mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-30 02:37:17 +00:00
Merge pull request #288 from cvandeplas/master
categorization of galaxies
This commit is contained in:
commit
f7eb48b0fb
24 changed files with 26 additions and 0 deletions
|
@ -2,6 +2,7 @@
|
||||||
"authors": [
|
"authors": [
|
||||||
"Unknown"
|
"Unknown"
|
||||||
],
|
],
|
||||||
|
"category": "tool",
|
||||||
"description": "Android malware galaxy based on multiple open sources.",
|
"description": "Android malware galaxy based on multiple open sources.",
|
||||||
"name": "Android",
|
"name": "Android",
|
||||||
"source": "Open Sources",
|
"source": "Open Sources",
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
"authors": [
|
"authors": [
|
||||||
"raw-data"
|
"raw-data"
|
||||||
],
|
],
|
||||||
|
"category": "tool",
|
||||||
"description": "A list of backdoor malware.",
|
"description": "A list of backdoor malware.",
|
||||||
"name": "Backdoor",
|
"name": "Backdoor",
|
||||||
"source": "Open Sources",
|
"source": "Open Sources",
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
"Unknown",
|
"Unknown",
|
||||||
"raw-data"
|
"raw-data"
|
||||||
],
|
],
|
||||||
|
"category": "tool",
|
||||||
"description": "A list of banker malware.",
|
"description": "A list of banker malware.",
|
||||||
"name": "Banker",
|
"name": "Banker",
|
||||||
"source": "Open Sources",
|
"source": "Open Sources",
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
"authors": [
|
"authors": [
|
||||||
"Various"
|
"Various"
|
||||||
],
|
],
|
||||||
|
"category": "tool",
|
||||||
"description": "botnet galaxy",
|
"description": "botnet galaxy",
|
||||||
"name": "Botnet",
|
"name": "Botnet",
|
||||||
"source": "MISP Project",
|
"source": "MISP Project",
|
||||||
|
|
|
@ -4,6 +4,7 @@
|
||||||
"Will Metcalf",
|
"Will Metcalf",
|
||||||
"KahuSecurity"
|
"KahuSecurity"
|
||||||
],
|
],
|
||||||
|
"category": "tool",
|
||||||
"description": "Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits.It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years",
|
"description": "Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits.It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years",
|
||||||
"name": "Exploit-Kit",
|
"name": "Exploit-Kit",
|
||||||
"source": "MISP Project",
|
"source": "MISP Project",
|
||||||
|
|
|
@ -5,6 +5,7 @@
|
||||||
"Andrea Garavaglia",
|
"Andrea Garavaglia",
|
||||||
"Davide Arcuri"
|
"Davide Arcuri"
|
||||||
],
|
],
|
||||||
|
"category": "tool",
|
||||||
"description": "Malware galaxy cluster based on Malpedia.",
|
"description": "Malware galaxy cluster based on Malpedia.",
|
||||||
"name": "Malpedia",
|
"name": "Malpedia",
|
||||||
"source": "Malpedia",
|
"source": "Malpedia",
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
"authors": [
|
"authors": [
|
||||||
"Various"
|
"Various"
|
||||||
],
|
],
|
||||||
|
"category": "actor",
|
||||||
"description": "Activity groups as described by Microsoft",
|
"description": "Activity groups as described by Microsoft",
|
||||||
"name": "Microsoft Activity Group actor",
|
"name": "Microsoft Activity Group actor",
|
||||||
"source": "MISP Project",
|
"source": "MISP Project",
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
"authors": [
|
"authors": [
|
||||||
"MITRE"
|
"MITRE"
|
||||||
],
|
],
|
||||||
|
"category": "actor",
|
||||||
"description": "Name of ATT&CK Group",
|
"description": "Name of ATT&CK Group",
|
||||||
"name": "Enterprise Attack -intrusion Set",
|
"name": "Enterprise Attack -intrusion Set",
|
||||||
"source": "https://github.com/mitre/cti",
|
"source": "https://github.com/mitre/cti",
