
9 changed files with 49601 additions and 41275 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
static/Changelog-PyMISP.txt
View File

@ -2,6 +2,33 @@ Changelog
=========
v2.4.173 (2023-07-10)
---------------------
Changes
~~~~~~~
- Bump changelog. [Raphaël Vinot]
- Bump version. [Raphaël Vinot]
- Bump deps. [Raphaël Vinot]
- Bump objects. [Raphaël Vinot]
- Bump deps. [Raphaël Vinot]
- Bump objects. [Raphaël Vinot]
- Bump deps. [Raphaël Vinot]
Fix
~~~
- Maybe fixing a CakePHP issue. [Raphaël Vinot]
Maybe fixing #1014
- Use proper endpoint to unpublish event. [Raphaël Vinot]
Fix #1012
Other
~~~~~
- Feat: introduce setter for galaxies. [Sura De Silva]
v2.4.172 (2023-06-08)
---------------------

32
static/Changelog-misp-galaxy.txt
View File

@ -1,6 +1,38 @@
# Changelog
## %%version%% (unreleased)
### Other
* Merge pull request #853 from Delta-Sierra/main. [Alexandre Dulaunoy]
add SmugX & RedDelta
* Add SmugX & RedDelta. [Delta-Sierra]
## v2.4.173 (2023-07-04)
### Changes
* [sigma] updated. [Alexandre Dulaunoy]
### Other
* Merge pull request #852 from Delta-Sierra/main. [Alexandre Dulaunoy]
add Parties/Observers to the Budapest Convention
* Add Parties/Observers to the Budapest Convention. [Delta-Sierra]
* Merge. [Delta-Sierra]
* Complete VENOM SPIDER threat actor. [Delta-Sierra]
* Add Hagga threat actor. [Delta-Sierra]
## v2.4.172 (2023-06-09)
### Changes

96
static/Changelog-misp-modules.txt
View File

@ -1,6 +1,102 @@
# Changelog
## %%version%% (unreleased)
### Other
* Merge pull request #627 from hyasinfosec/main. [Alexandre Dulaunoy]
Added User Agent
* Added User Agent. [Rambatla Venkat Rao]
* Merge pull request #626 from GeekWeekSteph/abuseipdb2. [Alexandre Dulaunoy]
Fixed object reference issue for the AbuseIPDB expansion module
* Fixed object reference issue for the AbuseIPDB expansion module. [Steph S]
* Merge pull request #625 from GeekWeekSteph/abuseipdb. [Alexandre Dulaunoy]
Added AbuseIPDB expansion module
* Added AbuseIPDB expansion module. [Steph S]
* Merge pull request #624 from davidonzo/main. [Alexandre Dulaunoy]
Module updated to apiosintDSv2.0
* Bug fix. [Davide]
* Bug fix. [Davide]
* Module updated to apiosintDSv2.0. [Davide]
* Merge pull request #622 from maikwuerth/main. [Alexandre Dulaunoy]
Updates to defender module
* Add ip-src and ip-dst to types_to_use. [maikwuerth]
* Add period to query and changed query for url and domain hunts. [maikwuerth]
* Merge pull request #621 from cudeso/main. [Alexandre Dulaunoy]
Small bug fix for vulners - vulners_ai_score
* Small bug fix for vulners - vulners_ai_score. [Koen Van Impe]
## v2.4.173 (2023-07-04)
### Fix
* [doc] typo fixed. [Alexandre Dulaunoy]
Reference to #617
### Other
* Merge pull request #616 from whoisfreaks-user/main. [Alexandre Dulaunoy]
Added whoisFreaks Description in README.md file.
* Update README.md. [Alexandre Dulaunoy]
Keep the description simple. More can be put in the JSON.
* Merge branch 'MISP:main' into main. [whoisfreaks]
* Updated main Readme File. [Usama015]
* Merge pull request #615 from whoisfreaks/main. [Alexandre Dulaunoy]
Added new module of whoisfreaks that will provide comprehensive threat intelligence and attack surface analysis.
