Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Expand osint object #1168

Merged
merged 4 commits into from
Aug 30, 2024
Merged

Expand osint object #1168

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
2d7d2f7
expand OSINT
jonrau-at-queryai Aug 27, 2024
b20a428
Update CHANGELOG.md
jonrau-at-queryai Aug 27, 2024
3d994e3
Merge branch 'main' into osint-expansion
floydtree Aug 29, 2024
96241e1
Merge branch 'main' into osint-expansion
jonrau-at-queryai Aug 29, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@ Thankyou! -->
1. Added `phone_number` to `user` and `ldap_person` objects. #1155
2. Added `has_mfa` to `user` object. #1155
3. Added `vendor_name` to `cvss` object. #1165
4. Added `file`, `reputation`, `subnet`, and `script` to `osint` object. #1168

### Deprecated
1. Deprecated `project_uid` in favor of `account.uid`. #1166
Expand All @@ -63,8 +64,9 @@ Thankyou! -->
1. Added `user.uid` as an Observable type - `type_id: 31`. #1155
2. Added `group.name` and `group.uid` as Observable types - `type_id: 32` and `type_id: 33`, respectively. #1155
3. Added `account.name` and `account.uid` as Observable types - `type_id: 34` and `type_id: 35`, respectively. #1155
5. Added new enumeration items to `account.type_id`. #1166
6. Cleaned up event class definition files, removed /includes dir, simplified definition of `base_event`. #1167
4. Added new enumeration items to `account.type_id`. #1166
5. Cleaned up event class definition files, removed /includes dir, simplified definition of `base_event`. #1167
6. Added new `file` enum to `osint.type_id`. #1168

## [v1.3.0] - August 1st, 2024

Expand Down
25 changes: 24 additions & 1 deletion objects/osint.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@
},
"4":{
"caption":"Hash",
"description":"Any type of hash e.g., MD5, SHA1, SHA2, BLAKE, BLAKE2, etc. generated from a file, malware sample, request header, or otherwise."
"description":"Any type of hash e.g., MD5, SHA1, SHA2, BLAKE, BLAKE2, SSDEEP, VHASH, etc. generated from a file, malware sample, request header, or otherwise used to identify a pertinent artifact."
},
"5":{
"caption":"URL",
Expand All @@ -53,6 +53,10 @@
"caption":"Vulnerability",
"description":"A CVE ID, CWE ID, or other identifier for a weakness, exploit, bug, or misconfiguration."
},
"11":{
"caption":"File",
"description":"A file or metadata about a file."
},
"99":{
"caption":"Other",
"description":"The indicator type is not directly listed."
Expand Down Expand Up @@ -166,6 +170,25 @@
"location":{
"description":"Any pertinent geolocation information related to an indicator or OSINT analysis.",
"requirement":"optional"
},
"file":{
"caption":"Related File",
"description":"Any pertinent file information related to an indicator or OSINT analysis.",
"requirement":"optional"
},
"reputation":{
"description":"Related reputational analysis from third-party engines and analysts for a given indicator or OSINT analysis.",
"requirement":"optional"
},
"subnet":{
"caption":"Related Subnet",
"description":"A CIDR or network block related to an indicator or OSINT analysis.",
"requirement":"optional"
},
"script":{
"caption":"Related Script Data",
"description":"Any pertinent script information related to an indicator or OSINT analysis.",
"requirement":"optional"
}
}
}
Loading