mirror of https://github.com/MISP/misp-website
chg: [objects] updated
parent
9f24d978b2
commit
ccf514b512
|
|
@ -452,7 +452,7 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
|
|||
<ul class="sectlevel1">
|
||||
<li><a href="#_ads">ADS</a></li>
|
||||
<li><a href="#_ail_leak">ail-leak</a></li>
|
||||
<li><a href="#_ais">AIS</a></li>
|
||||
<li><a href="#_ais">ais</a></li>
|
||||
<li><a href="#_ais_info">ais-info</a></li>
|
||||
<li><a href="#_android_app">android-app</a></li>
|
||||
<li><a href="#_android_permission">android-permission</a></li>
|
||||
|
|
@ -499,6 +499,7 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
|
|||
<li><a href="#_ddos">ddos</a></li>
|
||||
<li><a href="#_device">device</a></li>
|
||||
<li><a href="#_diameter_attack">diameter-attack</a></li>
|
||||
<li><a href="#_directory">directory</a></li>
|
||||
<li><a href="#_dkim">dkim</a></li>
|
||||
<li><a href="#_dns_record">dns-record</a></li>
|
||||
<li><a href="#_domain_crawled">domain-crawled</a></li>
|
||||
|
|
@ -579,6 +580,7 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
|
|||
<li><a href="#_git_vuln_finder">git-vuln-finder</a></li>
|
||||
<li><a href="#_github_user">github-user</a></li>
|
||||
<li><a href="#_gitlab_user">gitlab-user</a></li>
|
||||
<li><a href="#_greynoise_ip">greynoise-ip</a></li>
|
||||
<li><a href="#_gtp_attack">gtp-attack</a></li>
|
||||
<li><a href="#_hashlookup">hashlookup</a></li>
|
||||
<li><a href="#_http_request">http-request</a></li>
|
||||
|
|
@ -660,6 +662,7 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b
|
|||
<li><a href="#_reddit_subreddit">reddit-subreddit</a></li>
|
||||
<li><a href="#_regexp">regexp</a></li>
|
||||
<li><a href="#_registry_key">registry-key</a></li>
|
||||
<li><a href="#_registry_key_value">registry-key-value</a></li>
|
||||
<li><a href="#_regripper_ntuser">regripper-NTUser</a></li>
|
||||
<li><a href="#_regripper_sam_hive_single_user">regripper-sam-hive-single-user</a></li>
|
||||
<li><a href="#_regripper_sam_hive_user_group">regripper-sam-hive-user-group</a></li>
|
||||
|
|
@ -1164,7 +1167,7 @@ ail-leak is a MISP object available in JSON format at <a href="https://github.co
|
|||
</div>
|
||||
</div>
|
||||
<div class="sect1">
|
||||
<h2 id="_ais"><a class="anchor" href="#_ais"></a><a class="link" href="#_ais">AIS</a></h2>
|
||||
<h2 id="_ais"><a class="anchor" href="#_ais"></a><a class="link" href="#_ais">ais</a></h2>
|
||||
<div class="sectionbody">
|
||||
<div class="paragraph">
|
||||
<p>Automatic Identification System (AIS) is an automatic tracking system that uses transceivers on ships.</p>
|
||||
|
|
@ -1176,7 +1179,7 @@ ail-leak is a MISP object available in JSON format at <a href="https://github.co
|
|||
<i class="fa icon-note" title="Note"></i>
|
||||
</td>
|
||||
<td class="content">
|
||||
AIS is a MISP object available in JSON format at <a href="https://github.com/MISP/misp-objects/blob/main/objects/ais/definition.json"><strong>this location</strong></a> The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a>.
|
||||
ais is a MISP object available in JSON format at <a href="https://github.com/MISP/misp-objects/blob/main/objects/ais/definition.json"><strong>this location</strong></a> The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a>.
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
|
@ -8937,6 +8940,111 @@ diameter-attack is a MISP object available in JSON format at <a href="https://gi
|
|||
</div>
|
||||
</div>
|
||||
<div class="sect1">
|
||||
<h2 id="_directory"><a class="anchor" href="#_directory"></a><a class="link" href="#_directory">directory</a></h2>
|
||||
<div class="sectionbody">
|
||||
<div class="paragraph">
|
||||
<p>Directory object describing a directory with meta-information.</p>
|
||||
</div>
|
||||
<div class="admonitionblock note">
|
||||
<table>
|
||||
<tr>
|
||||
<td class="icon">
|
||||
<i class="fa icon-note" title="Note"></i>
|
||||
</td>
|
||||
<td class="content">
|
||||
directory is a MISP object available in JSON format at <a href="https://github.com/MISP/misp-objects/blob/main/objects/directory/definition.json"><strong>this location</strong></a> The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a>.