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
"authors": [
|
"authors": [
|
||||||
"MITRE"
|
"MITRE"
|
||||||
],
|
],
|
||||||
|
"category": "tool",
|
||||||
"description": "Name of ATT&CK software",
|
"description": "Name of ATT&CK software",
|
||||||
"name": "Enterprise Attack - Malware",
|
"name": "Enterprise Attack - Malware",
|
||||||
"source": "https://github.com/mitre/cti",
|
"source": "https://github.com/mitre/cti",
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
"authors": [
|
"authors": [
|
||||||
"MITRE"
|
"MITRE"
|
||||||
],
|
],
|
||||||
|
"category": "tool",
|
||||||
"description": "Name of ATT&CK software",
|
"description": "Name of ATT&CK software",
|
||||||
"name": "Enterprise Attack - Tool",
|
"name": "Enterprise Attack - Tool",
|
||||||
"source": "https://github.com/mitre/cti",
|
"source": "https://github.com/mitre/cti",
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
"authors": [
|
"authors": [
|
||||||
"MITRE"
|
"MITRE"
|
||||||
],
|
],
|
||||||
|
"category": "actor",
|
||||||
"description": "Name of ATT&CK Group",
|
"description": "Name of ATT&CK Group",
|
||||||
"name": "intrusion Set",
|
"name": "intrusion Set",
|
||||||
"source": "https://github.com/mitre/cti",
|
"source": "https://github.com/mitre/cti",
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
"authors": [
|
"authors": [
|
||||||
"MITRE"
|
"MITRE"
|
||||||
],
|
],
|
||||||
|
"category": "tool",
|
||||||
"description": "Name of ATT&CK software",
|
"description": "Name of ATT&CK software",
|
||||||
"name": "Malware",
|
"name": "Malware",
|
||||||
"source": "https://github.com/mitre/cti",
|
"source": "https://github.com/mitre/cti",
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
"authors": [
|
"authors": [
|
||||||
"MITRE"
|
"MITRE"
|
||||||
],
|
],
|
||||||
|
"category": "actor",
|
||||||
"description": "Name of ATT&CK Group",
|
"description": "Name of ATT&CK Group",
|
||||||
"name": "Mobile Attack - intrusion Set",
|
"name": "Mobile Attack - intrusion Set",
|
||||||
"source": "https://github.com/mitre/cti",
|
"source": "https://github.com/mitre/cti",
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
"authors": [
|
"authors": [
|
||||||
"MITRE"
|
"MITRE"
|
||||||
],
|
],
|
||||||
|
"category": "tool",
|
||||||
"description": "Name of ATT&CK software",
|
"description": "Name of ATT&CK software",
|
||||||
"name": "Mobile Attack - Malware",
|
"name": "Mobile Attack - Malware",
|
||||||
"source": "https://github.com/mitre/cti",
|
"source": "https://github.com/mitre/cti",
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
"authors": [
|
"authors": [
|
||||||
"MITRE"
|
"MITRE"
|
||||||
],
|
],
|
||||||
|
"category": "tool",
|
||||||
"description": "Name of ATT&CK software",
|
"description": "Name of ATT&CK software",
|
||||||
"name": "Mobile Attack - Tool",
|
"name": "Mobile Attack - Tool",
|
||||||
"source": "https://github.com/mitre/cti",
|
"source": "https://github.com/mitre/cti",
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
"authors": [
|
"authors": [
|
||||||
"MITRE"
|
"MITRE"
|
||||||
],
|
],
|
||||||
|
"category": "actor",
|
||||||
"description": "Name of ATT&CK Group",
|
"description": "Name of ATT&CK Group",
|
||||||
"name": "Pre Attack - intrusion Set",
|
"name": "Pre Attack - intrusion Set",
|
||||||
"source": "https://github.com/mitre/cti",
|
"source": "https://github.com/mitre/cti",
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
"authors": [
|
"authors": [
|
||||||
"MITRE"
|
"MITRE"
|
||||||
],
|
],
|
||||||
|
"category": "tool",
|
||||||
"description": "Name of ATT&CK software",
