Commit graph

183 commits

Author SHA1 Message Date
7d4011a0a2
chg: [sigma] jq all the things 2022-11-18 14:17:52 +01:00
Terrtia
e3b6e9d229
fix: [handicap] fix galaxy icon + name + type 2022-11-17 15:16:05 +01:00
Jstnk9
473f1a13aa galaxy related to sigma rtules
galaxy related to sigma rtules
2022-11-15 22:56:18 +01:00
Christophe Vandeplas
c5a5fa7cfa chg: [360net] add 360.net APT list fixes #764 2022-09-13 21:48:16 +02:00
Christophe Vandeplas
1369756810 chg: [atrm] Add Azure Threat Research Matrix Galaxy and generation script 2022-08-06 21:19:31 +02:00
d3d4e7186b
chg: [handicap] fix name of the clusters 2022-04-04 10:43:56 +02:00
7e6390c336
Merge pull request #694 from AgatheMgt/main
Handicap
2022-04-04 10:41:06 +02:00
Sami Mokaddem
04a560efa6
chg: [mitre-attack] Bumped matrix structure 2022-03-31 08:59:42 +02:00
AgatheMgt
aec779d1ee poatate 2022-03-24 09:43:58 -04:00
AgatheMgt
f3b346684f
Update handicap.json 2022-03-24 09:11:14 -04:00
AgatheMgt
9f21e4512c
Update handicap.json 2022-03-24 07:50:34 -04:00
AgatheMgt
8b70f5a1fd
Update handicap.json 2022-03-24 07:07:12 -04:00
AgatheMgt
2be8954ef1
Create handicap.json 2022-03-24 07:04:03 -04:00
Badis-dev
231915f9a4 add galaxy and cluster cancer 2022-03-11 14:20:09 +01:00
Badis-dev
530a56c3ea
Add cancer galaxy 2022-03-11 11:13:13 +01:00
eba1b2839f
chg: [concordia] CMTMF killchain typo fixed 2021-12-20 10:41:00 +01:00
b2cc6277cf
chg: [concordia] set a mobile icon 2021-12-17 17:36:48 +01:00
18a44d372b
chg: [cmtmf-attack-pattern] update 2021-12-17 16:32:20 +01:00
ce79aba48c
new: [CMTMF] fix the galaxy definition 2021-12-17 16:14:19 +01:00
ae7b7bd47d
chg: [cmtmf-attack-pattern] various fixes to make JSON ok 2021-12-17 16:08:07 +01:00
Bernardo Santos
49dfcca563 CONCORDIA MTMF - Initial version
Initial version of the CONCORDIA Mobile Threat Modelling Framework for the CONCORDIA Project: https://www.concordia-h2020.eu/
2021-10-12 10:54:06 +02:00
Bernardo Santos
d09681b011 CONCORDIA MTMF - Initial version
Initial version of the CONCORDIA Mobile Threat Modelling Framework for the CONCORDIA Project: https://www.concordia-h2020.eu/
2021-10-12 10:45:03 +02:00
Thomas Patzke
26f0c344a1 Added O365 techniques
Source:
https://www.inversecos.com/2021/09/office365-attacks-bypassing-mfa.html
2021-09-18 23:27:38 +02:00
Jakub Onderka
ca9608da6d fix: Cryptominers type 2021-03-27 22:07:33 +01:00
38a0d2d32d
chg: [rsit] rsit as galaxy name 2021-01-29 16:43:26 +01:00
Koen Van Impe
87b22f363c Move cfr-type-of-incident to meta 2021-01-28 12:25:39 +01:00
Koen Van Impe
23778666ba RSIT Galaxy/Cluster 2021-01-28 10:03:12 +01:00
5d31753e6a
chg: [cryptominer] updated 2020-10-30 09:48:08 +01:00
JJ Cummings
c48a38c2f1
Added a new cryptominer galaxy and additional missing recent families to various clusters 2020-10-29 14:40:22 -06:00
0ccbdb862b
chg: [tea] first version 2020-10-23 11:16:50 +02:00
Christophe Vandeplas
f95e88b1f9 MITRE ATT&CK for ICS fixes #586
fixed issues in pull request #586
2020-10-01 20:42:40 +02:00
6bb0f74b97
chg: [galaxy] fix the name to China Defence Universities Tracker 2020-08-24 09:57:28 +02:00
VVX7
b4c3ffc8eb new: [dev] add ASPI's China Defence University Tracker.
Thanks to Cormac Doherty for writing the web scraper! To update the galaxy run the included gen_defence_university.py script.

"The China Defence Universities Tracker is a database of Chinese institutions engaged in military or security-related science and technology research. It was created by ASPI’s International Cyber Policy Centre.

It includes entries on nearly 100 civilian universities, 50 People’s Liberation Army institutions, China’s nuclear weapons program, three Ministry of State Security institutions, four Ministry of Public Security universities, and 12 state-owned defence industry conglomerates.

