Merge pull request #288 from cvandeplas/master

categorization of galaxies
This commit is contained in:
Alexandre Dulaunoy 2018-10-19 10:44:54 +02:00 committed by GitHub
commit f7eb48b0fb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
24 changed files with 26 additions and 0 deletions

View file

@ -2,6 +2,7 @@
"authors": [ "authors": [
"Unknown" "Unknown"
], ],
"category": "tool",
"description": "Android malware galaxy based on multiple open sources.", "description": "Android malware galaxy based on multiple open sources.",
"name": "Android", "name": "Android",
"source": "Open Sources", "source": "Open Sources",

View file

@ -2,6 +2,7 @@
"authors": [ "authors": [
"raw-data" "raw-data"
], ],
"category": "tool",
"description": "A list of backdoor malware.", "description": "A list of backdoor malware.",
"name": "Backdoor", "name": "Backdoor",
"source": "Open Sources", "source": "Open Sources",

View file

@ -3,6 +3,7 @@
"Unknown", "Unknown",
"raw-data" "raw-data"
], ],
"category": "tool",
"description": "A list of banker malware.", "description": "A list of banker malware.",
"name": "Banker", "name": "Banker",
"source": "Open Sources", "source": "Open Sources",

View file

@ -2,6 +2,7 @@
"authors": [ "authors": [
"Various" "Various"
], ],
"category": "tool",
"description": "botnet galaxy", "description": "botnet galaxy",
"name": "Botnet", "name": "Botnet",
"source": "MISP Project", "source": "MISP Project",

View file

@ -4,6 +4,7 @@
"Will Metcalf", "Will Metcalf",
"KahuSecurity" "KahuSecurity"
], ],
"category": "tool",
"description": "Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits.It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years", "description": "Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits.It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years",
"name": "Exploit-Kit", "name": "Exploit-Kit",
"source": "MISP Project", "source": "MISP Project",

View file

@ -5,6 +5,7 @@
"Andrea Garavaglia", "Andrea Garavaglia",
"Davide Arcuri" "Davide Arcuri"
], ],
"category": "tool",
"description": "Malware galaxy cluster based on Malpedia.", "description": "Malware galaxy cluster based on Malpedia.",
"name": "Malpedia", "name": "Malpedia",
"source": "Malpedia", "source": "Malpedia",

View file

@ -2,6 +2,7 @@
"authors": [ "authors": [
"Various" "Various"
], ],
"category": "actor",
"description": "Activity groups as described by Microsoft", "description": "Activity groups as described by Microsoft",
"name": "Microsoft Activity Group actor", "name": "Microsoft Activity Group actor",
"source": "MISP Project", "source": "MISP Project",

