pymisp 2.5.3__py3-none-any.whl → 2.5.7__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of pymisp might be problematic. Click here for more details.

Files changed (162) hide show
  1. CHANGELOG.txt +5380 -0
  2. examples/__init__.py +0 -0
  3. examples/add_attributes_from_csv.py +74 -0
  4. examples/add_email_object.py +29 -0
  5. examples/add_fail2ban_object.py +86 -0
  6. examples/add_feed.py +25 -0
  7. examples/add_file_object.py +47 -0
  8. examples/add_filetype_object_from_csv.py +53 -0
  9. examples/add_generic_object.py +26 -0
  10. examples/add_github_user.py +65 -0
  11. examples/add_gitlab_user.py +56 -0
  12. examples/add_named_attribute.py +25 -0
  13. examples/add_organisations.py +57 -0
  14. examples/add_ssh_authorized_keys.py +29 -0
  15. examples/add_user.py +22 -0
  16. examples/add_vehicle_object.py +22 -0
  17. examples/addtag2.py +45 -0
  18. examples/asciidoc_generator.py +114 -0
  19. examples/cache_all.py +10 -0
  20. examples/copyTagsFromAttributesToEvent.py +68 -0
  21. examples/copy_list.py +93 -0
  22. examples/create_events.py +26 -0
  23. examples/cytomic_orion.py +549 -0
  24. examples/del.py +22 -0
  25. examples/delete_user.py +16 -0
  26. examples/edit_organisation.py +20 -0
  27. examples/edit_user.py +20 -0
  28. examples/falsepositive_disabletoids.py +136 -0
  29. examples/fetch_events_feed.py +15 -0
  30. examples/fetch_warninglist_hits.py +38 -0
  31. examples/freetext.py +22 -0
  32. examples/generate_file_objects.py +78 -0
  33. examples/generate_meta_feed.py +15 -0
  34. examples/get.py +37 -0
  35. examples/get_csv.py +37 -0
  36. examples/get_network_activity.py +187 -0
  37. examples/last.py +48 -0
  38. examples/load_csv.py +94 -0
  39. examples/lookup.py +28 -0
  40. examples/misp2cef.py +71 -0
  41. examples/misp2clamav.py +52 -0
  42. examples/openioc_to_misp.py +27 -0
  43. examples/proofpoint_tap.py +203 -0
  44. examples/proofpoint_vap.py +65 -0
  45. examples/search.py +48 -0
  46. examples/search_attributes_yara.py +40 -0
  47. examples/search_sighting.py +42 -0
  48. examples/server_sync_check_conn.py +32 -0
  49. examples/sharing_groups.py +15 -0
  50. examples/show_sightings.py +168 -0
  51. examples/stats_report.py +405 -0
  52. examples/sync_sighting.py +171 -0
  53. examples/tags.py +25 -0
  54. examples/test_sign.py +19 -0
  55. examples/trustar_misp.py +59 -0
  56. examples/up.py +21 -0
  57. examples/upload.py +60 -0
  58. examples/users_list.py +15 -0
  59. examples/vmray_automation.py +281 -0
  60. examples/vt_to_misp.py +182 -0
  61. examples/warninglists.py +22 -0
  62. examples/yara.py +38 -0
  63. examples/yara_dump.py +98 -0
  64. pymisp/api.py +33 -5
  65. pymisp/data/misp-objects/objects/android-app/definition.json +8 -2
  66. pymisp/data/misp-objects/objects/instagram-account/definition.json +66 -0
  67. pymisp/data/misp-objects/objects/lnk/definition.json +13 -1
  68. pymisp/data/misp-objects/objects/rmm/definition.json +88 -0