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
<table class="tableblock frame-all grid-all stretch">
|
||||
<colgroup>
|
||||
<col style="width: 20%;">
|
||||
<col style="width: 20%;">
|
||||
<col style="width: 20%;">
|
||||
<col style="width: 20%;">
|
||||
<col style="width: 20%;">
|
||||
</colgroup>
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="tableblock halign-left valign-top">Object attribute</th>
|
||||
<th class="tableblock halign-left valign-top">MISP attribute type</th>
|
||||
<th class="tableblock halign-left valign-top">Description</th>
|
||||
<th class="tableblock halign-left valign-top">Disable correlation</th>
|
||||
<th class="tableblock halign-left valign-top">Multiple</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">access-time</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">datetime</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>The last time the directory was accessed</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">creation-time</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">datetime</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Creation time of the directory</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">modification-time</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">datetime</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Modification time of the directory</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">path</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Path of the directory, complete or partial</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">path-encoding</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Encoding format of the directory ['Adobe-Standard-Encoding', 'Adobe-Symbol-Encoding', 'Amiga-1251', 'ANSI_X3.110-1983', 'ASMO_449', 'Big5', 'Big5-HKSCS', 'BOCU-1', 'BRF', 'BS_4730', 'BS_viewdata', 'CESU-8', 'CP50220', 'CP51932', 'CSA_Z243.4-1985-1', 'CSA_Z243.4-1985-2', 'CSA_Z243.4-1985-gr', 'CSN_369103', 'DEC-MCS', 'DIN_66003', 'dk-us', 'DS_2089', 'EBCDIC-AT-DE', 'EBCDIC-AT-DE-A', 'EBCDIC-CA-FR', 'EBCDIC-DK-NO', 'EBCDIC-DK-NO-A', 'EBCDIC-ES', 'EBCDIC-ES-A', 'EBCDIC-ES-S', 'EBCDIC-FI-SE', 'EBCDIC-FI-SE-A', 'EBCDIC-FR', 'EBCDIC-IT', 'EBCDIC-PT', 'EBCDIC-UK', 'EBCDIC-US', 'ECMA-cyrillic', 'ES', 'ES2', 'EUC-KR', 'Extended_UNIX_Code_Fixed_Width_for_Japanese', 'Extended_UNIX_Code_Packed_Format_for_Japanese', 'GB18030', 'GB_1988-80', 'GB2312', 'GB_2312-80', 'GBK', 'GOST_19768-74', 'greek7', 'greek7-old', 'greek-ccitt', 'HP-DeskTop', 'HP-Legal', 'HP-Math8', 'HP-Pi-font', 'hp-roman8', 'HZ-GB-2312', 'IBM00858', 'IBM00924', 'IBM01140', 'IBM01141', 'IBM01142', 'IBM01143', 'IBM01144', 'IBM01145', 'IBM01146', 'IBM01147', 'IBM01148', 'IBM01149', 'IBM037', 'IBM038', 'IBM1026', 'IBM1047', 'IBM273', 'IBM274', 'IBM275', 'IBM277', 'IBM278', 'IBM280', 'IBM281', 'IBM284', 'IBM285', 'IBM290', 'IBM297', 'IBM420', 'IBM423', 'IBM424', 'IBM437', 'IBM500', 'IBM775', 'IBM850', 'IBM851', 'IBM852', 'IBM855', 'IBM857', 'IBM860', 'IBM861', 'IBM862', 'IBM863', 'IBM864', 'IBM865', 'IBM866', 'IBM868', 'IBM869', 'IBM870', 'IBM871', 'IBM880', 'IBM891', 'IBM903', 'IBM904', 'IBM905', 'IBM918', 'IBM-Symbols', 'IBM-Thai', 'IEC_P27-1', 'INIS', 'INIS-8', 'INIS-cyrillic', 'INVARIANT', 'ISO_10367-box', 'ISO-10646-J-1', 'ISO-10646-UCS-2', 'ISO-10646-UCS-4', 'ISO-10646-UCS-Basic', 