Merge branch 'master' of https://github.com/Kafeine/misp-galaxy into Kafeine-master

This commit is contained in:
Alexandre Dulaunoy 2018-02-14 11:06:19 +01:00
commit db2b187bc6
Signed by: adulau
GPG key ID: 09E2CD4944E6CBCD
3 changed files with 29 additions and 6 deletions

View file

@ -322,7 +322,7 @@
}, },
{ {
"value": "GrandSoft", "value": "GrandSoft",
"description": "GrandSoft Exploit Kit was a quite common exploit kit used in 2012/2013", "description": "GrandSoft Exploit Kit was a quite common exploit kit used in 2012/2013. Disappeared between march 2014 and September 2017",
"meta": { "meta": {
"refs": [ "refs": [
"http://malware.dontneedcoffee.com/2013/09/FinallyGrandSoft.html", "http://malware.dontneedcoffee.com/2013/09/FinallyGrandSoft.html",
@ -333,7 +333,7 @@
"StampEK", "StampEK",
"SofosFO" "SofosFO"
], ],
"status": "Retired - Last seen: 2014-03" "status": "Active"
} }
}, },
{ {
@ -497,7 +497,7 @@
}, },
{ {
"value": "Sakura", "value": "Sakura",
"description": "Description Here", "description": "Sakura Exploit Kit appeared in 2012 and was adopted by several big actor",
"meta": { "meta": {
"refs": [ "refs": [
"http://www.xylibox.com/2012/01/sakura-exploit-pack-10.html" "http://www.xylibox.com/2012/01/sakura-exploit-pack-10.html"
@ -505,6 +505,17 @@
"status": "Retired - Last seen: 2013-09" "status": "Retired - Last seen: 2013-09"
} }
}, },
{
"value": "SPL",
"description": "SPL exploit kit was mainly seen in 2012/2013 most often associated with ZeroAccess and Scareware/FakeAV",
"meta": {
"refs": ["http://www.malwaresigs.com/2012/12/05/spl-exploit-kit/"],
"status": "Retired - Last seen: 2015-04",
"synonyms": ["SPL_Data",
"SPLNet",
"SPL2"],
}
},
{ {
"value": "Sundown", "value": "Sundown",
"description": "Sundown Exploit Kit is mainly built out of stolen code from other exploit kits", "description": "Sundown Exploit Kit is mainly built out of stolen code from other exploit kits",
@ -570,7 +581,7 @@
} }
} }
], ],
"version": 5, "version": 6,
"uuid": "454f4e78-bd7c-11e6-a4a6-cec0c932ce01", "uuid": "454f4e78-bd7c-11e6-a4a6-cec0c932ce01",
"description": "Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits.It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years", "description": "Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits.It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years",
"authors": [ "authors": [

View file

@ -12,6 +12,18 @@
] ]
} }
}, },
{
"value": "BlackTDS",
"description": "BlackTDS is mutualised TDS advertised underground since end of December 2017",
"meta": {
"refs": [
"https://blacktds[.com/"
],
"type": [
"Underground"
]
}
},
{ {
"value": "ShadowTDS", "value": "ShadowTDS",
"description": "ShadowTDS is advertised underground since 2016-02. It's in fact more like a Social Engineering kit focused on Android and embedding a TDS", "description": "ShadowTDS is advertised underground since 2016-02. It's in fact more like a Social Engineering kit focused on Android and embedding a TDS",
@ -91,7 +103,7 @@
} }
} }
], ],
"version": 2, "version": 3,
"uuid": "ab5fffaa-c5f6-11e6-9d9d-cec0c932ce01", "uuid": "ab5fffaa-c5f6-11e6-9d9d-cec0c932ce01",
"description": "TDS is a list of Traffic Direction System used by adversaries", "description": "TDS is a list of Traffic Direction System used by adversaries",
"authors": [ "authors": [

View file

@ -1,5 +1,5 @@
python3 adoc_galaxy.py >a.txt python3 adoc_galaxy.py >a.txt
asciidoctor a.txt asciidoctor -a allow-uri-read a.txt
asciidoctor-pdf -a allow-uri-read a.txt asciidoctor-pdf -a allow-uri-read a.txt
cp a.html ../../misp-website/galaxy.html cp a.html ../../misp-website/galaxy.html
cp a.pdf ../../misp-website/galaxy.pdf cp a.pdf ../../misp-website/galaxy.pdf