  69. pymisp/data/misp-objects/objects/spambee-report/definition.json +54 -0
  70. pymisp/data/misp-objects/objects/target-system/definition.json +2 -2
  71. pymisp/data/misp-objects/objects/vulnerability/definition.json +5 -4
  72. pymisp/data/misp-objects/relationships/definition.json +17 -1
  73. pymisp/data/misp-objects/schema_objects.json +1 -1
  74. pymisp/mispevent.py +95 -23
  75. {pymisp-2.5.3.dist-info → pymisp-2.5.7.dist-info}/METADATA +23 -28
  76. {pymisp-2.5.3.dist-info → pymisp-2.5.7.dist-info}/RECORD +144 -30
  77. {pymisp-2.5.3.dist-info → pymisp-2.5.7.dist-info}/WHEEL +1 -1
  78. tests/57c4445b-c548-4654-af0b-4be3950d210f.json +1 -0
  79. tests/__init__.py +0 -0
  80. tests/csv_testfiles/invalid_fieldnames.csv +11 -0
  81. tests/csv_testfiles/valid_fieldnames.csv +4 -0
  82. tests/email_testfiles/mail_1.eml.zip +0 -0
  83. tests/email_testfiles/mail_1.msg +0 -0
  84. tests/email_testfiles/mail_1_bom.eml +858 -0
  85. tests/email_testfiles/mail_1_headers_only.eml +28 -0
  86. tests/email_testfiles/mail_2.eml +32 -0
  87. tests/email_testfiles/mail_3.eml +170 -0
  88. tests/email_testfiles/mail_3.msg +0 -0
  89. tests/email_testfiles/mail_4.msg +0 -0
  90. tests/email_testfiles/mail_5.msg +0 -0
  91. tests/email_testfiles/mail_multiple_to.eml +15 -0
  92. tests/email_testfiles/source +1 -0
  93. tests/git-vuln-finder-quagga.json +1493 -0
  94. tests/misp_event.json +76 -0
  95. tests/mispevent_testfiles/attribute.json +21 -0
  96. tests/mispevent_testfiles/attribute_del.json +23 -0
  97. tests/mispevent_testfiles/def_param.json +53 -0
  98. tests/mispevent_testfiles/event.json +8 -0
  99. tests/mispevent_testfiles/event_obj_attr_tag.json +57 -0
  100. tests/mispevent_testfiles/event_obj_def_param.json +62 -0
  101. tests/mispevent_testfiles/event_obj_tag.json +29 -0
  102. tests/mispevent_testfiles/event_tags.json +18 -0
  103. tests/mispevent_testfiles/existing_event.json +4599 -0
  104. tests/mispevent_testfiles/existing_event_edited.json +4601 -0
  105. tests/mispevent_testfiles/galaxy.json +25 -0
  106. tests/mispevent_testfiles/malware.json +19 -0
  107. tests/mispevent_testfiles/malware_exist.json +163 -0
  108. tests/mispevent_testfiles/misp_custom_obj.json +38 -0
  109. tests/mispevent_testfiles/overwrite_file/definition.json +457 -0
  110. tests/mispevent_testfiles/proposals.json +35 -0
  111. tests/mispevent_testfiles/shadow.json +148 -0
  112. tests/mispevent_testfiles/sighting.json +5 -0
  113. tests/mispevent_testfiles/simple.json +2 -0
  114. tests/mispevent_testfiles/test_object_template/definition.json +29 -0
  115. tests/new_misp_event.json +34 -0
  116. tests/reportlab_testfiles/HTML_event.json +1 -0
  117. tests/reportlab_testfiles/galaxy_1.json +1250 -0
  118. tests/reportlab_testfiles/image_event.json +2490 -0
  119. tests/reportlab_testfiles/japanese_test.json +156 -0
  120. tests/reportlab_testfiles/japanese_test_heavy.json +318 -0