'ISO-10646-Unicode-Latin1', 'ISO-10646-UTF-1', 'ISO-11548-1', 'ISO-2022-CN', 'ISO-2022-CN-EXT', 'ISO-2022-JP', 'ISO-2022-JP-2', 'ISO-2022-KR', 'ISO_2033-1983', 'ISO_5427', 'ISO_5427:1981', 'ISO_5428:1980', 'ISO_646.basic:1983', 'ISO_646.irv:1983', 'ISO_6937-2-25', 'ISO_6937-2-add', 'ISO-8859-10', 'ISO_8859-1:1987', 'ISO-8859-13', 'ISO-8859-14', 'ISO-8859-15', 'ISO-8859-16', 'ISO-8859-1-Windows-3.0-Latin-1', 'ISO-8859-1-Windows-3.1-Latin-1', 'ISO_8859-2:1987', 'ISO-8859-2-Windows-Latin-2', 'ISO_8859-3:1988', 'ISO_8859-4:1988', 'ISO_8859-5:1988', 'ISO_8859-6:1987', 'ISO_8859-6-E', 'ISO_8859-6-I', 'ISO_8859-7:1987', 'ISO_8859-8:1988', 'ISO_8859-8-E', 'ISO_8859-8-I', 'ISO_8859-9:1989', 'ISO-8859-9-Windows-Latin-5', 'ISO_8859-supp', 'iso-ir-90', 'ISO-Unicode-IBM-1261', 'ISO-Unicode-IBM-1264', 'ISO-Unicode-IBM-1265', 'ISO-Unicode-IBM-1268', 'ISO-Unicode-IBM-1276', 'IT', 'JIS_C6220-1969-jp', 'JIS_C6220-1969-ro', 'JIS_C6226-1978', 'JIS_C6226-1983', 'JIS_C6229-1984-a', 'JIS_C6229-1984-b', 'JIS_C6229-1984-b-add', 'JIS_C6229-1984-hand', 'JIS_C6229-1984-hand-add', 'JIS_C6229-1984-kana', 'JIS_Encoding', 'JIS_X0201', 'JIS_X0212-1990', 'JUS_I.B1.002', 'JUS_I.B1.003-mac', 'JUS_I.B1.003-serb', 'KOI7-switched', 'KOI8-R', 'KOI8-U', 'KS_C_5601-1987', 'KSC5636', 'KZ-1048', 'latin-greek', 'Latin-greek-1', 'latin-lap', 'macintosh', 'Microsoft-Publishing', 'MNEM', 'MNEMONIC', 'MSZ_7795.3', 'Name', 'NATS-DANO', 'NATS-DANO-ADD', 'NATS-SEFI', 'NATS-SEFI-ADD', 'NC_NC00-10:81', 'NF_Z_62-010', 'NF_Z_62-010_(1973)', 'NS_4551-1', 'NS_4551-2', 'OSD_EBCDIC_DF03_IRV', 'OSD_EBCDIC_DF04_1', 'OSD_EBCDIC_DF04_15', 'PC8-Danish-Norwegian', 'PC8-Turkish', 'PT', 'PT2', 'PTCP154', 'SCSU', 'SEN_850200_B', 'SEN_850200_C', 'Shift_JIS', 'T.101-G2', 'T.61-7bit', 'T.61-8bit', 'TIS-620', 'TSCII', 'UNICODE-1-1', 'UNICODE-1-1-UTF-7', 'UNKNOWN-8BIT', 'US-ASCII', 'us-dk', 'UTF-16', 'UTF-16BE', 'UTF-16LE', 'UTF-32', 'UTF-32BE', 'UTF-32LE', 'UTF-7', 'UTF-8', 'Ventura-International', 'Ventura-Math', 'Ventura-US', 'videotex-suppl', 'VIQR', 'VISCII', 'windows-1250', 'windows-1251', 'windows-1252', 'windows-1253', 'windows-1254', 'windows-1255', 'windows-1256', 'windows-1257', 'windows-1258', 'Windows-31J', 'windows-874']</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</div>
|
||||
<div class="sect1">
|
||||
<h2 id="_dkim"><a class="anchor" href="#_dkim"></a><a class="link" href="#_dkim">dkim</a></h2>
|
||||
<div class="sectionbody">
|
||||
<div class="paragraph">
|
||||
|
|
@ -38654,6 +38762,176 @@ gitlab-user is a MISP object available in JSON format at <a href="https://github
|
|||
</div>
|
||||
</div>
|
||||
<div class="sect1">
|
||||
<h2 id="_greynoise_ip"><a class="anchor" href="#_greynoise_ip"></a><a class="link" href="#_greynoise_ip">greynoise-ip</a></h2>
|
||||
<div class="sectionbody">
|
||||
<div class="paragraph">
|
||||
<p>GreyNoise IP Information.</p>
|
||||
</div>
|
||||
<div class="admonitionblock note">
|
||||
<table>
|
||||
<tr>
|
||||
<td class="icon">
|
||||
<i class="fa icon-note" title="Note"></i>
|
||||
</td>
|
||||
<td class="content">
|
||||
greynoise-ip is a MISP object available in JSON format at <a href="https://github.com/MISP/misp-objects/blob/main/objects/greynoise-ip/definition.json"><strong>this location</strong></a> The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a>.