The Tracker is a tool to inform universities, governments and scholars as they engage with the entities from the People’s Republic of China. It aims to build understanding of the expansion of military-civil fusion—the Chinese government’s policy of integrating military and civilian efforts—into the education sector.

The Tracker should be used to inform due diligence of Chinese institutions. However, the fact that an institution is not included here does not indicate that it should not raise risks or is not involved in defence research. Similarly, entries in the database may not reflect the full range and nature of an institution’s defence and security links." - ASPI (https://unitracker.aspi.org.au/about/)
2020-08-21 11:24:22 -04:00
Koen Van Impe
d3e22ef14c SoD Matrix
Described at https://github.com/cudeso/SoD-Matrix
2020-07-10 14:08:45 +02:00
iglocska
dee9a56460
fix: small fixes to the bhadra framework 2020-05-19 16:45:40 +02:00
iglocska
43703f1a96
new: added Bhadra framework for mobile attacks
- based on the paper published here: https://arxiv.org/pdf/2005.05110.pdf
- thanks to the ATT&CK EU community conference speakers highlighting this framework!
2020-05-19 16:34:59 +02:00
c7104e8819
chg: [country] jq all 2020-03-23 13:09:14 +01:00
iglocska
777c3188db
new: [country] galaxy added 2020-03-23 12:10:16 +01:00
8e73612b09
Merge pull request #488 from Delta-Sierra/master
create new galaxy - surveillance-vendor
2019-12-05 14:48:44 +01:00
Deborah Servili
a049009453
add new galaxy - surveillance-vendor 2019-12-04 16:22:58 +01:00
Jean-Louis Huynen
872df00262 chg: [dark-pattern] namespace: misp 2019-12-04 09:31:56 +01:00
Jean-Louis Huynen
44a9897f2a
add: [dark-pattern] galaxy to tag dark patterns 2019-12-03 16:26:29 +01:00
Christophe Vandeplas
cb29013231 fix: [region] inconsistent type 2019-10-20 18:55:11 +02:00
4d4bd3a70c fix: [misinfosec] fixed kill_chain fields 2019-10-09 09:45:52 +02:00
VVX7
e4998efec9 chg: [galaxy] added AMITT galaxy/cluster generator script 2019-10-08 13:52:08 -04:00
VVX7
a0357c735e chg: [galaxy] version number to int 2019-10-07 19:19:45 -04:00
VVX7
0a29445b44 new: [galaxy] AMITT (Adversarial Misinformation and Influence Tactics and Techniques) framework for describing disinformation incidents. AMITT is part of misinfosec - work on adapting information security practices to help track and counter misinformation - and is designed as far as possible to fit existing infosec practices and tools. 2019-10-07 19:07:25 -04:00
Deborah Servili
c305640290
new galaxy - Region based on UN M49 2019-09-26 13:01:41 +02:00
Deborah Servili
bb46e32d90
add target-information galaxy file 2019-07-19 13:50:22 +02:00
dbb67dd7d2
Merge pull request #426 from mokaddem/patch-2
Update mitre-course-of-action.json
2019-07-16 16:59:31 +02:00
3e70bfc738
Merge pull request #425 from mokaddem/patch-1
Update banker.json
2019-07-16 16:59:18 +02:00
c981afbbe9
Merge pull request #424 from mokaddem/patch-3
Update mitre-enterprise-attack-course-of-action.json
2019-07-16 16:59:01 +02:00
Sami Mokaddem
3d4bfa7924
Update mitre-mobile-attack-course-of-action.json
Changed icon
2019-07-16 16:56:35 +02:00
Sami Mokaddem
00d1de6fdc
Update mitre-enterprise-attack-course-of-action.json
Changed icon
2019-07-16 16:56:28 +02:00
Sami Mokaddem
1035d1c71b
Update mitre-course-of-action.json
Changed icon
2019-07-16 16:56:10 +02:00
Sami Mokaddem
573b8366e7
Update banker.json
Changed icon name
2019-07-16 16:53:46 +02:00
9ad5279939 chg: [attack-pattern] Sync kill-chain with data from MITRE. 2019-05-13 10:59:30 +02:00
a2df5c46d8
chg: [o365-exchange-techniques] [WiP] based on John Lambert matrix techniques 2019-05-12 09:51:41 +02:00
Raphaël Vinot
988586fde0 fix: Duplicate values, typos. 2019-05-06 17:17:16 +02:00
e56cb33097
chg: [attck4fraud] fix the type issue 2019-03-19 10:03:33 +01:00
824465d879
add: [attck4fraud] initial attck-like matrix for fraud from https://github.com/burritoblue/attck4fraud (WiP) 2019-03-19 08:09:23 +01:00
1f27ac26ac
chg: [mitre-attack-pattern] jq 2019-02-15 09:13:47 +01:00
77ff566b9e
Merge pull request #343 from mokaddem/newMitre
Added kill_chain_order in mitre-attack-pattern
2019-02-15 09:13:18 +01:00
924bc091b1
chg: [election-guidelines] sorting is important ;-) 2019-02-15 09:03:12 +01:00
ee09226c55
chg: [election-guidelines] jq 2019-02-15 08:53:51 +01:00
34042abe23 new: Added draft of the election guildelines galaxy 2019-02-15 08:44:33 +01:00
46a095012a chg: [mitre-attack-pattern] bumped version number 2019-02-14 10:57:22 +01:00
aedbd6aa05 chg: [mitre-attack-pattern] Added kill_chain_order 2019-02-14 10:51:05 +01:00
Christophe Vandeplas
93ae4660c5 chg: [mitre] Deprecated pre/enterprise/mobile separate galaxies 2018-12-29 18:58:53 +01:00
Christophe Vandeplas
2bb4df134b chg: removal of older unused relationships 2018-10-17 08:20:12 +02:00
Christophe Vandeplas
2fbd8ce485 jq sort keys
Allows automation to edit the files
2018-10-12 10:35:31 +02:00
Davide Arcuri
253fbed356 Added Malpedia Galaxy
based on malpedia git repo