  121. tests/reportlab_testfiles/long_event.json +3730 -0
  122. tests/reportlab_testfiles/mainly_objects_1.json +1092 -0
  123. tests/reportlab_testfiles/mainly_objects_2.json +977 -0
  124. tests/reportlab_testfiles/sighting_1.json +305 -0
  125. tests/reportlab_testfiles/sighting_2.json +221 -0
  126. tests/reportlab_testfiles/to_delete1.json +804 -0
  127. tests/reportlab_testfiles/to_delete2.json +1 -0
  128. tests/reportlab_testfiles/to_delete3.json +1 -0
  129. tests/reportlab_testfiles/very_long_event.json +1006 -0
  130. tests/reportlab_testoutputs/to_delete1.json.pdf +391 -0
  131. tests/reportlab_testoutputs/to_delete2.json.pdf +506 -0
  132. tests/reportlab_testoutputs/to_delete3.json.pdf +277 -0
  133. tests/search_index_result.json +69 -0
  134. tests/sharing_groups.json +98 -0
  135. tests/stix1.xml-utf8 +110 -0
  136. tests/stix2.json +1 -0
  137. tests/test_analyst_data.py +123 -0
  138. tests/test_emailobject.py +157 -0
  139. tests/test_fileobject.py +20 -0
  140. tests/test_mispevent.py +473 -0
  141. tests/test_reportlab.py +431 -0
  142. tests/testlive_comprehensive.py +3734 -0
  143. tests/testlive_sync.py +474 -0
  144. pymisp/data/misp-objects/.git +0 -1
  145. pymisp/data/misp-objects/.gitchangelog.rc +0 -289
  146. pymisp/data/misp-objects/.github/workflows/codeql.yml +0 -41
  147. pymisp/data/misp-objects/.github/workflows/nosetests.yml +0 -39
  148. pymisp/data/misp-objects/.travis.yml +0 -16
  149. pymisp/data/misp-objects/LICENSE-software-only.md +0 -661
  150. pymisp/data/misp-objects/LICENSE.md +0 -36
  151. pymisp/data/misp-objects/README.md +0 -566
  152. pymisp/data/misp-objects/docs/time-related-objects.ods +0 -0
  153. pymisp/data/misp-objects/docs/time-related-objects.pdf +0 -0
  154. pymisp/data/misp-objects/jq_all_the_things.sh +0 -29
  155. pymisp/data/misp-objects/tools/adoc_objects.py +0 -145
  156. pymisp/data/misp-objects/tools/alfred_links_to_relarelationships.py +0 -48
  157. pymisp/data/misp-objects/tools/list_of_objects.py +0 -50
  158. pymisp/data/misp-objects/tools/updated.sh +0 -6
  159. pymisp/data/misp-objects/tools/validate_opposites.sh +0 -17
  160. pymisp/data/misp-objects/unique_uuid.py +0 -16
  161. pymisp/data/misp-objects/validate_all.sh +0 -38
  162. {pymisp-2.5.3.dist-info → pymisp-2.5.7.dist-info}/LICENSE +0 -0
tests/reportlab_testfiles/japanese_test.json ADDED
@@ -0,0 +1,156 @@
1
+ {
2
+ "Event": {
3
+ "id": "1208",
4
+ "orgc_id": "1",
5
+ "org_id": "1",
6
+ "date": "2019-03-04",
7
+ "threat_level_id": "2",
8
+ "info": "Japanese Lorem Ipsum 条イ音態ぞゃご法説イシ技",
9
+ "published": false,
10
+ "uuid": "5c7cdc3b-2f40-4dca-8200-276c0a00020f",
11
+ "attribute_count": "1",
12
+ "analysis": "1",
13
+ "timestamp": "1551686770",
14
+ "distribution": "1",
15
+ "proposal_email_lock": false,
16
+ "locked": false,
17
+ "publish_timestamp": "0",
18
+ "sharing_group_id": "0",
19
+ "disable_correlation": false,
20
+ "extends_uuid": "",
21
+ "event_creator_email": "admin@admin.test 条イ音態ぞゃご法説イシ技",