* Updated Description and removed redundant comments. [Usama015]
* Updated README.md file for expansion module. [Usama015]
* Updated description. [Usama015]
* Updated. [Usama015]
* Updated. [Usama015]
* Resolved Exception. [Usama015]
* Added Reverse API. [Usama015]
* Updated. [Usama015]
* Updated. [Usama015]
* Updated whoisfreaks module. [Usama015]
* Added whoisfreaks module in MISP. [Usama015]
## v2.4.172 (2023-06-09)
### Changes

64
static/Changelog-misp-objects.txt
View File

@ -1,6 +1,70 @@
# Changelog
## %%version%% (unreleased)
### New
* [hhhassh object] An object describing a HHHash object with the hash value along with the crawling parameters. For more information: https://www.foo.be/2023/07/HTTP-Headers-Hashing_HHHash. [Alexandre Dulaunoy]
### Changes
* [hhhash] newline fixed. [Alexandre Dulaunoy]
### Other
* Merge pull request #397 from GeekWeekSteph/abuseipdb. [Alexandre Dulaunoy]
Added AbuseIPDB object template for the AbuseIPDB expansion module
* Added AbuseIPDB object template for the AbuseIPDB expansion module. [Steph S]
## v2.4.173 (2023-07-04)
### New
* Added Diamond Object. [Michael Trewen]
### Changes
* [relationships] relationships names used by LookyLoo added. [Alexandre Dulaunoy]
* [relationships] because newlines. [Alexandre Dulaunoy]
* [relationships] add the `redirects-to` relationship as used in LookyLoo. [Alexandre Dulaunoy]
* [cookie] cookie can be also only a key or a value. [Alexandre Dulaunoy]
This change is required for the AIL project export
### Fix
* [organization] Fixed missing comma. [Christian Studer]
- Managed to improve the description too
### Other
* Merge pull request #395 from MISP/chrisr3d_patch. [Alexandre Dulaunoy]
Added `contact_information` & `sector` attributes to the `organization` template
* Add: [organization] Added the generic `contact_information` and `sector` fields for an organization. [Christian Studer]
* Merge branch 'main' of github.com:MISP/misp-objects into chrisr3d_patch. [Christian Studer]
* Merge branch 'main' of github.com:MISP/misp-objects into main. [Alexandre Dulaunoy]
* Merge pull request #394 from MichaelTrenker/new-Diamond-object. [Alexandre Dulaunoy]
new:added Diamond Object
* Ran jq_all_the_things.sh. [Michael Trenker]
* Jq. [Michael Trewen]
## v2.4.172 (2023-06-09)
### New

13
static/Changelog-misp-taxonomies.txt
View File

@ -1,6 +1,19 @@
# Changelog
## %%version%% (unreleased)
### Other
* Merge pull request #265 from vxsh4d0w/patch-4. [Alexandre Dulaunoy]
Update machinetag.json
* Update machinetag.json. [V]
Added Pig Butchering scam as cryptocurrency threat
## v2.4.172 (2023-06-09)
### New

21
static/Changelog-misp-warninglists.txt
View File

@ -1,6 +1,27 @@
# Changelog
## v2.4.173 (2023-07-04)
### Changes
* [warning-lists] updated to the latest version. [Alexandre Dulaunoy]
* [lists] updated. [Alexandre Dulaunoy]
* [lists] updated. [Alexandre Dulaunoy]
* [tools] removed Alexa from generate_all. [Christophe Vandeplas]
### Other
* Merge pull request #250 from davidonzo/main. [Alexandre Dulaunoy]
Added DigitalSide.IT warninglist (false positive detection)
* Added DigitalSide.IT warninglist (false positive detection) [Davide]
## v2.4.171 (2023-05-11)
### Changes

97
static/Changelog.txt
View File

@ -2,6 +2,103 @@ Changelog
=========
%%version%% (unreleased)
------------------------
New
~~~
- [attack widget] added. [iglocska]
- [org list widget] added. [iglocska]
- [dashboard widget toolkit] started a new common library of reusable
functions for widgets. [iglocska]
- [dashboard widgets] added previous_month boolean option to any widget
that had the month option. [iglocska]
- [dashboard widget] added functionalities to download widget raw data.
[iglocska]
- download the JSON passed to the front-end of a widget on-demand
- [dashboard widget] added download parameter to the widget system.
[iglocska]
Changes
~~~~~~~
- [misp-galaxy] updated. [Alexandre Dulaunoy]
- [misp-objects] updated. [Alexandre Dulaunoy]
- [misp-warninglists] updated. [Alexandre Dulaunoy]
- [htaccess] lock the backreference escaping purely to spaces - if we
need more we can change it in the future. [iglocska]
- [map widget] moved country code lookup to the new widget toolkit.
[iglocska]
- [org index] sort on metafields. [iglocska]
- [TOTP] set name. [iglocska]
- [htaccess] lock the backreference escaping purely to spaces - if we
need more we can change it in the future. [iglocska]
- [composer] added an explicit dependency to avoid pulling in the wrong
version when building docker. [iglocska]
Fix
~~~
- [customauth] Don't renew the session with each query. [iglocska]
- Leave the session handling to the normal life-cycle management
- should solve the issues where CSRF keeps kicking users off
- Properly handle different cert file extensions in server sync. #9084.
[Luciano Righetti]
- [urls] allow for encoded spaces. [iglocska]
- this has been haunting us for a while
- Update composer and fix dependencies. [Stefano Ortolani]
Changes:
- update composer.phar to latest stable (2.5.8)
- rollback pinning indirect dependencies
- Make target event id not required (makes form submit fail) [Luciano
Righetti]
- [config] typo fixed. [Alexandre Dulaunoy]
- [map widget] added alternate name for Russia. [iglocska]
- in case someone would want to make sure they still have Russian member organisations
- [trending widgets] time ranges fixed. [iglocska]
- [api login widget] fixed notice error if no entries were found.
[iglocska]
- [dashboard trending attributes] change !empty() to isset() to allow
for local: "0" to be a valid filter. [iglocska]
- [indexing] object references table lacked an index on the uuid field
causing massive performance issues during ingestion. [iglocska]
- [urls] allow for encoded spaces. [iglocska]
- this has been haunting us for a while
- [app:udpateDatabase] Added missing break statement. [Sami Mokaddem]
- [UI] index searches will handle spaces correctly. [iglocska]
- [taxii push] correctly save the status of thetaxii push job.
[iglocska]
- Make target event id not required (makes form submit fail) [Luciano
Righetti]
Other
~~~~~
- Merge branch '2.4' into develop. [iglocska]
- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska]
- Merge branch 'develop' of github.com:MISP/MISP into develop.
[Alexandre Dulaunoy]
- Merge branch '2.4' into develop. [iglocska]
- Merge branch '2.4' into develop. [iglocska]
- Merge branch '2.4' into develop. [iglocska]
- Merge branch '2.4' into develop. [iglocska]
- Merge branch 'composer_fix' into develop. [iglocska]
- Merge branch 'develop' of github.com:MISP/MISP into develop.