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
<table class="tableblock frame-all grid-all stretch">
|
||||
<colgroup>
|
||||
<col style="width: 20%;">
|
||||
<col style="width: 20%;">
|
||||
<col style="width: 20%;">
|
||||
<col style="width: 20%;">
|
||||
<col style="width: 20%;">
|
||||
</colgroup>
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="tableblock halign-left valign-top">Object attribute</th>
|
||||
<th class="tableblock halign-left valign-top">MISP attribute type</th>
|
||||
<th class="tableblock halign-left valign-top">Description</th>
|
||||
<th class="tableblock halign-left valign-top">Disable correlation</th>
|
||||
<th class="tableblock halign-left valign-top">Multiple</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">actor</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>GreyNoise Actor</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">classification</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>GreyNoise Classification</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">first-seen</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">datetime</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>First Seen</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">ip-src</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">ip-src</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Source IP address of the network connection.</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">last-seen</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">datetime</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Last Seen</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">link</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">link</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>GreyNoise Visualizer Link</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">noise</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>GreyNoise Internet Scanning Flag</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">provider</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>GreyNoise Service Provider</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">riot</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>GreyNoise Common Business Service Flag</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">trust-level</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>GreyNoise RIOT Trust Level</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</div>
|
||||
<div class="sect1">
|
||||
<h2 id="_gtp_attack"><a class="anchor" href="#_gtp_attack"></a><a class="link" href="#_gtp_attack">gtp-attack</a></h2>
|
||||
<div class="sectionbody">
|
||||
<div class="paragraph">
|
||||
|
|
@ -47219,6 +47497,32 @@ network-connection is a MISP object available in JSON format at <a href="https:/
|
|||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">dst-bytes-count</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">counter</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Number of bytes sent from the source to the destination.</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">dst-packets-count</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">counter</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Number of packets sent from the source to the destination.</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">dst-port</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">port</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
|
|
@ -47297,6 +47601,19 @@ network-connection is a MISP object available in JSON format at <a href="https:/
|
|||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">last-packet-seen</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">datetime</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Datetime of the last packet seen.</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">layer3-protocol</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
|
|
@ -47336,6 +47653,58 @@ network-connection is a MISP object available in JSON format at <a href="https:/
|
|||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">mac-dst</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">mac-address</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Destination MAC address of the network connection.</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">mac-src</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">mac-address</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Source MAC address of the network connection.</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">src-bytes-count</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">counter</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Number of bytes sent from the destination to the source.</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">src-packets-count</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">counter</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Number of packets sent from the destination to the source.</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">src-port</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">port</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
|
|
@ -47897,6 +48266,32 @@ network-socket is a MISP object available in JSON format at <a href="https://git
|
|||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">dst-bytes-count</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">counter</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Number of bytes sent from the source to the destination.</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">dst-packets-count</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">counter</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Number of packets sent from the source to the destination.</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">dst-port</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">port</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
