This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"@id": "example:STIXPackage-33fe3b22-0201-47cf-85d0-97c02164528d", | |
"@type": "stix:Package", | |
"stix:indicators": [ | |
{ | |
"@id": "example:Indicator-33fe3b22-0201-47cf-85d0-97c02164528d", | |
"@type": "ind:Indicator", | |
"ind:indicatorType": "stixVocabs:IndicatorTypeVocab-1.1:IP_Watchlist", | |
"ind:observable": {"@id": "example:Observable-1c798262-a4cd-434d-a958-884d6980c459"}, | |
"stixc:description": {"@value": "Sample IP Address Indicator for this watchlist. This contains one indicator with a set of three IP addresses in the watchlist."}, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"@id": "example:Package-ec96d2a6-5a95-48f2-93c0-b3b2198633ca", | |
"@type": "stix:Package", | |
"stix:incidents": [ | |
{ | |
"@id": "example:incident-8236b4a2-abe0-4b56-9347-288005c4bb92", | |
"@type": "inc:Incident", | |
"inc:impactEffects": "stixVocabs:IncidentEffectVocab-1.0:Financial_Loss", | |
"inc:reporter": { | |
"@id": "example:4cdb58ee3d18966146434adc2ce80d0972b2e991", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"@id": "example:Package-8b8ed1c1-f01d-4393-ac65-97017ed15876", | |
"@type": "stix:Package", | |
"stix:indicators": [ | |
{ | |
"@id": "example:indicator-8cf9236f-1b96-493d-98be-0c1c1e8b62d7", | |
"@type": "ind:Indicator", | |
"ind:indicatorType": "stixVocabs:IndicatorTypeVocab-1.1:Malicious_E-mail", | |
"ind:observable": {"@id": "example:Observable-437f0c20-ab26-4400-9f6a-fc395da3ddd9"}, | |
"stixc:confidence": { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<stix:STIX_Package> | |
<stix:Indicators> | |
<stix:Indicator id="example:indicator-8cf9236f-1b96-493d-98be-0c1c1e8b62d7" timestamp="2014-10-31T15:52:13.127931+00:00" xsi:type='indicator:IndicatorType' negate="false" version="2.1.1"> | |
<indicator:Title>Malicious E-mail</indicator:Title> | |
<indicator:Type xsi:type="stixVocabs:IndicatorTypeVocab-1.1">Malicious E-mail</indicator:Type> | |
<indicator:Observable id="example:Observable-437f0c20-ab26-4400-9f6a-fc395da3ddd9"> | |
<cybox:Object id="example:EmailMessage-0dc3478e-153a-412f-8718-7e9ee65b8084"> | |
<cybox:Properties xsi:type="EmailMessageObj:EmailMessageObjectType"> | |
<EmailMessageObj:Header> | |
<EmailMessageObj:Subject condition="StartsWith">[IMPORTANT] Please Review Before</EmailMessageObj:Subject> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<stix:STIX_Package id="example:STIXPackage-33fe3b22-0201-47cf-85d0-97c02164528d" timestamp="2014-05-08T09:00:00.000000Z" version="1.1.1"> | |
<stix:STIX_Header> | |
<stix:Title>Example watchlist that contains IP information.</stix:Title> | |
<stix:Package_Intent xsi:type="stixVocabs:PackageIntentVocab-1.0">Indicators - Watchlist</stix:Package_Intent> | |
</stix:STIX_Header> | |
<stix:Indicators> | |
<stix:Indicator xsi:type="indicator:IndicatorType" id="example:Indicator-33fe3b22-0201-47cf-85d0-97c02164528d" timestamp="2014-05-08T09:00:00.000000Z"> | |
<indicator:Type xsi:type="stixVocabs:IndicatorTypeVocab-1.1">IP Watchlist</indicator:Type> | |
<indicator:Description>Sample IP Address Indicator for this watchlist. This contains one indicator with a set of three IP addresses in the watchlist.</indicator:Description> | |
<indicator:Observable id="example:Observable-1c798262-a4cd-434d-a958-884d6980c459"> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<stix:STIX_Package> | |
<stix:Incidents> | |
<stix:Incident id="example:incident-8236b4a2-abe0-4b56-9347-288005c4bb92" timestamp="2014-11-18T23:40:08.061362+00:00" xsi:type='incident:IncidentType' version="1.2"> | |
<incident:Title>Breach of Cyber Tech Dynamics</incident:Title> | |
<incident:Time> | |
<incident:Initial_Compromise precision="second">2012-01-30T00:00:00</incident:Initial_Compromise> | |
<incident:Incident_Discovery precision="second">2012-05-10T00:00:00</incident:Incident_Discovery> | |
<incident:Restoration_Achieved precision="second">2012-08-10T00:00:00</incident:Restoration_Achieved> | |
<incident:Incident_Reported precision="second">2012-12-10T00:00:00</incident:Incident_Reported> | |
</incident:Time> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"id": "{http://example.com}Package-8b8ed1c1-f01d-4393-ac65-97017ed15876", | |
"id_namespaces": { | |
"example": "http://example.com" | |
}, | |
"indicators": [ | |
{ | |
"confidence": { | |
"timestamp": "2014-10-31T15:52:13.127950+00:00", | |
"type": "confidence", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"@context" : | |
{ | |
"rdf" : "http://www.w3.org/1999/02/22-rdf-syntax-ns#", | |
"rdfs" : "http://www.w3.org/2000/01/rdf-schema#", | |
"owl" : "http://www.w3.org/2002/07.owl#", | |
"xsd" : "http://www.w3.org/2001/XMLSchema#", | |
"cybox" : "http://cybox.mitre.org/cybox_core#", | |
"cyboxc" : "http://cybox.mitre.org/cyboxCommon#", | |
"cyboxVocabs" : "http://cybox.mitre.org/default_vocabularies-2#", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"id": “example:identity-d3082b16-6dbd-4f1a-8cee-9ea2a0a35d5f", | |
"type": “identity", | |
"timestamp": "2015-12-21T19:59:11Z", | |
"name": “Recorded Future" | |
}, | |
{ | |
"id": “example:tool-627e862d-04f4-42a3-bd52-561dc890ee99", | |
"type": “tool", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"id": “example:tool-627e862d-04f4-42a3-bd52-561dc890ee99", | |
"type": “tool", | |
"timestamp": "2015-12-21T19:59:11Z", | |
"name": “Web Intelligence Engine" | |
}, | |
{ | |
"id": "example:rel-a2b0101d-03a8-4d0d-bedf-2b4ea386c1ac", |
OlderNewer