[iglocska]
- Merge branch '2.4' into develop. [Sami Mokaddem]
- Merge branch '2.4' into develop. [iglocska]
- Merge branch '2.4' into develop. [iglocska]
- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska]
- Merge pull request #9158 from ostefano/search. [Andras Iklody]
Fix search galaxy clusters
- Fix search galaxy clusters. [Stefano Ortolani]
- Merge branch '2.4' of github.com:MISP/MISP into 2.4. [iglocska]
v2.4.172 (2023-06-09)
---------------------

372
static/objects.html
View File

@ -502,6 +502,7 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
<li><a href="#_ddos">ddos</a></li>
<li><a href="#_device">device</a></li>
<li><a href="#_diameter_attack">diameter-attack</a></li>
<li><a href="#_diamond_event">diamond-event</a></li>
<li><a href="#_directory">directory</a></li>
<li><a href="#_dkim">dkim</a></li>
<li><a href="#_dns_record">dns-record</a></li>
@ -586,6 +587,7 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
<li><a href="#_greynoise_ip">greynoise-ip</a></li>
<li><a href="#_gtp_attack">gtp-attack</a></li>
<li><a href="#_hashlookup">hashlookup</a></li>
<li><a href="#_hhhash">hhhash</a></li>
<li><a href="#_http_request">http-request</a></li>
<li><a href="#_identity">identity</a></li>
<li><a href="#_ilr_impact">ilr-impact</a></li>
@ -9494,6 +9496,228 @@ diameter-attack is a MISP object available in JSON format at <a href="https://gi
</div>
</div>
<div class="sect1">
<h2 id="_diamond_event"><a class="anchor" href="#_diamond_event"></a><a class="link" href="#_diamond_event">diamond-event</a></h2>
<div class="sectionbody">
<div class="paragraph">
<p>A diamond model event object consisting of the four diamond features advesary, infrastructure, capability and victim, several meta-features and ioc attributes.</p>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
diamond-event is a MISP object available in JSON format at <a href="https://github.com/MISP/misp-objects/blob/main/objects/diamond-event/definition.json"><strong>this location</strong></a> The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a>.
</td>
</tr>
</table>
</div>
<table class="tableblock frame-all grid-all stretch">
<colgroup>
<col style="width: 20%;">
<col style="width: 20%;">
<col style="width: 20%;">
<col style="width: 20%;">
<col style="width: 20%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Object attribute</th>
<th class="tableblock halign-left valign-top">MISP attribute type</th>
<th class="tableblock halign-left valign-top">Description</th>
<th class="tableblock halign-left valign-top">Disable correlation</th>
<th class="tableblock halign-left valign-top">Multiple</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">Advesary</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>The advesary who attacks the victim</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">Capability</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>The capability used to attack the victim</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">Description</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Further context to the event</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">Direction</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>The network-based direction of the event ['Victim-to-Infrastructure', 'Infrastructure-to-Victim', 'Infrastructure-to-Infrastructure', 'Adversary-to-Infrastructure', 'Infrastructure-to-Adversary', 'Bidirectional', 'Unknown']</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">EventID</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">counter</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Id of the event</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">Infrastructure</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>The infrastructure used in the attack</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">Methodology</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Mitre-Attack mapping of the event</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">Phase</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>The event mapped to a phase of the killchain ['Reconnaissance', 'Weaponization', 'Delivery', 'Exploitation', 'Installation', 'C2', 'Action on Objectives']</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">Resources</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>The resources the attacker needed for the event to succeed</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">Result</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>The result of the event</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">Timestamp</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">datetime</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Timestamp when the event happened</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">Victim</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>The attacked victim</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">ioc</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Generic IOC</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">textfield</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Generic textfield</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="sect1">
<h2 id="_directory"><a class="anchor" href="#_directory"></a><a class="link" href="#_directory">directory</a></h2>
<div class="sectionbody">
<div class="paragraph">
@ -39930,6 +40154,111 @@ hashlookup is a MISP object available in JSON format at <a href="https://github.
</div>
</div>
<div class="sect1">
<h2 id="_hhhash"><a class="anchor" href="#_hhhash"></a><a class="link" href="#_hhhash">hhhash</a></h2>
<div class="sectionbody">
<div class="paragraph">
<p>An object describing a HHHash object with the hash value along with the crawling parameters. For more information: <a href="https://www.foo.be/2023/07/HTTP-Headers-Hashing_HHHash" class="bare">https://www.foo.be/2023/07/HTTP-Headers-Hashing_HHHash</a>.</p>
</div>
<div class="admonitionblock note">
<table>
<tr>
<td class="icon">
<i class="fa icon-note" title="Note"></i>
</td>
<td class="content">
hhhash is a MISP object available in JSON format at <a href="https://github.com/MISP/misp-objects/blob/main/objects/hhhash/definition.json"><strong>this location</strong></a> The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a>.