22
+ "Org": {
23
+ "id": "1",
24
+ "name": "ORGNAME 条イ音態ぞゃご法説イシ技",
25
+ "uuid": "5c6983c8-3af8-4304-869c-4800d6c1883c"
26
+ },
27
+ "Orgc": {
28
+ "id": "1",
29
+ "name": "ORGNAME 条イ音態ぞゃご法説イシ技",
30
+ "uuid": "5c6983c8-3af8-4304-869c-4800d6c1883c"
31
+ },
32
+ "Attribute": [
33
+ {
34
+ "id": "242461",
35
+ "type": "text",
36
+ "category": "Antivirus detection",
37
+ "to_ids": false,
38
+ "uuid": "5c7cdc72-c9a4-4075-acb5-0e1b0a00020f",
39
+ "event_id": "1208",
40
+ "distribution": "5",
41
+ "timestamp": "1551686770",
42
+ "comment": "This is a contextual comment 条イ音態ぞゃご法説イシ技",
43
+ "sharing_group_id": "0",
44
+ "deleted": false,
45
+ "disable_correlation": false,
46
+ "object_id": "0",
47
+ "object_relation": null,
48
+ "value": "\u6761\u30a4\u97f3\u614b\u305e\u3083\u3054\u6cd5\u8aac\u30a4\u30b7\u6280\u4f4d\u30fc\u30a4\u80fd\u76ee\u9580\u521d\u30f1\u5909\u6574\u3054\u3052\u5c55\u540c\u30bd\u30d8\u590954\u62ab\u30c8\u3093\u30d5\u8a18\u66ae\u30ce\u30e9\u6c17\u6708\u8cea\u3093\u3092\u554f\u63b2\u5f8c\u3076\u30e9\u306a\u8ee2\u6b69\u30ea\u30e4\u30f2\u88fd\u51fa\u30ed\u30a2\u7d42\u4ed6\u8f38\u3084\u3057\u3002\u672a\u554f\u30bb\u30b5\u30ea\u5357\u6587\u306f\u3076\u66ae\u6b69\u30a6\u30b1\u30ef\u53ef\u9ad8\u3084\u793e\u4f1a\u30a2\u5c53\u91d1\u30f2\u30cd\u902374\u9023\u3074\u53ef\u6b73\u30ce\u30b3\u30a8\u30bb\u73fe\u5e02\u305c\u304b\u3072\u308b\u54e1\u89e3\u5916\u55b6\u4f0a\u5e2b\u53df\u305a\u3002\u969b\u304e\u3071\u3055\u8077\u6587\u308c\u304e\u30ec\u30c3\u4e8b\u8457\u5834\u307b\u3086\u3066\u70b9\u8cbb\u307e\u30b9\u3055\u4ef0\u62d3\u753a\u30e2\u30eb\u30cf\u30df\u534a\u539f\u30ec\u4f1a\u5e73\u30cf\u30cc\u65c5\u56f2\u30b5\u30d2\u30a2\u30b1\u587e\u4e2d\u3059\u9928\u8a9e\u307f\u611b8\u4f1a\u304f\u3042\u305f\u7a3f27\u8a13\u3059\u30e9\u305e\u308a\u3002\r\n\r\n\u9014\u3053\u306f\u8abf\u53ef\u30cd\u30ab\u97628\u7981\u3086\u3060\u3044\u5e74\u4eba\u30d5\u5faa\u90e8\u306e\u3076\u30f3\u672a\u4e8b\u30c1\u30a8\u30f2\u4f9b\u671d\u30f3\u3065\u59cb\u5207\u3066\u30b9\u30af\u3061\u6458\u4e0d\u3061\u3086\u305a\u5de8\u7121\u30d5\u30db\u9686\u5177\u30e9\u30b9\u30e6\u5ea7\u61f8\u308f\u4eac\u7389\u306b\u3079\u3075\u3089\u6307\u6a80\u30a6\u30b3\u30cd\u6d17\u9762\u30b5\u30c8\u30bb\u534170\u5347\u5fcd\u66c7\u690e\u307b\u300236\u5eb7\u3070\u3050\u8ca1\u6709\u793e\u30ea\u8ad6\u5f92\u30e2\u30b1\u30aa\u5854\u98db\u8868\u5fdc\u30c8\u30db\u4e0a\u5bfe\u5404\u30d5\u962a\u8fce\u30db\u30bf\u6599\u4e07\u306e\u307d\u8981\u52a9\u63a8\u308d\u304a\u3071\u5408\u584a\u30db\u8005\u653f\u30ec\u305f\u3052\u3048\u6d3b\u7d19\u30aa\u30ab\u5374\u80b2\u304b\u6c37\u5348\u4ef0\u5de3\u6bc5\u3079\u30af\u3072\u3002\r\n\r\n\u516d\u30aa\u62c9\u885d\u30b7\u30e0\u30bd\u30c6\u624b\u76f8\u30ec\u990a\u53e4\u30e6\u30cb\u30f1\u4e2d\u63d0\u30c9\u3060\u4e0a\u66ff\u304f\u307e\u30c9\u4efb\u8a00\u30cc\u652f\u7279\u30ca\u30ed\u30a2\u30df\u653f\u8aad\u304f\u306b\u3084\u3048\u5bb9\u826f\u3052\u308b\u305e\u3067\u5e7b\u901f\u30fc\u9178\u7acb\u308f\u30f3\u70b9\u53f7\u30b5\u30e2\u4e88\u969b\u3082\u3080\u751f\u6cbf\u3054\u3053\u30e9\u3057\u7d9a\u8a18\u3093\u307c\u30af\u305b\u60c5\u61b2\u63f4\u5091\u307c\u305c\u3002\u53d7\u30c8\u30db\u65e593\u5b9f\u30b7\u30eb\u9000\u4e2d\u30eb\u30d2\u30e6\u30b5\u5c0f\u60d1\u30d5\u30c9\u3042\u5712\u7dbf\u30e2\u30b1\u9707\u4ea4\u5065\u3050\u3086\u3081\u3066\u8aad\u65e53\u5e38\u79fb\u9700\u667a\u30db\u30e4\u30d2\u52b9\u53e4\u4e26\u52d9\u9ed2\u7b46\u62f3\u3050\u3086\u3002\u5357\u30c3\u4f5c3\u547c\u305f\u7528\u52d9\u5a18\u30db\u82b8\u672c\u3068\u304b\u3080\u30af\u4efb\u5199\u30cd\u30a6\u30b1\u6700\u66f4\u304d\u77f3\u7981\u3076\u30c3\u65ec\u88d5\u5b57\u307d\u6226\u6a2a\u30f2\u602765\u4e57\u304a\u6a29\u518d\u6676\u90ca\u9673\u308b\u3066\u3002\r\n\r\n\u7a7a\u30db\u30c4\u30b3\u7881\u8f09\u30a4\u30c4\u30ec\u518d\u5e74\u30e0\u30cb\u30e2\u4e8c\u96a0\u30f1\u30d8\u30a4\u901f\u66f4\u6bd2\u3068\u3073\u30f3\u65706\u9078\u3084\u305e\u3080\u7279\u5168\u304b\u30fc\u3080\u6d6e\u666f\u30b9\u30c4\u82e5\u4e8b\u518d\u30bb\u30e4\u66f4\u8a2d\u539f\u3083\u3048\u306e\u3002\u4e92\u3064\u308c\u554640\u5411\u306b\u55b6\u6e29\u5909\u30b7\u7d22\u5199\u307f\u30b9\u6c34\u4fee\u30b5\u30d8\u30cd\u512a\u5e745\u53f0\u306f\u3061\u8fba\u8302\u30c9\u30af\u5b88\u969b\u74b0\u3070\u3044\u30f3\u5b58\u72b6\u30a4\u30e2\u30d5\u30db\u516c\u4e21\u3064\u3069\u6c17\u7d44\u305b\u3088\u5b58\u6cc1\u30cf\u56f0\u4e2d\u3086\u3067\u307f\u5eb7\u96ea\u30c8\u30cc\u30eb\u6b4c\u4eee\u3057\u3055\u305e\u3002\u56fd\u611b\u30d5\u30e8\u30b3\u30cb\u712139\u7d50\u30cb\u30cd\u30e8\u30b7\u592787\u9593\u3055\u30ec\u3058\u3083\u65e5\u793a\u30b5\u30b3\u54c1\u65c5\u307e\u3081\u3066\u983c\u5236\u3068\u5143\u89b3\u305d\u3073\u3088\u30f3\u6d88\u73fe\u30af\u3079\u60d1\u8a71\u30c3\u3086\u8996\u66ae\u660e\u4e00\u30e8\u30e6\u30ed\u4fdd\u9662\u696d\u7406\u304c\u305e\u3050\u3002\r\n\r\n\u76df\u30eb\u4e00\u5186\u3052\u8981\u4ed8\u3046\u535a\u5f53\u308d\u3051\u3065\u6d3b\u7d44\u30ed\u671d\u52a0\u30db\u30e0\u81ea\u6a5f\u30ec\u898b\u65ad\u3060\u6587\u5185\u30a4\u578b\u592e\u30f1\u6bba\u5927\u304d\u305b\u3050\u5909\u5149\u3075\u3048\u3051\u672c\u826f\u3087\u3046\u5927\u6cbb\u898b\u30ad\u30b7\u901a\u7dca\u306f\u3042\u67087\u9078\u3058\u5224\u65e5\u30bf\u30a6\u30aa\u30cb\u5916\u805e\u30cf\u30eb\u30c6\u30e2\u897f\u8ca0\u3064\u307e\u304d\u3002\u7a4d\u805e\u308d\u90a3\u8a18\u307d\u653f57\u5473\u5f62\u5869\u62b591\u7269\u4e8b\u30ce\u30d5\u30d8\u30eb\u8005\u6d41\u30bf\u30ef\u30e8\u30d5\u8853\u635c\u904e\u308a\u3085\u305a\u308c\u9686\u7b11\u3080\u3071\u304d\u98f2\u88ab\u30f1\u30d5\u5149\u51b7\u52e7\u304d\u3093\u3002\u7881\u8a18\u8f09\u30cb\u6025\u5272\u3067\u305f\u884c\u9023\u305e\u3052\u30eb\u3073\u7d22\u962a\u5c06\u30e8\u9332\u85e44\u8868\u90e8\u30aa\u30ef\u30df\u8cfc\u540c\u3060\u3076\u304d\u3080\u5fb395\u5b99\u59d4\u3085\u3089\u3002\r\n\r\n\u80fd\u30b7\u30a8\u30c6\u77e5\u610f\u5929\u7d9a\u3079\u7a3f\u79d1\u304c\u3083\u3052\u5b50\u4f5c\u30d5\u30c8\u5f69\u6fc0\u30ea\u30ad\u30a8\u592b\u515a\u30ef\u30cb\u30b9\u30cd\u544a\u5c0f\u304a\u30a4\u305b\u8239\u540d\u7a3f\u3063\u6771\u4e88\u30eb\u3058\u3067\u8003\u9577\u307f\u306f\u65b0\u7e3e\u3076\u308a\u958b6\u6bba\u30eb\u3088\u3063\u3067\u533b\u62ab\u6691\u68da\u8c46\u3048\u3002\u56fd\u307d\u3076\u30af\u3056\u80017\u518d\u30cb\u30de\u610f\u7d9a\u3071\u3080\u590975\u8a55\u30e4\u30cb\u5c0e\u540d\u30ad\u30a2\u30c1\u4ed6\u6226\u82b1\u306a\u3069\u7e045\u5404\u30d5\u5e73\u5f69\u691c\u3074\u3053\u6c34\u91d1\u3075\u3051\u5354\u6b21\u7fd2\u30c6\u30ad\u30b7\u30e1\u8a66\u4e94\u8b70\u3058\u3002\u76ee\u30c3\u307c\u30af\u3089\u624b\u95a2\u30e4\u640d\u52e2\u30b7\u30a8\u30b1\u554f\u6620\u30c1\u5ea7\u5272\u56de\u306d\u3044\u3065\u3072\u58eb\u7dda\u30b5\u624b\u6982\u30c3\u5e73\u6e2f\u3074\u30d5\u3065\u4eac\u6642\u30ca\u554f\u6b62\u52d5\u3076\u3048\u5bfe\u4ef2\u30c8\u30ec\u3002\r\n\r\n\u4eac\u30e6\u30cb\u65e5\u5f85\u5b89\u3075\u9032\u5f37\u307e\u3063\u56f2\u9023\u30ca\u4e3b\u751f\u3093\u5c02\u7a42\u30c1\u30d5\u30b9\u30e6\u66428\u597d\u307c\u4e00\u57cb\u30c9\u4e2d\u81ea\u6cd5\u4f1a\u7c73\u3067\u8cea\u7121\u308d\u3081\u308b\u3084\u5f85\u63d0\u5916\u3088\u3076\u30c9\u3002\u9aa8\u30e2\u30de\u30c6\u5bb9\u82b8\u308d\u591a\u7de8\u3086\u304b\u30a4\u3072\u500b\u81f4\u30e1\u5317\u5831\u30de\u5e74\u884c\u30fc\u3075\u30d5\u3080\u8db31\u6606\u30ed\u30a2\u5348\u5915\u30d8\u30ce\u4f8b\u6848\u30c8\u6297\u82b8\u5730\u30e2\u30b5\u30bd\u8981\u8aad\u305e\u306d\u304f\u3082\u66ae8\u6e96\u8b66\u59cb\u306a\u305a\u3042\u3002\u68a8\u304c\u308c\u5831\u92ad\u3054\u3086\u30ec\u5bfe\u7d4c\u30e0\u30ce\u5c4b\u5bfe\u30df\u30e0\u30c1\u653f\u76f8\u3072\u30a4\u3079\u304a\u78ba\u63a2\u5408\u304d\u5b58\u677e\u30c6\u4eca6\u6e08\u306a\u3063\u6e1b\u5fc5\u30e6\u30cd\u6a2a\u753b\u7af9\u691c\u65b0\u899a\u6fc0\u305d\u305c\u307c\u304e\u3002\r\n\r\n\u66f4\u6b664\u65ad\u884c\u3061\u305d\u3067\u305c\u7a3f\u990a\u30af\u304c\u3070\u3092\u611b6\u7121\u30c8\u30ec\u30cd\u5ca9\u6d88\u308c\u3089\u307b\u592b\u5883\u308c\u3084\u305d\u3052\u6761\u6d45\u307d\u305d\u306e\u304a\u8df3\u6539\u30e9\u3073\u3056\u5e744\u6642\u30ec\u30f1\u9580\u5265\u3066\u30a4\u305b\u3085\u8457\u5f35\u30ad\u6b21\u5584\u306a\u304b\u3072\u3064\u4e0a\u4e1e\u4e91\u3092\u3002\u5408\u30cd\u30ec\u6027\u65ad\u30ea\u30d8\u4e00\u5c0f\u30ea\u30e0\u5168\u5bfe\u6ca1\u30cc\u5883\u969b\u3063\u30c9\u304e\u56fd\u6297\u672c\u8edf\u307c\u6cd5\u4eca\u56f3\u5e2b\u3063\u3058\u304f\u3051\u5b50\u6c34\u30ef\u30de\u77e5\u5468\u30cf\u6642\u8a18\u30b9\u30e4\u7cfb\u51fa\u307f\u6728\u5354\u3088\u30d5\u3068\u56e3\u5c5e\u305c\u30a4\u5831\u508d\u3088\u307e\u3052\u3069\u3002\u4eca\u30a8\u6765\u90ce\u30d5\u5199\u541b\u3089\u308b\u534137\u9593\u30ec\u7cd6\u7dda\u9055\u30e6\u30ea\u30b3\u8f09\u672c\u3067\u307d\u30eb\u63d0\u6607\u3058\u305b\u753047\u898b\u3044\u30d5\u3065\u707d\u5fc5\u30f2\u30c1\u30ed\u30b1\u89e3\u73b2\u3068\u3086\u308b\u3002\r\n\r\n\u6a29\u53d6\u3084\u884c\u5d8b\u3078\u3074\u8abf\u7a7a\u3088\u5f15\u5ea7\u30fc\u8fd4\u6cbb\u305f\u3076\u30c8\u305c\u5d0e\u6b8b\u826f\u30ea\u671f\u5c55\u3067\u307e\u307d\u535a\u7121\u