|
|
@ -47923,6 +48318,19 @@ network-socket is a MISP object available in JSON format at <a href="https://git
|
|||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">first-packet-seen</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">datetime</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Datetime of the first packet seen.</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">hostname-dst</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">hostname</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
|
|
@ -47975,6 +48383,19 @@ network-socket is a MISP object available in JSON format at <a href="https://git
|
|||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">last-packet-seen</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">datetime</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Datetime of the last packet seen.</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">option</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
|
|
@ -47997,7 +48418,7 @@ network-socket is a MISP object available in JSON format at <a href="https://git
|
|||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
|
|
@ -48014,6 +48435,32 @@ network-socket is a MISP object available in JSON format at <a href="https://git
|
|||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">src-bytes-count</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">counter</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Number of bytes sent from the destination to the source.</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">src-packets-count</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">counter</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Number of packets sent from the destination to the source.</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">src-port</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">port</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
|
|
@ -56337,6 +56784,85 @@ registry-key is a MISP object available in JSON format at <a href="https://githu
|
|||
</div>
|
||||
</div>
|
||||
<div class="sect1">
|
||||
<h2 id="_registry_key_value"><a class="anchor" href="#_registry_key_value"></a><a class="link" href="#_registry_key_value">registry-key-value</a></h2>
|
||||
<div class="sectionbody">
|
||||
<div class="paragraph">
|
||||
<p>Registry key value object describing a Windows registry key value, with its data, data type and name values. To be used when a registry key has multiple values.</p>
|
||||
</div>
|
||||
<div class="admonitionblock note">
|
||||
<table>
|
||||
<tr>
|
||||
<td class="icon">
|
||||
<i class="fa icon-note" title="Note"></i>
|
||||
</td>
|
||||
<td class="content">
|
||||
registry-key-value is a MISP object available in JSON format at <a href="https://github.com/MISP/misp-objects/blob/main/objects/registry-key-value/definition.json"><strong>this location</strong></a> The JSON format can be freely reused in your application or automatically enabled in <a href="https://www.github.com/MISP/MISP">MISP</a>.
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
<table class="tableblock frame-all grid-all stretch">
|
||||
<colgroup>
|
||||
<col style="width: 20%;">
|
||||
<col style="width: 20%;">
|
||||
<col style="width: 20%;">
|
||||
<col style="width: 20%;">
|
||||
<col style="width: 20%;">
|
||||
</colgroup>
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="tableblock halign-left valign-top">Object attribute</th>
|
||||
<th class="tableblock halign-left valign-top">MISP attribute type</th>
|
||||
<th class="tableblock halign-left valign-top">Description</th>
|
||||
<th class="tableblock halign-left valign-top">Disable correlation</th>
|
||||
<th class="tableblock halign-left valign-top">Multiple</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">data</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Data stored in the registry key value</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">data-type</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Registry key value type ['REG_NONE', 'REG_SZ', 'REG_EXPAND_SZ', 'REG_BINARY', 'REG_DWORD', 'REG_DWORD_LITTLE_ENDIAN', 'REG_DWORD_BIG_ENDIAN', 'REG_LINK', 'REG_MULTI_SZ', 'REG_RESOURCE_LIST', 'REG_FULL_RESOURCE_DESCRIPTOR', 'REG_RESOURCE_REQUIREMENTS_LIST', 'REG_QWORD', 'REG_QWORD_LITTLE_ENDIAN']</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-check"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">name</p></td>
|
||||
<td class="tableblock halign-left valign-top"><p class="tableblock">text</p></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p>Name of the registry key value</p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
<td class="tableblock halign-left valign-top"><div class="content"><div class="paragraph">
|
||||
<p><span class="icon"><i class="fa fa-minus"></i></span></p>
|
||||
</div></div></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</div>
|
||||
<div class="sect1">
|
||||
<h2 id="_regripper_ntuser"><a class="anchor" href="#_regripper_ntuser"></a><a class="link" href="#_regripper_ntuser">regripper-NTUser</a></h2>
|
||||
<div class="sectionbody">
|
||||
<div class="paragraph">
|
||||
|
|
@ -72956,7 +73482,7 @@ youtube-video is a MISP object available in JSON format at <a href="https://gith
|
|||
</div>
|
||||
<div id="footer">
|
||||
<div id="footer-text">
|
||||
Last updated 2023-02-26 11:46:47 +0100
|
||||
Last updated 2023-03-10 15:37:55 +0100
|
||||
</div>
|
||||
</div>
|
||||
</body>
|
||||
|
|
|
|||
241074
static/objects.pdf
241074
static/objects.pdf
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue