You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+17-9Lines changed: 17 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -139,6 +139,7 @@ for a specific attribute. An optional **to_ids** boolean field to disable the ID
139
139
-[objects/cap-info](https://github.com/MISP/misp-objects/blob/main/objects/cap-info/definition.json) - Common Alerting Protocol Version (CAP) info object.
140
140
-[objects/cap-resource](https://github.com/MISP/misp-objects/blob/main/objects/cap-resource/definition.json) - Common Alerting Protocol Version (CAP) resource object.
141
141
-[objects/cert-pl-phishing](https://github.com/MISP/misp-objects/blob/main/objects/cert-pl-phishing/definition.json) - cert.pl phishing object template representing an url along with some metadata as such phash, html-structure or partial-hash.
142
+
-[objects/chat-message](https://github.com/MISP/misp-objects/blob/main/objects/chat-message/definition.json) - A message exchanged on a chat or messaging platform.
142
143
-[objects/cloth](https://github.com/MISP/misp-objects/blob/main/objects/cloth/definition.json) - Describes clothes a natural person wears.
143
144
-[objects/coin-address](https://github.com/MISP/misp-objects/blob/main/objects/coin-address/definition.json) - An address used in a cryptocurrency.
144
145
-[objects/command](https://github.com/MISP/misp-objects/blob/main/objects/command/definition.json) - Command functionalities related to specific commands executed by a program, whether it is malicious or not. Command-line are attached to this object for the related commands.
@@ -169,6 +170,8 @@ for a specific attribute. An optional **to_ids** boolean field to disable the ID
169
170
-[objects/ddos](https://github.com/MISP/misp-objects/blob/main/objects/ddos/definition.json) - DDoS object describes a current DDoS activity from a specific or/and to a specific target. Type of DDoS can be attached to the object as a taxonomy or using the type field.
170
171
-[objects/ddos-claim](https://github.com/MISP/misp-objects/blob/main/objects/ddos-claim/definition.json) - DDoS-claim object describes a current claim of DDoS activity.
171
172
-[objects/ddos-config](https://github.com/MISP/misp-objects/blob/main/objects/ddos-config/definition.json) - DDoS-claim object describes a current claim of DDoS activity.
173
+
-[objects/decoded-barcode](https://github.com/MISP/misp-objects/blob/main/objects/decoded-barcode/definition.json) - Object describing a decoded barcode, including its decoded value, barcode type, original image, and contextual description.
174
+
-[objects/decoded-qrcode](https://github.com/MISP/misp-objects/blob/main/objects/decoded-qrcode/definition.json) - Object describing a decoded QR code, including its decoded value, original image, and contextual description.
172
175
-[objects/detection](https://github.com/MISP/misp-objects/blob/main/objects/detection/definition.json) - A comprehensive object to document a detection analytic, its logic, robustness, validation, and associated response playbooks. It is based on an advanced detection engineering template that integrates concepts like 'Summiting the Pyramid' for robustness scoring and a 'Funnel of Fidelity' for validation, along with structured SOAR automation steps.
173
176
-[objects/device](https://github.com/MISP/misp-objects/blob/main/objects/device/definition.json) - An object to define a device.
174
177
-[objects/diameter-attack](https://github.com/MISP/misp-objects/blob/main/objects/diameter-attack/definition.json) - Attack as seen on the diameter signaling protocol supporting LTE networks.
@@ -260,6 +263,7 @@ for a specific attribute. An optional **to_ids** boolean field to disable the ID
260
263
-[objects/game-cheat](https://github.com/MISP/misp-objects/blob/main/objects/game-cheat/definition.json) - Describes a game cheat or a cheatware.
261
264
-[objects/Generalizing Persuasion Framework](https://github.com/MISP/misp-objects/blob/main/objects/Generalizing Persuasion Framework/definition.json) - By placing their work within the GP Framework, scholars will help the field resolve inconsistencies, identify and address open questions, and ensure collective progress. The GP Framework is not meant to compete with other theories (such as the ELM) but rather to fill in two gaps. First, it allows one to consider how individual persuasion studies connect to one another and why studies may arrive at contradictory conclusions. Second, it highlights the sources of variations that should be studied. (James N. Druckman).