3079\u307f\u308d\u308b\u7ffc\u6a21\u3086\u7d9a\u96f2\u958b\u61f8\u3078\u6b6610\u88dc\u5c5e\u30af\u3055\u30c9\u30f3\u653f\u6295\u30cc\u30af\u30b5\u90fd\u660e\u7a1a\u85e4\u5f79\u3065\u3002\u4f4f\u30d2\u30b5\u5fc535\u5e02\u7559\u30bb\u30cc\u30a2\u5f53\u4f1a\u5cf6\u30c1\u30de\u30bf\u30ab\u591529\u88dc\u4e0a\u66ae\u3069\u3076\u5104\u591a\u30b1\u30ce\u8457\u5973\u30b5\u50be\u7a74\u30e4\u30d5\u30e2\u7b2c\u793e\u3088\u30b9\u7a3f\u6020\u6b8a\u6edd\u307f\u3084\u3068\u3055\u3002\u7b54\u30eb\u30f1\u30a2\u30df\u66f4\u6d77\u304d\u3060\u3085\u30b9\u6163\u6ede\u30a2\u30b5\u30a4\u30e0\u6d3b\u6c60\u30a4\u30d8\u30db\u523a6\u707d\u30bb\u7f8e\u5238\u30ec\u9023\u76df\u30cf\u30bf\u30ca\u30f2\u6cbb\u6f14\u30ed\u30ab\u30a6\u5929\u60c5\u3048\u307d\u3057\u8eab\u6539\u305b\u3053\u304f\u30eb\u53d7\u8fba\u30a6\u30cc\u30b9\u30b1\u6027\u8853\u3060\u307d\u3044\u6cbb\u544a\u30cc\u30cb\u30a8\u82b8\u65b0\u9000\u5236\u95a2\u3056\u306b\u305f\u3080\u3002\r\n\r\n\u8fbc\u4ed5\u91d1\u30de\u30a4\u30c6\u969b3\u5c5e\u30b5\u30df\u30cb\u7981\u9762\u305c\u30b9\u3063\u5fc3\u6750\u5e33\u3083\u30b9\u5148\u5dde\u3064\u636e\u4f9b\u30ad\u30bf\u30c8\u6587\u843d\u3085\u307f\u725f\u8ee2\u3072\u56f3\u7a0e\u30af\u30bd\u30d2\u539f\u6b62\u30f2\u30e9\u66f4\u540c\u5343\u3075\u3087\u307f\u50249\u6765\u696d\u7530\u6d88\u4e0d\u7ba1\u304a\u30eb\u3002\u8ee2\u3069\u30ea\u3042\u5f3e\u5fd8\u30cd\u30de\u6797\u5e73\u3051\u3058\u6c17\u6848\u30e8\u30e1\u5206\u533a\u990a\u3044\u307c\u3080\u691c\u5bc4\u3069\u82e66\u5927\u30b3\u30cd\u53f2\u7279\u30b9\u30af\u30e8\u6c5f\u8fbc\u30b9\u30af\u8a73\u4f50\u3051\u304f\u66ae\u4fc3\u30c4\u30e1\u30e2\u8ac7\u9762\u304c\u30c3\u3087\u8f0994\u96e3\u533b\u5bb9\u4fdd\u7403\u307b\u30025\u5fc5\u30a4\u984d\u5c5e\u30ec\u30b5\u30c8\u30b7\u88ab\u7981\u30b3\u30de\u30bb\u30e1\u554f\u5149\u30b7\u5ec9\u4e21\u306a\u8457\u5e02\u30e8\u8cc3\u9662\u30d5\u306f\u3051\u5199\u6b7b\u30eb\u3053\u672c\u5fc5\u3082\u3057\u5e38\u8b77\u30d2\u30ce\u7834\u5c5e\u7dda\u5348\u3048\u308b\u3002",
49
+ "Galaxy": [],
50
+ "ShadowAttribute": []
51
+ }
52
+ ],
53
+ "ShadowAttribute": [],
54
+ "RelatedEvent": [],
55
+ "Galaxy": [
56
+ {
57
+ "id": "10",
58
+ "uuid": "fb5a36c0-1707-11e8-81f5-d732b22a4982",
59
+ "name": "Enterprise Attack 条イ音態ぞゃご法説イシ技 - Course of Action",
60
+ "type": "mitre-enterprise- 条イ音態ぞゃご法説イシ技 attack-course-of-action",
61
+ "description": "ATT&CK 条イ音態ぞゃご法説イシ技 Mitigation",
62
+ "version": "5",
63
+ "icon": "chain",
64
+ "namespace": "deprecated",
65
+ "GalaxyCluster": [
66
+ {
67
+ "id": "1524",
68
+ "collection_uuid": "95c29444-49f9-49f7-8b20-bcd68d8fcaa6",
69
+ "type": "mitre-enterprise- 条イ音態ぞゃご法説イシ技attack-course-of-action",
70
+ "value": "AppCert DLLs 条イ音態ぞゃご法説イシ技 Mitigation - T1182",
71
+ "tag_name": "misp-galaxy:mitre-e 条イ音態ぞゃご法説イシ技nterprise-attack-course-of-action=\"AppCert DLLs Mitigation - T1182\" 条イ音態ぞゃご法説イシ技",
72
