Merge pull request #288 from cvandeplas/master

categorization of galaxies
This commit is contained in:
Alexandre Dulaunoy 2018-10-19 10:44:54 +02:00 committed by GitHub
commit f7eb48b0fb
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
24 changed files with 26 additions and 0 deletions

View file

@ -2,6 +2,7 @@
"authors": [
"Unknown"
],
"category": "tool",
"description": "Android malware galaxy based on multiple open sources.",
"name": "Android",
"source": "Open Sources",

View file

@ -2,6 +2,7 @@
"authors": [
"raw-data"
],
"category": "tool",
"description": "A list of backdoor malware.",
"name": "Backdoor",
"source": "Open Sources",

View file

@ -3,6 +3,7 @@
"Unknown",
"raw-data"
],
"category": "tool",
"description": "A list of banker malware.",
"name": "Banker",
"source": "Open Sources",

View file

@ -2,6 +2,7 @@
"authors": [
"Various"
],
"category": "tool",
"description": "botnet galaxy",
"name": "Botnet",
"source": "MISP Project",

View file

@ -4,6 +4,7 @@
"Will Metcalf",
"KahuSecurity"
],
"category": "tool",
"description": "Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits.It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years",
"name": "Exploit-Kit",
"source": "MISP Project",

View file

@ -5,6 +5,7 @@
"Andrea Garavaglia",
"Davide Arcuri"
],
"category": "tool",
"description": "Malware galaxy cluster based on Malpedia.",
"name": "Malpedia",
"source": "Malpedia",

View file

@ -2,6 +2,7 @@
"authors": [
"Various"
],
"category": "actor",
"description": "Activity groups as described by Microsoft",
"name": "Microsoft Activity Group actor",
"source": "MISP Project",

View file

@ -2,6 +2,7 @@
"authors": [
"MITRE"
],
"category": "actor",
"description": "Name of ATT&CK Group",
"name": "Enterprise Attack -intrusion Set",
"source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [
"MITRE"
],
"category": "tool",
"description": "Name of ATT&CK software",
"name": "Enterprise Attack - Malware",
"source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [
"MITRE"
],
"category": "tool",
"description": "Name of ATT&CK software",
"name": "Enterprise Attack - Tool",
"source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [
"MITRE"
],
"category": "actor",
"description": "Name of ATT&CK Group",
"name": "intrusion Set",
"source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [
"MITRE"
],
"category": "tool",
"description": "Name of ATT&CK software",
"name": "Malware",
"source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [
"MITRE"
],
"category": "actor",
"description": "Name of ATT&CK Group",
"name": "Mobile Attack - intrusion Set",
"source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [
"MITRE"
],
"category": "tool",
"description": "Name of ATT&CK software",
"name": "Mobile Attack - Malware",
"source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [
"MITRE"
],
"category": "tool",
"description": "Name of ATT&CK software",
"name": "Mobile Attack - Tool",
"source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [
"MITRE"
],
"category": "actor",
"description": "Name of ATT&CK Group",
"name": "Pre Attack - intrusion Set",
"source": "https://github.com/mitre/cti",

View file

@ -2,6 +2,7 @@
"authors": [
"MITRE"
],
"category": "tool",
"description": "Name of ATT&CK software",
"name": "Tool",
"source": "https://github.com/mitre/cti",

View file

@ -3,6 +3,7 @@
"https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml",
"http://pastebin.com/raw/GHgpWjar"
],
"category": "tool",
"description": "Ransomware galaxy based on https://docs.google.com/spreadsheets/d/1TWS238xacAto-fLKh1n5uTsdijWdCEsGIM0Y0Hvmc5g/pubhtml and http://pastebin.com/raw/GHgpWjar",
"name": "Ransomware",
"source": "Various",

View file

@ -3,6 +3,7 @@
"Various",
"raw-data"
],
"category": "tool",
"description": "remote administration tool or remote access tool (RAT), also called sometimes remote access trojan, is a piece of software or programming that allows a remote \"operator\" to control a system as if they have physical access to that system.",
"name": "RAT",
"source": "MISP Project",

View file

@ -2,6 +2,7 @@
"authors": [
"raw-data"
],
"category": "tool",
"description": "A list of malware stealer.",
"name": "Stealer",
"source": "Open Sources",

View file

@ -2,6 +2,7 @@
"authors": [
"Kafeine"
],
"category": "tool",
"description": "TDS is a list of Traffic Direction System used by adversaries",
"name": "TDS",
"source": "MISP Project",

View file

@ -6,6 +6,7 @@
"Timo Steffens",
"Various"
],
"category": "actor",
"description": "Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign.",
"name": "Threat actor",
"source": "MISP Project",

View file

@ -7,6 +7,7 @@
"Dennis Rand",
"raw-data"
],
"category": "tool",
"description": "threat-actor-tools is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries.",
"name": "Tool",
"source": "MISP Project",

View file

@ -23,6 +23,9 @@
"source": {
"type": "string"
},
"category": {
"type": "string"
},
"values": {
"type": "array",
"uniqueItems": true,