Co-Authored-By: garanews <garanews@users.noreply.github.com>
2018-10-05 14:30:31 +02:00
raw-data
77cfaa8221 [add] new backdoor galaxy and cluster 2018-07-06 20:09:52 +01:00
Deborah Servili
26cb324aee
Update cert-eu-govsector.json 2018-06-22 13:01:00 +02:00
raw-data
b381d03207 [ADD] Stealer galaxy definition 2018-06-01 16:02:36 +01:00
Thirion Aurélien
728f861362
fix typo mitre-pre-attack-relationship 2018-05-28 11:37:03 +02:00
1adcfbf0c0
chg: old MITRE ATT&CK (2017) is moving to deprecated namespace 2018-05-20 09:45:18 +02:00
9e37388cdf
chg: namespace mitre-attack added for version 2 of the MITRE ATT&CK after 2018 2018-05-20 09:42:40 +02:00
Deborah Servili
22cb1618a5
Merge pull request #214 from Delta-Sierra/master
update mitre galaxies - add external id and killchain
2018-05-19 13:21:18 +02:00
Deborah Servili
6c8edd3f61 jq 2018-05-19 13:09:50 +02:00
Deborah Servili
d82a76c08f fix scripts for nobile and pre attack attack pattern 2018-05-19 13:09:30 +02:00
Deborah Servili
f6d7291e7a jq 2018-05-19 12:57:20 +02:00
Deborah Servili
730353f63d update mitre galaxies - add external id and killchain 2018-05-19 12:56:20 +02:00
5f566dd683
chg: [misp-galaxy] namespace misp added 2018-05-18 13:34:55 +02:00
Deborah Servili
8d4053741b jq 2018-04-04 12:54:04 +02:00
Deborah Servili
804fcedb5c add external_id to values 2018-04-03 15:53:17 +02:00
StefanKelm
a0eaf5bb32
Update mitre-enterprise-attack-intrusion-set.json 2018-03-22 14:11:34 +01:00
StefanKelm
6a2be53649
Update and rename mitre-entreprise-attack-tool.json to mitre-enterprise-attack-tool.json 2018-03-22 14:07:34 +01:00
StefanKelm
65f198fe81
Rename mitre-entreprise-attack-relationship.json to mitre-enterprise-attack-relationship.json 2018-03-22 14:07:04 +01:00
StefanKelm
a3460716cb
Update mitre-entreprise-attack-relationship.json 2018-03-22 14:06:35 +01:00
StefanKelm
1df43affe2
Update and rename mitre-entreprise-attack-malware.json to mitre-enterprise-attack-malware.json 2018-03-22 14:06:10 +01:00
StefanKelm
d51124b7ee
Update and rename mitre-entreprise-attack-intrusion-set.json to mitre-enterprise-attack-intrusion-set.json 2018-03-22 14:05:40 +01:00
StefanKelm
b82efac9d5
Update and rename mitre-entreprise-attack-course-of-action.json to mitre-enterprise-attack-course-of-action.json 2018-03-22 14:05:07 +01:00
StefanKelm
a20413b177
Update and rename mitre-entreprise-attack-attack-pattern.json to mitre-enterprise-attack-attack-pattern.json 2018-03-22 14:04:33 +01:00
Deborah Servili
fd9919e67a jq all the things 2018-02-23 08:38:32 +01:00
Deborah Servili
4ddb598de4 add MITRE Galaxies V2.0 2018-02-21 16:28:11 +01:00
Deborah Servili
384e26a1b4 create botnet galaxy 2018-02-20 15:33:24 +01:00
Deborah Servili
9dd9810167 rename files + update README.md 2018-01-09 09:20:13 +01:00
Deborah Servili
225ce1f3ee New galaxy Branded Vulnerability 2018-01-09 09:02:29 +01:00
Raphaël Vinot
eef988e9ad Cosmetic updates 2017-10-27 10:50:47 -04:00