</td>
</tr>
</table>
</div>
<table class="tableblock frame-all grid-all stretch">
<colgroup>
<col style="width: 20%;">
<col style="width: 20%;">
<col style="width: 20%;">
<col style="width: 20%;">
<col style="width: 20%;">
</colgroup>
<thead>
<tr>
<th class="tableblock halign-left valign-top">Object attribute</th>
<th class="tableblock halign-left valign-top">MISP attribute type</th>
<th class="tableblock halign-left valign-top">Description</th>
<th class="tableblock halign-left valign-top">Disable correlation</th>
<th class="tableblock halign-left valign-top">Multiple</th>
</tr>
</thead>
<tbody>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">comment</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">comment</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>A description of the HHHash object.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">hhhash</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>HHHash hash in format hhh:version:hash_value</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">hhhash-headers</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>HHHash value before being hash in the format each header is separated by a :.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">hhhash-query-headers</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Set of headers used for the query in the format where each header is separated by a : .</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">hhhash-tool</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>HHHash crawling infrastructure or tool used to produce the HHHash value. ['python-hhhash', 'c-hhhash', 'go-hhhash', 'r-hhhash', 'lacus', 'Common Crawl', 'other']</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="sect1">
<h2 id="_http_request"><a class="anchor" href="#_http_request"></a><a class="link" href="#_http_request">http-request</a></h2>
<div class="sectionbody">
<div class="paragraph">
@ -49773,6 +50102,19 @@ organization is a MISP object available in JSON format at <a href="https://githu
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">contact_information</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Generic contact information (e-mail, phone number, etc.) for this Organization, with no specific format requirement.</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">date-of-inception</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">datetime</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
@ -49877,6 +50219,19 @@ organization is a MISP object available in JSON format at <a href="https://githu
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">sector</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p>Describing the organization&#8217;s sector of activity. ['agriculture', 'aerospace', 'automotive', 'chemical', 'commercial', 'communication', 'construction', 'defense', 'education', 'energy', 'entertainment', 'financial-services', 'government', 'government emergency-services', 'government government-local', 'government-national', 'government-public-services', 'government-regional', 'healthcare', 'hospitality-leasure', 'infrastructure', 'infrastructure dams', 'infrastructure nuclear', 'infrastructure water', 'insurance', 'manufacturing', 'mining', 'non-profit', 'pharmaceuticals', 'retail', 'technology', 'telecommunication', 'transportation', 'utilities']</p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
</div></div></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
<p><span class="icon"><i class="fa fa-check"></i></span></p>
</div></div></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">type-of-organization</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
@ -74301,6 +74656,21 @@ youtube-video is a MISP object available in JSON format at <a href="https://gith
<td class="tableblock halign-left valign-top"><p class="tableblock">The source object refers to the target object as themself or a representation of themself. Can be a profile on social-networking for example. This value is exclusive of all other XFN values.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">['XFN']</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">redirects-to</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The source object is redirected to the target object.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">['misp']</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">rendered-as</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The source object is rendered to the target object.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">['misp']</p></td>
</tr>
<tr>
<td class="tableblock halign-left valign-top"><p class="tableblock">known-as</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">The source object is known as the target object.</p></td>
<td class="tableblock halign-left valign-top"><p class="tableblock">['misp']</p></td>
</tr>
</tbody>
</table>
</div>
@ -74308,7 +74678,7 @@ youtube-video is a MISP object available in JSON format at <a href="https://gith
</div>
<div id="footer">
<div id="footer-text">
Last updated 2023-06-13 10:07:26 +0200
Last updated 2023-07-10 16:42:20 +0200
</div>
</div>
</body>

90154
static/objects.pdf
View File

File diff suppressed because it is too large Load Diff