262
265
-[objects/geolocation](https://github.com/MISP/misp-objects/blob/main/objects/geolocation/definition.json) - An object to describe a geographic location.
@@ -324,10 +328,14 @@ for a specific attribute. An optional **to_ids** boolean field to disable the ID
324
328
-[objects/network-traffic](https://github.com/MISP/misp-objects/blob/main/objects/network-traffic/definition.json) - Generic network traffic that originates from a source and is addressed to a destination.
325
329
-[objects/news-agency](https://github.com/MISP/misp-objects/blob/main/objects/news-agency/definition.json) - News agencies compile news and disseminate news in bulk.
326
330
-[objects/news-media](https://github.com/MISP/misp-objects/blob/main/objects/news-media/definition.json) - News media are forms of mass media delivering news to the general public.
331
+
-[objects/nova-rule](https://github.com/MISP/misp-objects/blob/main/objects/nova-rule/definition.json) - NOVA prompt detection rule metadata and logic for a single NOVA rule.
332
+
-[objects/nse](https://github.com/MISP/misp-objects/blob/main/objects/nse/definition.json) - An object describing an Nmap NSE script using the standard NSE script format fields.
333
+
-[objects/ocrized-image](https://github.com/MISP/misp-objects/blob/main/objects/ocrized-image/definition.json) - Object describing an OCRized image, including the original image, extracted text, and contextual description.
327
334
-[objects/open-data-security](https://github.com/MISP/misp-objects/blob/main/objects/open-data-security/definition.json) - An object describing an open dataset available and described under the open data security model. ref. https://github.com/CIRCL/open-data-security.
328
335
-[objects/opentide](https://github.com/MISP/misp-objects/blob/main/objects/opentide/definition.json) - Object that is a container for threat or detection data, in accordance with the OpenTIDE Framework (https://code.europa.eu/ec-digit-s2/opentide).
329
336
-[objects/organization](https://github.com/MISP/misp-objects/blob/main/objects/organization/definition.json) - An object which describes an organization.
330
337
-[objects/original-imported-file](https://github.com/MISP/misp-objects/blob/main/objects/original-imported-file/definition.json) - Object describing the original file used to import data in MISP.
338
+
-[objects/owasp-crs-rule](https://github.com/MISP/misp-objects/blob/main/objects/owasp-crs-rule/definition.json) - OWASP Core Rule Set (CRS) rule metadata for a WAF detection rule.
@@ -353,7 +361,7 @@ for a specific attribute. An optional **to_ids** boolean field to disable the ID
353
361
-[objects/probabilistic-data-structure](https://github.com/MISP/misp-objects/blob/main/objects/probabilistic-data-structure/definition.json) - Probabilistic data structure object describe a space-efficient data structure such as Bloom filter or similar structure.
354
362
-[objects/process](https://github.com/MISP/misp-objects/blob/main/objects/process/definition.json) - Object describing a system process.
355
363
-[objects/publication](https://github.com/MISP/misp-objects/blob/main/objects/publication/definition.json) - An object to describe a book, journal, or academic publication.
356
-
-[objects/python-etvx-event-log](https://github.com/MISP/misp-objects/blob/main/objects/python-etvx-event-log/definition.json) - Event log object template to share information of the activities conducted on a system. .
364
+
-[objects/python-evtx-event-log](https://github.com/MISP/misp-objects/blob/main/objects/python-evtx-event-log/definition.json) - Event log object template to share information of the activities conducted on a system. The object template is mapped with the python-etvx module. https://github.com/williballenthin/python-evtx.
357
365
-[objects/query](https://github.com/MISP/misp-objects/blob/main/objects/query/definition.json) - An object describing a query, along with its format.
358
366
-[objects/r2graphity](https://github.com/MISP/misp-objects/blob/main/objects/r2graphity/definition.json) - Indicators extracted from files using radare2 and graphml.
359
367
-[objects/ransom-negotiation](https://github.com/MISP/misp-objects/blob/main/objects/ransom-negotiation/definition.json) - An object to describe ransom negotiations, as seen in ransomware incidents.
@@ -537,12 +545,12 @@ The MISP objects (JSON files) are dual-licensed under:
0 commit comments