View file

@ -2,6 +2,7 @@
"authors": [ "authors": [
"MITRE" "MITRE"
], ],
"category": "actor",
"description": "Name of ATT&CK Group", "description": "Name of ATT&CK Group",
"name": "Enterprise Attack -intrusion Set", "name": "Enterprise Attack -intrusion Set",
"source": "https://github.com/mitre/cti", "source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [ "authors": [
"MITRE" "MITRE"
], ],
"category": "tool",
"description": "Name of ATT&CK software", "description": "Name of ATT&CK software",
"name": "Enterprise Attack - Malware", "name": "Enterprise Attack - Malware",
"source": "https://github.com/mitre/cti", "source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [ "authors": [
"MITRE" "MITRE"
], ],
"category": "tool",
"description": "Name of ATT&CK software", "description": "Name of ATT&CK software",
"name": "Enterprise Attack - Tool", "name": "Enterprise Attack - Tool",
"source": "https://github.com/mitre/cti", "source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [ "authors": [
"MITRE" "MITRE"
], ],
"category": "actor",
"description": "Name of ATT&CK Group", "description": "Name of ATT&CK Group",
"name": "intrusion Set", "name": "intrusion Set",
"source": "https://github.com/mitre/cti", "source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [ "authors": [
"MITRE" "MITRE"
], ],
"category": "tool",
"description": "Name of ATT&CK software", "description": "Name of ATT&CK software",
"name": "Malware", "name": "Malware",
"source": "https://github.com/mitre/cti", "source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [ "authors": [
"MITRE" "MITRE"
], ],
"category": "actor",
"description": "Name of ATT&CK Group", "description": "Name of ATT&CK Group",
"name": "Mobile Attack - intrusion Set", "name": "Mobile Attack - intrusion Set",
"source": "https://github.com/mitre/cti", "source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [ "authors": [
"MITRE" "MITRE"
], ],
"category": "tool",
"description": "Name of ATT&CK software", "description": "Name of ATT&CK software",
"name": "Mobile Attack - Malware", "name": "Mobile Attack - Malware",
"source": "https://github.com/mitre/cti", "source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [ "authors": [
"MITRE" "MITRE"
], ],
"category": "tool",
"description": "Name of ATT&CK software", "description": "Name of ATT&CK software",
"name": "Mobile Attack - Tool", "name": "Mobile Attack - Tool",
"source": "https://github.com/mitre/cti", "source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [ "authors": [
"MITRE" "MITRE"
], ],
"category": "actor",
"description": "Name of ATT&CK Group", "description": "Name of ATT&CK Group",
"name": "Pre Attack - intrusion Set", "name": "Pre Attack - intrusion Set",
"source": "https://github.com/mitre/cti", "source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [ "authors": [
"MITRE" "MITRE"
], ],
"category": "tool",
"description": "Name of ATT&CK software", "description": "Name of ATT&CK software",
"name": "Tool", "name": "Tool",
"source": "https://github.com/mitre/cti", "source": "https://github.com/mitre/cti",

View file

@ -3,6 +3,7 @@
"https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml", "https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml",
"http://pastebin.com/raw/GHgpWjar" "http://pastebin.com/raw/GHgpWjar"
], ],
"category": "tool",
"description": "Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml and http://pastebin.com/raw/GHgpWjar", "description": "Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml and http://pastebin.com/raw/GHgpWjar",
"name": "Ransomware", "name": "Ransomware",
"source": "Various", "source": "Various",

View file

@ -3,6 +3,7 @@
"Various", "Various",
"raw-data" "raw-data"
], ],
"category": "tool",
"description": "remote administration tool or remote access tool (RAT), also called sometimes remote access trojan, is a piece of software or programming that allows a remote \"operator\" to control a system as if they have physical access to that system.", "description": "remote administration tool or remote access tool (RAT), also called sometimes remote access trojan, is a piece of software or programming that allows a remote \"operator\" to control a system as if they have physical access to that system.",
"name": "RAT", "name": "RAT",
"source": "MISP Project", "source": "MISP Project",

View file

@ -2,6 +2,7 @@
"authors": [ "authors": [
"raw-data" "raw-data"
], ],
"category": "tool",
"description": "A list of malware stealer.", "description": "A list of malware stealer.",
"name": "Stealer", "name": "Stealer",
"source": "Open Sources", "source": "Open Sources",

View file

@ -2,6 +2,7 @@
"authors": [ "authors": [
"Kafeine" "Kafeine"
], ],
"category": "tool",
"description": "TDS is a list of Traffic Direction System used by adversaries", "description": "TDS is a list of Traffic Direction System used by adversaries",
"name": "TDS", "name": "TDS",
"source": "MISP Project", "source": "MISP Project",

View file

@ -6,6 +6,7 @@
"Timo Steffens", "Timo Steffens",
"Various" "Various"
], ],
"category": "actor",
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.", "description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
"name": "Threat actor", "name": "Threat actor",
"source": "MISP Project", "source": "MISP Project",

View file

@ -7,6 +7,7 @@
"Dennis Rand", "Dennis Rand",
"raw-data" "raw-data"
], ],
"category": "tool",
"description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.", "description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
"name": "Tool", "name": "Tool",
"source": "MISP Project", "source": "MISP Project",

View file

@ -23,6 +23,9 @@
"source": { "source": {
"type": "string" "type": "string"
}, },
"category": {
"type": "string"
},
"values": { "values": {
"type": "array", "type": "array",
"uniqueItems": true, "uniqueItems": true,