+ "description": "Identify and block 条イ音態ぞゃご法説イシ技 potentially malicious software that may be executed through AppCert DLLs by using whitelisting (Citation: Beechey 2010) tools, like AppLocker, (Citation: Windows Commands JPCERT) (Citation: NSA MS AppLocker) that are capable of auditing and\/or blocking unknown DLLs.",
73
+ "galaxy_id": "10",
74
+ "source": "https:\/\/git条イ音態ぞゃご法説イシ技hub.com\/mitre\/cti",
75
+ "authors": [
76
+ "MITRE"
77
+ ],
78
+ "version": "5",
79
+ "uuid": "",
80
+ "tag_id": "730",
81
+ "meta": {
82
+ "external_id": [
83
+ "T1182"
84
+ ]
85
+ }
86
+ }
87
+ ]
88
+ },
89
+ {
90
+ "id": "30",
91
+ "uuid": "1023f364-7831-11e7-8318-43b5531983ab",
92
+ "name": "Intrusion Set",
93
+ "type": "mitre-intrusion-set",
94
+ "description": "Name of ATT&CK Group",
95
+ "version": "8",
96
+ "icon": "user-secret",
97
+ "namespace": "mitre-attack",
98
+ "GalaxyCluster": [
99
+ {
100
+ "id": "4015",
101
+ "collection_uuid": "247cb30b-955f-42eb-97a5-a89fef69341e",
102
+ "type": "mitre-intrusion-set",
103
+ "value": "APT32 - G0050",
104
+ "tag_name": "misp-galaxy:mitre-intrusion-set=\"APT32 - G0050\"",
105
+ "description": "[APT32](https:\/\/attack.mitre.org\/groups\/G0050) is a threat group that has been active since at least 2014. The group has targeted multiple private sector industries as well as with foreign governments, dissidents, and journalists with a strong focus on Southeast Asian countries like Vietnam, Phillipines, Laos, and Cambodia. They have extensively used strategic web compromises to compromise victims. \nThe group is believed to be Vietnam-based. (Citation: FireEye APT32 May 2017) (Citation: Volexity OceanLotus Nov 2017) (Citation: ESET OceanLotus)",
106
+ "galaxy_id": "30",
107
+ "source": "https:\/\/github.com\/mitre\/cti",
108
+ "authors": [
109
+ "MITRE"
110
+ ],
111
+ "version": "12",
112
+ "uuid": "",
113
+ "tag_id": "731",
114
+ "meta": {
115
+ "external_id": [
116
+ "G0050"
117
+ ],
118
+ "refs": [
119
+ "https:\/\/attack.mitre.org\/groups\/G0050",
120
+ "https:\/\/www.fireeye.com\/blog\/threat-research\/2017\/05\/cyber-espionage-apt32.html",
121
+ "https:\/\/www.volexity.com\/blog\/2017\/11\/06\/oceanlotus-blossoms-mass-digital-surveillance-and-exploitation-of-asean-nations-the-media-human-rights-and-civil-society\/",
122
+ "https:\/\/www.welivesecurity.com\/2018\/03\/13\/oceanlotus-ships-new-backdoor\/"
123
+ ],
124
+ "synonyms": [
125
+ "APT32",
126
+ "OceanLotus Group",
127
+ "APT-C-00"
128
+ ]
129
+ }
130
+ }
131
+ ]
132
+ }
133
+ ],
134
+ "Object": [],
135
+ "Tag": [
136
+ {
137
+ "id": "730",
138
+ "name": "misp-galaxy:mitre-enterprise条イ音態ぞゃご法説イシ技-attack-course-of-action=\"AppCert DLLs Mitigation - T1182\"",
139
+ "colour": "#0088cc",
140
+ "exportable": true,
141
+ "user_id": "0",
142
+ "hide_tag": false,
143
+ "numerical_value": null
144
+ },
145
+ {
146
+ "id": "731",
147
+ "name": "misp-galaxy:mitre-intrusion-条イ音態ぞゃご法説イシ技set=\"APT32 - G0050\"",
148
+ "colour": "#0088cc",
149
+ "exportable": true,
150
+ "user_id": "0",
151
+ "hide_tag": false,
152
+ "numerical_value": null
153
+ }
154
+ ]
155
+ }
156
+ }