|
"description": "Name of ATT&CK software",
|
||||||
"name": "Tool",
|
"name": "Tool",
|
||||||
"source": "https://github.com/mitre/cti",
|
"source": "https://github.com/mitre/cti",
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
"https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml",
|
"https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml",
|
||||||
"http://pastebin.com/raw/GHgpWjar"
|
"http://pastebin.com/raw/GHgpWjar"
|
||||||
],
|
],
|
||||||
|
"category": "tool",
|
||||||
"description": "Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml and http://pastebin.com/raw/GHgpWjar",
|
"description": "Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml and http://pastebin.com/raw/GHgpWjar",
|
||||||
"name": "Ransomware",
|
"name": "Ransomware",
|
||||||
"source": "Various",
|
"source": "Various",
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
"Various",
|
"Various",
|
||||||
"raw-data"
|
"raw-data"
|
||||||
],
|
],
|
||||||
|
"category": "tool",
|
||||||
"description": "remote administration tool or remote access tool (RAT), also called sometimes remote access trojan, is a piece of software or programming that allows a remote \"operator\" to control a system as if they have physical access to that system.",
|
"description": "remote administration tool or remote access tool (RAT), also called sometimes remote access trojan, is a piece of software or programming that allows a remote \"operator\" to control a system as if they have physical access to that system.",
|
||||||
"name": "RAT",
|
"name": "RAT",
|
||||||
"source": "MISP Project",
|
"source": "MISP Project",
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
"authors": [
|
"authors": [
|
||||||
"raw-data"
|
"raw-data"
|
||||||
],
|
],
|
||||||
|
"category": "tool",
|
||||||
"description": "A list of malware stealer.",
|
"description": "A list of malware stealer.",
|
||||||
"name": "Stealer",
|
"name": "Stealer",
|
||||||
"source": "Open Sources",
|
"source": "Open Sources",
|
||||||
|
|
|
@ -2,6 +2,7 @@
|
||||||
"authors": [
|
"authors": [
|
||||||
"Kafeine"
|
"Kafeine"
|
||||||
],
|
],
|
||||||
|
"category": "tool",
|
||||||
"description": "TDS is a list of Traffic Direction System used by adversaries",
|
"description": "TDS is a list of Traffic Direction System used by adversaries",
|
||||||
"name": "TDS",
|
"name": "TDS",
|
||||||
"source": "MISP Project",
|
"source": "MISP Project",
|
||||||
|
|
|
@ -6,6 +6,7 @@
|
||||||
"Timo Steffens",
|
"Timo Steffens",
|
||||||
"Various"
|
"Various"
|
||||||
],
|
],
|
||||||
|
"category": "actor",
|
||||||
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
|
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
|
||||||
"name": "Threat actor",
|
"name": "Threat actor",
|
||||||
"source": "MISP Project",
|
"source": "MISP Project",
|
||||||
|
|
|
@ -7,6 +7,7 @@
|
||||||
"Dennis Rand",
|
"Dennis Rand",
|
||||||
"raw-data"
|
"raw-data"
|
||||||
],
|
],
|
||||||
|
"category": "tool",
|
||||||
"description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
|
"description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
|
||||||
"name": "Tool",
|
"name": "Tool",
|
||||||
"source": "MISP Project",
|
"source": "MISP Project",
|
||||||
|
|
|
@ -23,6 +23,9 @@
|
||||||
"source": {
|
"source": {
|
||||||
"type": "string"
|
"type": "string"
|
||||||
},
|
},
|
||||||
|
"category": {
|
||||||
|
"type": "string"
|
||||||
|
},
|
||||||
"values": {
|
"values": {
|
||||||
"type": "array",
|
"type": "array",
|
||||||
"uniqueItems": true,
|
"uniqueItems": true,
|
||||||
|
|
Loading…
Reference in a new issue