├── LICENSE.md ├── README.md ├── UserGuide.md ├── cdas ├── __init__.py ├── __main__.py ├── agents.py ├── assets │ ├── NIST_assess.json │ ├── html_templates │ │ ├── APT.html │ │ ├── COMPANY.html │ │ ├── COUNTRY.html │ │ ├── NETWORK.html │ │ ├── REPORT.html │ │ ├── index.html │ │ └── style.css │ ├── images │ │ ├── CDAS.png │ │ ├── html_output.png │ │ ├── misp_import.png │ │ ├── misp_output.png │ │ └── pdf_output.png │ ├── markov_probabilities.json │ ├── mitre_cti │ │ ├── attack-patterns │ │ │ ├── attack-pattern--0042a9f5-f053-4769-b3ef-9ad018dfa298.json │ │ │ ├── attack-pattern--005a06c6-14bf-4118-afa0-ebcd8aebb0c9.json │ │ │ ├── attack-pattern--008b8f56-6107-48be-aa9f-746f927dbb61.json │ │ │ ├── attack-pattern--00f90846-cbd1-4fc5-9233-df5c2bf2a662.json │ │ │ ├── attack-pattern--01327cde-66c4-4123-bf34-5f258d59457b.json │ │ │ ├── attack-pattern--01a5a209-b94c-450b-b7f9-946497d91055.json │ │ │ ├── attack-pattern--0259baeb-9f63-4c69-bf10-eb038c390688.json │ │ │ ├── attack-pattern--03259939-0b57-482f-8eb5-87c0e0d54334.json │ │ │ ├── attack-pattern--035bb001-ab69-4a0b-9f6c-2de8b09e1b9d.json │ │ │ ├── attack-pattern--039bc59c-ecc7-4997-b2b4-4ab728bd91aa.json │ │ │ ├── attack-pattern--03d7999c-1f4c-42cc-8373-e7690d318104.json │ │ │ ├── attack-pattern--0458aab9-ad42-4eac-9e22-706a95bafee2.json │ │ │ ├── attack-pattern--045d0922-2310-4e60-b5e4-3302302cb3c5.json │ │ │ ├── attack-pattern--04fd5427-79c7-44ea-ae13-11b24778ff1c.json │ │ │ ├── attack-pattern--063b5b92-5361-481a-9c3f-95492ed9a2d8.json │ │ │ ├── attack-pattern--06c00069-771a-4d57-8ef5-d3718c1a8771.json │ │ │ ├── attack-pattern--0708ae90-d0eb-4938-9a76-d0fc94f6eec1.json │ │ │ ├── attack-pattern--09312b1a-c3c6-4b45-9844-3ccc78e5d82f.json │ │ │ ├── attack-pattern--097924ce-a9a9-4039-8591-e0deedfb8722.json │ │ │ ├── attack-pattern--0979abf9-4e26-43ec-9b6e-54efc4e70fca.json │ │ │ ├── attack-pattern--09a60ea3-a8d1-4ae5-976e-5783248b72a4.json │ │ │ ├── attack-pattern--09b130a2-a77e-4af0-a361-f46f9aad1345.json │ │ │ ├── attack-pattern--09c4c11e-4fa1-4f8c-8dad-3cf8e69ad119.json │ │ │ ├── attack-pattern--09cd431f-eaf4-4d2a-acaf-2a7acfe7ed58.json │ │ │ ├── attack-pattern--0a241b6c-7bb2-48f9-98f7-128145b4d27f.json │ │ │ ├── attack-pattern--0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22.json │ │ │ ├── attack-pattern--0a5231ec-41af-4a35-83d0-6bdf11f28c65.json │ │ │ ├── attack-pattern--0ad7bc5c-235a-4048-944b-3b286676cb74.json │ │ │ ├── attack-pattern--0af0ca99-357d-4ba1-805f-674fdfb7bef9.json │ │ │ ├── attack-pattern--0bda01d5-4c1d-4062-8ee2-6872334383c3.json │ │ │ ├── attack-pattern--0c2d00da-7742-49e7-9928-4514e5075d32.json │ │ │ ├── attack-pattern--0c4b4fda-9062-47da-98b9-ceae2dcf052a.json │ │ │ ├── attack-pattern--0c71033e-401e-4b97-9309-7a7c95e43a5d.json │ │ │ ├── attack-pattern--0c8ab3eb-df48-4b9c-ace7-beacaac81cc5.json │ │ │ ├── attack-pattern--0cfe31a7-81fc-472c-bc45-e2808d1066a3.json │ │ │ ├── attack-pattern--0d95940f-9583-4e0f-824c-a42c1be47fad.json │ │ │ ├── attack-pattern--0dda99f0-4701-48ca-9774-8504922e92d3.json │ │ │ ├── attack-pattern--0df05477-c572-4ed6-88a9-47c581f548f7.json │ │ │ ├── attack-pattern--0f20e3cb-245b-4a61-8a91-2d93f7cb0e9b.json │ │ │ ├── attack-pattern--0f2c410d-d740-4ed9-abb1-b8f4a7faf6c3.json │ │ │ ├── attack-pattern--0f4a0c76-ab2d-4cb0-85d3-3f0efb8cba0d.json │ │ │ ├── attack-pattern--0ff59227-8aa8-4c09-bf1f-925605bd07ea.json │ │ │ ├── attack-pattern--1035cdf2-3e5f-446f-a7a7-e8f6d7925967.json │ │ │ ├── attack-pattern--106c0cf6-bf73-4601-9aa8-0945c2715ec5.json │ │ │ ├── attack-pattern--10d51417-ee35-4589-b1ff-b6df1c334e8d.json │ │ │ ├── attack-pattern--10ff21b9-5a01-4268-a1b5-3b55015f1847.json │ │ │ ├── attack-pattern--10ffac09-e42d-4f56-ab20-db94c67d76ff.json │ │ │ ├── attack-pattern--118f61a5-eb3e-4fb6-931f-2096647f4ecd.json │ │ │ ├── attack-pattern--120d5519-3098-4e1c-9191-2aa61232f073.json │ │ │ ├── attack-pattern--1365fe3b-0f50-455d-b4da-266ce31c23b0.json │ │ │ ├── attack-pattern--138979ba-0430-4de6-a128-2fc0b056ba36.json │ │ │ ├── attack-pattern--143c0cbb-a297-4142-9624-87ffc778980b.json │ │ │ ├── attack-pattern--144e007b-e638-431d-a894-45d90c54ab90.json │ │ │ ├── attack-pattern--15dbf668-795c-41e6-8219-f0447c0e64ce.json │ │ │ ├── attack-pattern--1608f3e1-598a-42f4-a01a-2e252e81728f.json │ │ │ ├── attack-pattern--1644e709-12d2-41e5-a60f-3470991f5011.json │ │ │ ├── attack-pattern--166de1c6-2814-4fe5-8438-4e80f76b169f.json │ │ │ ├── attack-pattern--16ab6452-c3c1-497c-a47d-206018ca1ada.json │ │ │ ├── attack-pattern--16cdd21f-da65-4e4f-bc04-dd7d198c7b26.json │ │ │ ├── attack-pattern--16e94db9-b5b1-4cd0-b851-f38fbd0a70f2.json │ │ │ ├── attack-pattern--17cc750b-e95b-4d7d-9dde-49e0de24148c.json │ │ │ ├── attack-pattern--17fd695c-b88c-455a-a3d1-43b6cb728532.json │ │ │ ├── attack-pattern--18cffc21-3260-437e-80e4-4ab8bf2ba5e9.json │ │ │ ├── attack-pattern--191cc6af-1bb2-4344-ab5f-28e496638720.json │ │ │ ├── attack-pattern--19401639-28d0-4c3c-adcc-bc2ba22f6421.json │ │ │ ├── attack-pattern--197ef1b9-e764-46c3-b96c-23f77985dc81.json │ │ │ ├── attack-pattern--1988cc35-ced8-4dad-b2d1-7628488fa967.json │ │ │ ├── attack-pattern--198ce408-1470-45ee-b47f-7056050d4fc2.json │ │ │ ├── attack-pattern--1996eef1-ced3-4d7f-bf94-33298cabbf72.json │ │ │ ├── attack-pattern--19a71d1e-6334-4233-8260-b749cae37953.json │ │ │ ├── attack-pattern--19bf235b-8620-4997-b5b4-94e0659ed7c3.json │ │ │ ├── attack-pattern--1a80d097-54df-41d8-9d33-34e755ec5e72.json │ │ │ ├── attack-pattern--1af9e3fd-2bcc-414d-adbd-fe3b95c02ca1.json │ │ │ ├── attack-pattern--1b22b676-9347-4c55-9a35-ef0dc653db5b.json │ │ │ ├── attack-pattern--1b51f5bc-b97a-498a-8dbd-bc6b1901bf19.json │ │ │ ├── attack-pattern--1b7b1806-7746-41a1-a35d-e48dae25ddba.json │ │ │ ├── attack-pattern--1b7ba276-eedc-4951-a762-0ceea2c030ec.json │ │ │ ├── attack-pattern--1c34f7aa-9341-4a48-bfab-af22e51aca6c.json │ │ │ ├── attack-pattern--1c478716-71d9-46a4-9a53-fa5d576adb60.json │ │ │ ├── attack-pattern--1c4e5d32-1fe9-4116-9d9d-59e3925bd6a2.json │ │ │ ├── attack-pattern--1cec9319-743b-4840-bb65-431547bce82a.json │ │ │ ├── attack-pattern--1cfcb312-b8d7-47a4-b560-4b16cc677292.json │ │ │ ├── attack-pattern--1d24cdee-9ea2-4189-b08e-af110bf2435d.json │ │ │ ├── attack-pattern--1e9eb839-294b-48cc-b0d3-c45555a2a004.json │ │ │ ├── attack-pattern--1eaebf46-e361-4437-bc23-d5d65a3b92e3.json │ │ │ ├── attack-pattern--1ecb2399-e8ba-4f6b-8ba7-5c27d49405cf.json │ │ │ ├── attack-pattern--1ecfdab8-7d59-4c98-95d4-dc41970f57fc.json │ │ │ ├── attack-pattern--1f9012ef-1e10-4e48-915e-e03563435fe8.json │ │ │ ├── attack-pattern--1f9c2bae-b441-4f66-a8af-b65946ee72f2.json │ │ │ ├── attack-pattern--20fb2507-d71c-455d-9b6d-6104461cf26b.json │ │ │ ├── attack-pattern--212306d8-efa4-44c9-8c2d-ed3d2e224aa0.json │ │ │ ├── attack-pattern--21875073-b0ee-49e3-9077-1e2a885359af.json │ │ │ ├── attack-pattern--22379609-a99f-4a01-bd7e-70f3e105859d.json │ │ │ ├── attack-pattern--22905430-4901-4c2a-84f6-98243cb173f8.json │ │ │ ├── attack-pattern--23270e54-1d68-4c3b-b763-b25607bcef80.json │ │ │ ├── attack-pattern--232a7e42-cd6e-4902-8fe9-2960f529dd4d.json │ │ │ ├── attack-pattern--232b7f21-adf9-4b42-b936-b9d6f7df856e.json │ │ │ ├── attack-pattern--2339cf19-8f1e-48f7-8a91-0262ba547b6f.json │ │ │ ├── attack-pattern--24286c33-d4a4-4419-85c2-1d094a896c26.json │ │ │ ├── attack-pattern--246fd3c7-f5e3-466d-8787-4c13d9e3b61c.json │ │ │ ├── attack-pattern--24769ab5-14bd-4f4e-a752-cfb185da53ee.json │ │ │ ├── attack-pattern--24a9253e-8948-4c98-b751-8e2aee53127c.json │ │ │ ├── attack-pattern--24bfaeba-cb0d-4525-b3dc-507c77ecec41.json │ │ │ ├── attack-pattern--25659dd6-ea12-45c4-97e6-381e3e4b593e.json │ │ │ ├── attack-pattern--25852363-5968-4673-b81d-341d5ed90bd1.json │ │ │ ├── attack-pattern--25dfc8ad-bd73-4dfd-84a9-3c3d383f76e9.json │ │ │ ├── attack-pattern--2736b752-4ec5-4421-a230-8977dea7649c.json │ │ │ ├── attack-pattern--274770e0-2612-4ccf-a678-ef8e7bad365d.json │ │ │ ├── attack-pattern--27f483c6-6666-44fa-8532-ffd5fc7dab38.json │ │ │ ├── attack-pattern--2877063e-1851-48d2-bcc6-bc1d2733157e.json │ │ │ ├── attack-pattern--2883c520-7957-46ca-89bd-dab1ad53b601.json │ │ │ ├── attack-pattern--28abec6c-4443-4b03-8206-07f2e264a6b4.json │ │ │ ├── attack-pattern--2900bbd8-308a-4274-b074-5b8bde8347bc.json │ │ │ ├── attack-pattern--2959d63f-73fd-46a1-abd2-109d7dcede32.json │ │ │ ├── attack-pattern--29ba5a15-3b7b-4732-b817-65ea8f6468e6.json │ │ │ ├── attack-pattern--29be378d-262d-4e99-b00d-852d573628e6.json │ │ │ ├── attack-pattern--29e07491-8947-43a3-8d4e-9a787c45f3d3.json │ │ │ ├── attack-pattern--2aa406ed-81c3-4c1d-ba83-cfbee5a2847a.json │ │ │ ├── attack-pattern--2acf44aa-542f-4366-b4eb-55ef5747759c.json │ │ │ ├── attack-pattern--2aed01ad-3df3-4410-a8cb-11ea4ded587c.json │ │ │ ├── attack-pattern--2b5aa86b-a0df-4382-848d-30abea443327.json │ │ │ ├── attack-pattern--2b742742-28c3-4e1b-bab7-8350d6300fa7.json │ │ │ ├── attack-pattern--2bb20118-e6c0-41dc-a07c-283ea4dd0fb8.json │ │ │ ├── attack-pattern--2bce5b30-7014-4a5d-ade7-12913fe6ac36.json │ │ │ ├── attack-pattern--2bee5ffb-7a7a-4119-b1f2-158151b19ac0.json │ │ │ ├── attack-pattern--2c4d4e92-0ccf-4a97-b54c-86d662988a53.json │ │ │ ├── attack-pattern--2cd950a6-16c4-404a-aa01-044322395107.json │ │ │ ├── attack-pattern--2d0d40ad-22fa-4cc8-b264-072557e1364b.json │ │ │ ├── attack-pattern--2d3f5b3c-54ca-4f4d-bb1f-849346d31230.json │ │ │ ├── attack-pattern--2d646840-f6f5-4619-a5a8-29c8316bbac5.json │ │ │ ├── attack-pattern--2db31dcd-54da-405d-acef-b9129b816ed6.json │ │ │ ├── attack-pattern--2dbbdcd5-92cf-44c0-aea2-fe24783a6bc3.json │ │ │ ├── attack-pattern--2dc2b567-8821-49f9-9045-8740f3d0b958.json │ │ │ ├── attack-pattern--2de38279-043e-47e8-aaad-1b07af6d0790.json │ │ │ ├── attack-pattern--2de47683-f398-448f-b947-9abcc3e32fad.json │ │ │ ├── attack-pattern--2e34237d-8574-43f6-aace-ae2915de8597.json │ │ │ ├── attack-pattern--2f6b4ed7-fef1-44ba-bcb8-1b4beb610b64.json │ │ │ ├── attack-pattern--2fee9321-3e71-4cf4-af24-d4d40d355b34.json │ │ │ ├── attack-pattern--30208d3e-0d6b-43c8-883e-44462a514619.json │ │ │ ├── attack-pattern--3067b85e-271e-4bc5-81ad-ab1a81d411e3.json │ │ │ ├── attack-pattern--30973a08-aed9-4edf-8604-9084ce1b5c4f.json │ │ │ ├── attack-pattern--3120b9fa-23b8-4500-ae73-09494f607b7d.json │ │ │ ├── attack-pattern--31225cd3-cd46-4575-b287-c2c14011c074.json │ │ │ ├── attack-pattern--31a0a2ac-c67c-4a7e-b9ed-6a96477d4e8e.json │ │ │ ├── attack-pattern--322bad5a-1c49-4d23-ab79-76d641794afa.json │ │ │ ├── attack-pattern--3257eb21-f9a7-4430-8de1-d8b6e288f529.json │ │ │ ├── attack-pattern--32632a95-6856-47b9-9ab7-fea5cd7dce00.json │ │ │ ├── attack-pattern--32901740-b42c-4fdd-bc02-345b5dc57082.json │ │ │ ├── attack-pattern--3298ce88-1628-43b1-87d9-0b5336b193d7.json │ │ │ ├── attack-pattern--32ad5c86-2bcf-47d8-8fdc-d7f3d79a7490.json │ │ │ ├── attack-pattern--3405891b-16aa-4bd7-bd7c-733501f9b20f.json │ │ │ ├── attack-pattern--341e222a-a6e3-4f6f-b69c-831d792b1580.json │ │ │ ├── attack-pattern--3489cfc5-640f-4bb3-a103-9137b97de79f.json │ │ │ ├── attack-pattern--348f1eef-964b-4eb6-bb53-69b3dcb0c643.json │ │ │ ├── attack-pattern--34ab90a3-05f6-4259-8f21-621081fdaba5.json │ │ │ ├── attack-pattern--34b3f738-bd64-40e5-a112-29b0542bc8bf.json │ │ │ ├── attack-pattern--34e793de-0274-4982-9c1a-246ed1c19dee.json │ │ │ ├── attack-pattern--34f1d81d-fe88-4f97-bd3b-a3164536255d.json │ │ │ ├── attack-pattern--35187df2-31ed-43b6-a1f5-2f1d3d58d3f1.json │ │ │ ├── attack-pattern--351c0927-2fc1-4a2c-ad84-cbbee7eb8172.json │ │ │ ├── attack-pattern--354a7f88-63fb-41b5-a801-ce3b377b36f1.json │ │ │ ├── attack-pattern--355be19c-ffc9-46d5-8d50-d6a036c675b6.json │ │ │ ├── attack-pattern--359b00ad-9425-420b-bba5-6de8d600cbc0.json │ │ │ ├── attack-pattern--35dd844a-b219-4e2b-a6bb-efa9a75995a9.json │ │ │ ├── attack-pattern--365be77f-fc0e-42ee-bac8-4faf806d9336.json │ │ │ ├── attack-pattern--36aa137f-5166-41f8-b2f0-a4cfa1b4133e.json │ │ │ ├── attack-pattern--36b2a1d7-e09e-49bf-b45e-477076c2ec01.json │ │ │ ├── attack-pattern--36e9f5bc-ac13-4da4-a2f4-01f4877d9004.json │ │ │ ├── attack-pattern--3731fbcd-0e43-47ae-ae6c-d15e510f0d42.json │ │ │ ├── attack-pattern--37b11151-1776-4f8f-b328-30939fbf2ceb.json │ │ │ ├── attack-pattern--38213338-1aab-479d-949b-c81b66ccca5c.json │ │ │ ├── attack-pattern--389735f1-f21c-4208-b8f0-f8031e7169b8.json │ │ │ ├── attack-pattern--38eb0c22-6caf-46ce-8869-5964bd735858.json │ │ │ ├── attack-pattern--3911658a-6506-4deb-9ab4-595a51ae71ad.json │ │ │ ├── attack-pattern--39131305-9282-45e4-ac3b-591d2d4fc3ef.json │ │ │ ├── attack-pattern--391d824f-0ef1-47a0-b0ee-c59a75e27670.json │ │ │ ├── attack-pattern--393e8c12-a416-4575-ba90-19cc85656796.json │ │ │ ├── attack-pattern--3986e7fd-a8e9-4ecb-bfc6-55920855912b.json │ │ │ ├── attack-pattern--39cc9f64-cf74-4a48-a4d8-fe98c54a02e0.json │ │ │ ├── attack-pattern--39dd7871-f59b-495f-a9a5-3cb8cc50c9b2.json │ │ │ ├── attack-pattern--3a40f208-a9c1-4efa-a598-4003c3681fb8.json │ │ │ ├── attack-pattern--3aef9463-9a7a-43ba-8957-a867e07c1e6a.json │ │ │ ├── attack-pattern--3b0b604f-10db-41a0-b54c-493124d455b9.json │ │ │ ├── attack-pattern--3b0e52ce-517a-4614-a523-1bd5deef6c5e.json │ │ │ ├── attack-pattern--3b6b9246-43f8-4c69-ad7a-2b11cfe0a0d9.json │ │ │ ├── attack-pattern--3b744087-9945-4a6f-91e8-9dbceda417a4.json │ │ │ ├── attack-pattern--3c4a2599-71ee-4405-ba1e-0e28414b4bc5.json │ │ │ ├── attack-pattern--3ccef7ae-cb5e-48f6-8302-897105fbf55c.json │ │ │ ├── attack-pattern--3d1b9d7e-3921-4d25-845a-7d9f15c0da44.json │ │ │ ├── attack-pattern--3d333250-30e4-4a82-9edc-756c68afc529.json │ │ │ ├── attack-pattern--3dc8c101-d4db-4f4d-8150-1b5a76ca5f1b.json │ │ │ ├── attack-pattern--3dd58c80-4c2e-458c-9503-1b2cd273c4d2.json │ │ │ ├── attack-pattern--3de230d4-3e42-4041-b089-17e1128feded.json │ │ │ ├── attack-pattern--3f18edba-28f4-4bb9-82c3-8aa60dcac5f7.json │ │ │ ├── attack-pattern--3f1f4ccb-9be2-4ff8-8f69-dd972221169b.json │ │ │ ├── attack-pattern--3f886f2a-874f-4333-b794-aa6075009b1c.json │ │ │ ├── attack-pattern--3fc01293-ef5e-41c6-86ce-61f10706b64a.json │ │ │ ├── attack-pattern--3fc9b85a-2862-4363-a64d-d692e3ffbee0.json │ │ │ ├── attack-pattern--40597f16-0963-4249-bf4c-ac93b7fb9807.json │ │ │ ├── attack-pattern--4061e78c-1284-44b4-9116-73e4ac3912f7.json │ │ │ ├── attack-pattern--40b300ba-f553-48bf-862e-9471b220d455.json │ │ │ ├── attack-pattern--40f5caa0-4cb7-4117-89fc-d421bb493df3.json │ │ │ ├── attack-pattern--41868330-6ee2-4d0f-b743-9f2294c3c9b6.json │ │ │ ├── attack-pattern--41d9846c-f6af-4302-a654-24bba2729bc6.json │ │ │ ├── attack-pattern--42e8de7b-37b2-4258-905a-6897815e58e0.json │ │ │ ├── attack-pattern--42fe883a-21ea-4cfb-b94a-78b6476dcc83.json │ │ │ ├── attack-pattern--435dfb86-2697-4867-85b5-2fef496c0517.json │ │ │ ├── attack-pattern--43881e51-ac74-445b-b4c6-f9f9e9bf23fe.json │ │ │ ├── attack-pattern--43ba2b05-cf72-4b6c-8243-03a4aba41ee0.json │ │ │ ├── attack-pattern--43e7dc91-05b2-474c-b9ac-2ed4fe101f4d.json │ │ │ ├── attack-pattern--451a9977-d255-43c9-b431-66de80130c8c.json │ │ │ ├── attack-pattern--457c7820-d331-465a-915e-42f85500ccc4.json │ │ │ ├── attack-pattern--46d818a5-67fa-4585-a7fc-ecf15376c8d5.json │ │ │ ├── attack-pattern--47f2d673-ca62-47e9-929b-1b0be9657611.json │ │ │ ├── attack-pattern--493832d9-cea6-4b63-abe7-9a65a6473675.json │ │ │ ├── attack-pattern--4ab929c6-ee2d-4fb5-aab4-b14be2ed7179.json │ │ │ ├── attack-pattern--4ae4f953-fe58-4cc8-a327-33257e30a830.json │ │ │ ├── attack-pattern--4bc31b94-045b-4752-8920-aebaebdb6470.json │ │ │ ├── attack-pattern--4bed873f-0b7d-41d4-b93a-b6905d1f90b0.json │ │ │ ├── attack-pattern--4c2e1408-9d68-4187-8e6b-a77bc52700ec.json │ │ │ ├── attack-pattern--4cbc6a62-9e34-4f94-8a19-5c1a11392a49.json │ │ │ ├── attack-pattern--4d2a5b3e-340d-4600-9123-309dd63c9bf8.json │ │ │ ├── attack-pattern--4e6620ac-c30c-4f6d-918e-fa20cae7c1ce.json │ │ │ ├── attack-pattern--4eb28bed-d11a-4641-9863-c2ac017d910a.json │ │ │ ├── attack-pattern--4eeaf8a9-c86b-4954-a663-9555fb406466.json │ │ │ ├── attack-pattern--4f9ca633-15c5-463c-9724-bdcd54fde541.json │ │ │ ├── attack-pattern--4fd8a28b-4b3a-4cd6-a8cf-85ba5f824a7f.json │ │ │ ├── attack-pattern--4fe28b27-b13c-453e-a386-c2ef362a573b.json │ │ │ ├── attack-pattern--4ff5d6a8-c062-4c68-a778-36fc5edd564f.json │ │ │ ├── attack-pattern--4ffc1794-ec3b-45be-9e52-42dbcb2af2de.json │ │ │ ├── attack-pattern--5095a853-299c-4876-abd7-ac0050fb5462.json │ │ │ ├── attack-pattern--50d3222f-7550-4a3c-94e1-78cb6c81d064.json │ │ │ ├── attack-pattern--51a14c76-dd3b-440b-9c20-2bf91d25a814.json │ │ │ ├── attack-pattern--51e54974-a541-4fb6-a61b-0518e4c6de41.json │ │ │ ├── attack-pattern--51ea26b1-ff1e-4faa-b1a0-1114cd298c87.json │ │ │ ├── attack-pattern--52651225-0b3a-482d-aa7e-10618fd063b5.json │ │ │ ├── attack-pattern--52759bf1-fe12-4052-ace6-c5b0cf7dd7fd.json │ │ │ ├── attack-pattern--5282dd9a-d26d-4e16-88b7-7c0f4553daf4.json │ │ │ ├── attack-pattern--52eff1c7-dd30-4121-b762-24ae6fa61bbb.json │ │ │ ├── attack-pattern--53263a67-075e-48fa-974b-91c5b5445db7.json │ │ │ ├── attack-pattern--5372c5fe-f424-4def-bcd5-d3a8e770f07b.json │ │ │ ├── attack-pattern--537ea573-8a1c-468c-956b-d16d2ed9d067.json │ │ │ ├── attack-pattern--539d0484-fe95-485a-b654-86991c0d0d00.json │ │ │ ├── attack-pattern--53a26eee-1080-4d17-9762-2027d5a1b805.json │ │ │ ├── attack-pattern--53a48c74-0025-45f4-b04a-baa853df8204.json │ │ │ ├── attack-pattern--53ac20cd-aca3-406e-9aa0-9fc7fdc60a5a.json │ │ │ ├── attack-pattern--543fceb5-cb92-40cb-aacf-6913d4db58bc.json │ │ │ ├── attack-pattern--544b0346-29ad-41e1-a808-501bb4193f47.json │ │ │ ├── attack-pattern--54a649ff-439a-41a4-9856-8d144a2551ba.json │ │ │ ├── attack-pattern--54b4c251-1f0e-4eba-ba6b-dbc7a6f6f06b.json │ │ │ ├── attack-pattern--5502c4e9-24ef-4d5f-8ee9-9e906c2f82c4.json │ │ │ ├── attack-pattern--55fc4df0-b42c-479a-b860-7a6761bcaad0.json │ │ │ ├── attack-pattern--564998d8-ab3e-4123-93fb-eccaa6b9714a.json │ │ │ ├── attack-pattern--56ddc820-6cfb-407f-850b-52c035d123ac.json │ │ │ ├── attack-pattern--57340c81-c025-4189-8fa0-fc7ede51bae4.json │ │ │ ├── attack-pattern--573ad264-1371-4ae0-8482-d2673b719dba.json │ │ │ ├── attack-pattern--57a3d31a-d04f-4663-b2da-7df8ec3f8c9d.json │ │ │ ├── attack-pattern--58a3e6aa-4453-4cc8-a51f-4befe80b31a8.json │ │ │ ├── attack-pattern--58af3705-8740-4c68-9329-ec015a7013c2.json │ │ │ ├── attack-pattern--5909f20f-3c39-4795-be06-ef1ea40d350b.json │ │ │ ├── attack-pattern--59bd0dec-f8b2-4b9a-9141-37a1e6899761.json │ │ │ ├── attack-pattern--5a2610f6-9fff-41e1-bc27-575ca20383d4.json │ │ │ ├── attack-pattern--5b0ad6f8-6a16-4966-a4ef-d09ea6e2a9f5.json │ │ │ ├── attack-pattern--5bfccc3f-2326-4112-86cc-c1ece9d8a2b5.json │ │ │ ├── attack-pattern--5d0d3609-d06d-49e1-b9c9-b544e0c618cb.json │ │ │ ├── attack-pattern--5d2be8b9-d24c-4e98-83bf-2f5f79477163.json │ │ │ ├── attack-pattern--5e0f75da-e108-4688-a6de-a4f07cc2cbe3.json │ │ │ ├── attack-pattern--5e4a2073-9643-44cb-a0b5-e7f4048446c7.json │ │ │ ├── attack-pattern--5f3da2f3-91c8-4d8b-a02f-bf43a11def55.json │ │ │ ├── attack-pattern--5fa00fdd-4a55-4191-94a0-564181d7fec2.json │ │ │ ├── attack-pattern--60623164-ccd8-4508-a141-b5a34820b3de.json │ │ │ ├── attack-pattern--60b508a1-6a5e-46b1-821a-9f7b78752abf.json │ │ │ ├── attack-pattern--60c4b628-4807-4b0b-bbf5-fdac8643c337.json │ │ │ ├── attack-pattern--60d0c01d-e2bf-49dd-a453-f8a9c9fa6f65.json │ │ │ ├── attack-pattern--613d08bc-e8f4-4791-80b0-c8b974340dfd.json │ │ │ ├── attack-pattern--6151cbea-819b-455a-9fa6-99a1cc58797d.json │ │ │ ├── attack-pattern--61afc315-860c-4364-825d-0d62b2e91edc.json │ │ │ ├── attack-pattern--62adb627-f647-498e-b4cc-41499361bacb.json │ │ │ ├── attack-pattern--63220765-d418-44de-8fae-694b3912317d.json │ │ │ ├── attack-pattern--633a100c-b2c9-41bf-9be5-905c1b16c825.json │ │ │ ├── attack-pattern--633baf01-6de4-4963-bb54-ff6c6357bed3.json │ │ │ ├── attack-pattern--635cbe30-392d-4e27-978e-66774357c762.json │ │ │ ├── attack-pattern--63b6942d-8359-4506-bfb3-cf87aa8120ee.json │ │ │ ├── attack-pattern--64196062-5210-42c3-9a02-563a0d1797ef.json │ │ │ ├── attack-pattern--648f8051-1a35-46d3-b1d8-3a3f5cf2cc8e.json │ │ │ ├── attack-pattern--648f995e-9c3a-41e4-aeee-98bb41037426.json │ │ │ ├── attack-pattern--6495ae23-3ab4-43c5-a94f-5638a2c31fd2.json │ │ │ ├── attack-pattern--65013dd2-bc61-43e3-afb5-a14c4fa7437a.json │ │ │ ├── attack-pattern--650c784b-7504-4df7-ab2c-4ea882384d1e.json │ │ │ ├── attack-pattern--65917ae0-b854-4139-83fe-bf2441cf0196.json │ │ │ ├── attack-pattern--65f2d882-3f41-4d48-8a06-29af77ec9f90.json │ │ │ ├── attack-pattern--6636bc83-0611-45a6-b74f-1f3daf635b8e.json │ │ │ ├── attack-pattern--667e5707-3843-4da8-bd34-88b922526f0d.json │ │ │ ├── attack-pattern--6683aa0c-d98a-4f5b-ac57-ca7e9934a760.json │ │ │ ├── attack-pattern--67073dde-d720-45ae-83da-b12d5e73ca3b.json │ │ │ ├── attack-pattern--6747daa2-3533-4e78-8fb8-446ebb86448a.json │ │ │ ├── attack-pattern--67720091-eee3-4d2d-ae16-8264567f6f5b.json │ │ │ ├── attack-pattern--677569f9-a8b0-459e-ab24-7f18091fa7bf.json │ │ │ ├── attack-pattern--6831414d-bb70-42b7-8030-d4e06b2660c9.json │ │ │ ├── attack-pattern--6836813e-8ec8-4375-b459-abb388cb1a35.json │ │ │ ├── attack-pattern--68a0c5ed-bee2-4513-830d-5b0d650139bd.json │ │ │ ├── attack-pattern--692074ae-bb62-4a5e-a735-02cb6bde458c.json │ │ │ ├── attack-pattern--69b8fd78-40e8-4600-ae4d-662c9d7afdb3.json │ │ │ ├── attack-pattern--69e5226d-05dc-4f15-95d7-44f5ed78d06e.json │ │ │ ├── attack-pattern--69f897fd-12a9-4c89-ad6a-46d2f3c38262.json │ │ │ ├── attack-pattern--6a3f6490-9c44-40de-b059-e5940f246673.json │ │ │ ├── attack-pattern--6add2ab5-2711-4e9d-87c8-7a0be8531530.json │ │ │ ├── attack-pattern--6b57dc31-b814-4a03-8706-28bc20d739c4.json │ │ │ ├── attack-pattern--6c2957f9-502a-478c-b1dd-d626c0659413.json │ │ │ ├── attack-pattern--6c49d50f-494d-4150-b774-a655022d20a6.json │ │ │ ├── attack-pattern--6d4a7fb3-5a24-42be-ae61-6728a2b581f6.json │ │ │ ├── attack-pattern--6e3bd510-6b33-41a4-af80-2d80f3ee0071.json │ │ │ ├── attack-pattern--6e561441-8431-4773-a9b8-ccf28ef6a968.json │ │ │ ├── attack-pattern--6ee2dc99-91ad-4534-a7d8-a649358c331f.json │ │ │ ├── attack-pattern--6f86d346-f092-4abc-80df-8558a90c426a.json │ │ │ ├── attack-pattern--6faf650d-bf31-4eb4-802d-1000cf38efaf.json │ │ │ ├── attack-pattern--7007935a-a8a7-4c0b-bd98-4e85be8ed197.json │ │ │ ├── attack-pattern--702055ac-4e54-4ae9-9527-e23a38e0b160.json │ │ │ ├── attack-pattern--707399d6-ab3e-4963-9315-d9d3818cd6a0.json │ │ │ ├── attack-pattern--70857657-bd0b-4695-ad3e-b13f92cac1b4.json │ │ │ ├── attack-pattern--70d81154-b187-45f9-8ec5-295d01255979.json │ │ │ ├── attack-pattern--70e52b04-2a0c-4cea-9d18-7149f1df9dc5.json │ │ │ ├── attack-pattern--72b74d71-8169-42aa-92e0-e7b04b9f5a08.json │ │ │ ├── attack-pattern--731f4f55-b6d0-41d1-a7a9-072a66389aea.json │ │ │ ├── attack-pattern--7374ab87-0782-41f8-b415-678c0950bb2a.json │ │ │ ├── attack-pattern--7385dfaf-6886-4229-9ecd-6fd678040830.json │ │ │ ├── attack-pattern--73c26732-6422-4081-8b63-6d0ae93d449e.json │ │ │ ├── attack-pattern--74d2a63f-3c7b-4852-92da-02d8fbab16da.json │ │ │ ├── attack-pattern--7610cada-1499-41a4-b3dd-46467b68d177.json │ │ │ ├── attack-pattern--76551c52-b111-4884-bc47-ff3e728f0156.json │ │ │ ├── attack-pattern--767dbf9e-df3f-45cb-8998-4903ab5f80c0.json │ │ │ ├── attack-pattern--768dce68-8d0d-477a-b01d-0eea98b963a1.json │ │ │ ├── attack-pattern--76c12fc8-a4eb-45d6-a3b7-e371a7248f69.json │ │ │ ├── attack-pattern--774a3188-6ba9-4dc4-879d-d54ee48a5ce9.json │ │ │ ├── attack-pattern--774ad5bb-2366-4c13-a8a9-65e50b292e7c.json │ │ │ ├── attack-pattern--77532a55-c283-4cd2-bc5d-2d0b65e9d88c.json │ │ │ ├── attack-pattern--77e30eee-fd48-40b4-99ec-73e97c158b58.json │ │ │ ├── attack-pattern--77eae145-55db-4519-8ae5-77b0c7215d69.json │ │ │ ├── attack-pattern--7807d3a4-a885-4639-a786-c1ed41484970.json │ │ │ ├── attack-pattern--7830cfcf-b268-4ac0-a69e-73c6affbae9a.json │ │ │ ├── attack-pattern--786f488c-cb1f-4602-89c5-86d982ee326b.json │ │ │ ├── attack-pattern--791481f8-e96a-41be-b089-a088763083d4.json │ │ │ ├── attack-pattern--799ace7f-e227-4411-baa0-8868704f2a69.json │ │ │ ├── attack-pattern--79a4052e-1a89-4b09-aea6-51f1d11fe19c.json │ │ │ ├── attack-pattern--79a47ad0-fc3b-4821-9f01-a026b1ddba21.json │ │ │ ├── attack-pattern--79da0971-3147-4af6-a4f5-e8cd447cd795.json │ │ │ ├── attack-pattern--79eec66a-9bd0-4a3f-ac82-19159e94bd44.json │ │ │ ├── attack-pattern--7ad38ef1-381a-406d-872a-38b136eb5ecc.json │ │ │ ├── attack-pattern--7b211ac6-c815-4189-93a9-ab415deca926.json │ │ │ ├── attack-pattern--7bc57495-ea59-4380-be31-a64af124ef18.json │ │ │ ├── attack-pattern--7bd9c723-2f78-4309-82c5-47cad406572b.json │ │ │ ├── attack-pattern--7bdca9d5-d500-4d7d-8c52-5fd47baf4c0c.json │ │ │ ├── attack-pattern--7c0f17c9-1af6-4628-9cbd-9e45482dd605.json │ │ │ ├── attack-pattern--7c46b364-8496-4234-8a56-f7e6727e21e1.json │ │ │ ├── attack-pattern--7d57b371-10c2-45e5-b3cc-83a8fb380e4c.json │ │ │ ├── attack-pattern--7d77a07d-02fe-4e88-8bd9-e9c008c01bf0.json │ │ │ ├── attack-pattern--7dd95ff6-712e-4056-9626-312ea4ab4c5e.json │ │ │ ├── attack-pattern--7e150503-88e7-4861-866b-ff1ac82c4475.json │ │ │ ├── attack-pattern--7e3beebd-8bfe-4e7b-a892-e44ab06a75f9.json │ │ │ ├── attack-pattern--7efba77e-3bc4-4ca5-8292-d8201dcd64b5.json │ │ │ ├── attack-pattern--7f0ca133-88c4-40c6-a62f-b3083a7fbc2e.json │ │ │ ├── attack-pattern--806a49c4-970d-43f9-9acc-ac0ee11e6662.json │ │ │ ├── attack-pattern--808e6329-ca91-4b87-ac2d-8eadc5f8f327.json │ │ │ ├── attack-pattern--81033c3b-16a4-46e4-8fed-9b030dd03c4a.json │ │ │ ├── attack-pattern--810aa4ad-61c9-49cb-993f-daa06199421d.json │ │ │ ├── attack-pattern--810d8072-afb6-4a56-9ee7-86379ac4a6f3.json │ │ │ ├── attack-pattern--818302b2-d640-477b-bf88-873120ce85c4.json │ │ │ ├── attack-pattern--8187bd2a-866f-4457-9009-86b0ddedffa3.json │ │ │ ├── attack-pattern--8197f026-64da-4700-93b9-b55ba55f3b31.json │ │ │ ├── attack-pattern--82caa33e-d11a-433a-94ea-9b5a5fbef81d.json │ │ │ ├── attack-pattern--82f04b1e-5371-4a6f-be06-411f0f43b483.json │ │ │ ├── attack-pattern--830c9528-df21-472c-8c14-a036bf17d665.json │ │ │ ├── attack-pattern--837f9164-50af-4ac0-8219-379d8a74cefc.json │ │ │ ├── attack-pattern--83a766f8-1501-4b3a-a2de-2e2849e8dfc1.json │ │ │ ├── attack-pattern--83ebd22f-b401-4d59-8219-2294172cf916.json │ │ │ ├── attack-pattern--840a987a-99bd-4a80-a5c9-0cb2baa6cade.json │ │ │ ├── attack-pattern--84e02621-8fdf-470f-bd58-993bb6a89d91.json │ │ │ ├── attack-pattern--8535b71e-3c12-4258-a4ab-40257a1becc4.json │ │ │ ├── attack-pattern--853c4192-4311-43e1-bfbb-b11b14911852.json │ │ │ ├── attack-pattern--85a45294-08f1-4539-bf00-7da08aa7b0ee.json │ │ │ ├── attack-pattern--861b8fd2-57f3-4ee1-ab5d-c19c3b8c7a4a.json │ │ │ ├── attack-pattern--86850eff-2729-40c3-b85e-c4af26da4a2d.json │ │ │ ├── attack-pattern--86a96bf6-cf8b-411c-aaeb-8959944d64f7.json │ │ │ ├── attack-pattern--8868cb5b-d575-4a60-acb2-07d37389a2fd.json │ │ │ ├── attack-pattern--88932a8c-3a17-406f-9431-1da3ff19f6d6.json │ │ │ ├── attack-pattern--88d31120-5bc7-4ce3-a9c0-7cf147be8e54.json │ │ │ ├── attack-pattern--890c9858-598c-401d-a4d5-c67ebcdd703a.json │ │ │ ├── attack-pattern--8982a661-d84c-48c0-b4ec-1db29c6cf3bc.json │ │ │ ├── attack-pattern--8a2f40cf-8325-47f9-96e4-b1ca4c7389bd.json │ │ │ ├── attack-pattern--8bb4538f-f16f-49f0-a431-70b5444c7349.json │ │ │ ├── attack-pattern--8c32eb4d-805f-4fc5-bf60-c4d476c131b5.json │ │ │ ├── attack-pattern--8c41090b-aa47-4331-986b-8c9a51a91103.json │ │ │ ├── attack-pattern--8c4aef43-48d5-49aa-b2af-c0cd58d30c3d.json │ │ │ ├── attack-pattern--8c7862ff-3449-4ac6-b0fd-ac1298a822a5.json │ │ │ ├── attack-pattern--8cdeb020-e31e-4f88-a582-f53dcfbda819.json │ │ │ ├── attack-pattern--8d2f3bab-507c-4424-b58b-edc977bd215c.json │ │ │ ├── attack-pattern--8d7bd4f5-3a89-4453-9c82-2c8894d5655e.json │ │ │ ├── attack-pattern--8e27551a-5080-4148-a584-c64348212e4f.json │ │ │ ├── attack-pattern--8e350c1d-ac79-4b5c-bd4e-7476d7e84ec5.json │ │ │ ├── attack-pattern--8e7089d3-fba2-44f8-94a8-9a79c53920c4.json │ │ │ ├── attack-pattern--8f0e39c6-82c9-41ec-9f93-5696c0f2e274.json │ │ │ ├── attack-pattern--8f104855-e5b7-4077-b1f5-bc3103b41abe.json │ │ │ ├── attack-pattern--8f4a33ec-8b1f-4b80-a2f6-642b2e479580.json │ │ │ ├── attack-pattern--8f504411-cb96-4dac-a537-8d2bb7679c59.json │ │ │ ├── attack-pattern--8faedf87-dceb-4c35-b2a2-7286f59a3bc3.json │ │ │ ├── attack-pattern--910906dd-8c0a-475a-9cc1-5e029e2fad58.json │ │ │ ├── attack-pattern--91177e6d-b616-4a03-ba4b-f3b32f7dda75.json │ │ │ ├── attack-pattern--91541e7e-b969-40c6-bbd8-1b5352ec2938.json │ │ │ ├── attack-pattern--92a78814-b191-47ca-909c-1ccfe3777414.json │ │ │ ├── attack-pattern--92d7da27-2d91-488e-a00c-059dc162766d.json │ │ │ ├── attack-pattern--93591901-3172-4e94-abf8-6034ab26f44a.json │ │ │ ├── attack-pattern--937e4772-8441-4e4a-8bf0-8d447d667e23.json │ │ │ ├── attack-pattern--948a447c-d783-4ba0-8516-a64140fcacd5.json │ │ │ ├── attack-pattern--94cb00a4-b295-4d06-aa2b-5653b9c1be9c.json │ │ │ ├── attack-pattern--94f042ae-3033-4a8d-9ec3-26396533a541.json │ │ │ ├── attack-pattern--960c3c86-1480-4d72-b4e0-8c242e84a5c5.json │ │ │ ├── attack-pattern--970a3432-3237-47ad-bcca-7d8cbb217736.json │ │ │ ├── attack-pattern--98034fef-d9fb-4667-8dc4-2eab6231724c.json │ │ │ ├── attack-pattern--98be40f2-c86b-4ade-b6fc-4964932040e5.json │ │ │ ├── attack-pattern--99e6295e-741b-4857-b6e5-64989eb039b4.json │ │ │ ├── attack-pattern--9a505987-ab05-4f46-a9a6-6441442eec3b.json │ │ │ ├── attack-pattern--9a60a291-8960-4387-8a4a-2ab5c18bb50b.json │ │ │ ├── attack-pattern--9c306d8d-cde7-4b4c-b6e8-d0bb16caca36.json │ │ │ ├── attack-pattern--9c45eaa3-8604-4780-8988-b5074dbb9ecd.json │ │ │ ├── attack-pattern--9c99724c-a483-4d60-ad9d-7f004e42e8e8.json │ │ │ ├── attack-pattern--9d48cab2-7929-4812-ad22-f536665f0109.json │ │ │ ├── attack-pattern--9d7c32f4-ab39-49dc-8055-8106bc2294a1.json │ │ │ ├── attack-pattern--9db0cf3a-a3c9-4012-8268-123b9db6fd82.json │ │ │ ├── attack-pattern--9e7452df-5144-4b6e-b04a-b66dd4016747.json │ │ │ ├── attack-pattern--9e8b28c9-35fe-48ac-a14d-e6cc032dcbcd.json │ │ │ ├── attack-pattern--9efb1ea7-c37b-4595-9640-b7680cd84279.json │ │ │ ├── attack-pattern--9f947a1c-3860-48a8-8af0-a2dfa3efde03.json │ │ │ ├── attack-pattern--9fa07bef-9c81-421e-a8e5-ad4366c5a925.json │ │ │ ├── attack-pattern--a009cb25-4801-4116-9105-80a91cf15c1b.json │ │ │ ├── attack-pattern--a01bf75f-00b2-4568-a58f-565ff9bf202b.json │ │ │ ├── attack-pattern--a0464539-e1b7-4455-a355-12495987c300.json │ │ │ ├── attack-pattern--a0e6614a-7740-4b24-bd65-f1bde09fc365.json │ │ │ ├── attack-pattern--a10641f4-87b4-45a3-a906-92a149cb2c27.json │ │ │ ├── attack-pattern--a19e86f8-1c0a-4fea-8407-23b73d615776.json │ │ │ ├── attack-pattern--a1b52199-c8c5-438a-9ded-656f1d0888c6.json │ │ │ ├── attack-pattern--a2029942-0a85-4947-b23c-ca434698171d.json │ │ │ ├── attack-pattern--a2fdce72-04b2-409a-ac10-cc1695f4fce0.json │ │ │ ├── attack-pattern--a3e1e6c5-9c74-4fc0-a16c-a9d228c17829.json │ │ │ ├── attack-pattern--a51eb150-93b1-484b-a503-e51453b127a4.json │ │ │ ├── attack-pattern--a542bac9-7bc1-4da7-9a09-96f69e23cc21.json │ │ │ ├── attack-pattern--a5de0540-73e7-4c67-96da-4143afedc7ed.json │ │ │ ├── attack-pattern--a62a8db3-f23a-4d8f-afd6-9dbc77e7813b.json │ │ │ ├── attack-pattern--a64a820a-cb21-471f-920c-506a2ff04fa5.json │ │ │ ├── attack-pattern--a6557c75-798f-42e4-be70-ab4502e0a3bc.json │ │ │ ├── attack-pattern--a6937325-9321-4e2e-bb2b-3ed2d40b2a9d.json │ │ │ ├── attack-pattern--a750a9f6-0bde-4bb3-9aae-1e2786e9780c.json │ │ │ ├── attack-pattern--a782ebe2-daba-42c7-bc82-e8e9d923162d.json │ │ │ ├── attack-pattern--a81696ef-c106-482c-8f80-59c30f2569fb.json │ │ │ ├── attack-pattern--a8c31121-852b-46bd-9ba4-674ae5afe7ad.json │ │ │ ├── attack-pattern--a8cfd474-9358-464f-a169-9c6f099a8e8a.json │ │ │ ├── attack-pattern--a93494bb-4b80-4ea1-8695-3236a49916fd.json │ │ │ ├── attack-pattern--a93ccb8f-3996-42e2-b7c7-bb599d4e205f.json │ │ │ ├── attack-pattern--a9d4b653-6915-42af-98b2-5758c4ceee56.json │ │ │ ├── attack-pattern--a9e2cea0-c805-4bf8-9e31-f5f0513a3634.json │ │ │ ├── attack-pattern--ab390887-afc0-4715-826d-b1b167d522ae.json │ │ │ ├── attack-pattern--abb0a255-eb9c-48d0-8f5c-874bb84c0e45.json │ │ │ ├── attack-pattern--ac08589e-ee59-4935-8667-d845e38fe579.json │ │ │ ├── attack-pattern--ac9e6b22-11bf-45d7-9181-c1cb08360931.json │ │ │ ├── attack-pattern--acd0ba37-7ba9-4cc5-ac61-796586cd856d.json │ │ │ ├── attack-pattern--ad255bfe-a9e6-4b52-a258-8d3462abe842.json │ │ │ ├── attack-pattern--ae62fe1a-ea1a-479b-8dc0-65d250bd8bc7.json │ │ │ ├── attack-pattern--ae676644-d2d2-41b7-af7e-9bed1b55898c.json │ │ │ ├── attack-pattern--ae797531-3219-49a4-bccf-324ad7a4c7b2.json │ │ │ ├── attack-pattern--ae7f3575-0a5e-427e-991b-fe03ad44c754.json │ │ │ ├── attack-pattern--aedfca76-3b30-4866-b2aa-0f1d7fd1e4b6.json │ │ │ ├── attack-pattern--b0533c6e-8fea-4788-874f-b799cacc4b92.json │ │ │ ├── attack-pattern--b0628bfc-5376-4a38-9182-f324501cb4cf.json │ │ │ ├── attack-pattern--b14395bd-5419-4ef4-9bd8-696936f509bb.json │ │ │ ├── attack-pattern--b17a1a56-e99c-403c-8948-561df0cffe81.json │ │ │ ├── attack-pattern--b18eae87-b469-4e14-b454-b171b416bc18.json │ │ │ ├── attack-pattern--b1ccd744-3f78-4a0e-9bb2-2002057f7928.json │ │ │ ├── attack-pattern--b200542e-e877-4395-875b-cf1a44537ca4.json │ │ │ ├── attack-pattern--b21c3b2d-02e6-45b1-980b-e69051040839.json │ │ │ ├── attack-pattern--b24e2a20-3b3d-4bf0-823b-1ed765398fb0.json │ │ │ ├── attack-pattern--b2d03cea-aec1-45ca-9744-9ee583c1e1cc.json │ │ │ ├── attack-pattern--b327a9c0-e709-495c-aa6e-00b042136e2b.json │ │ │ ├── attack-pattern--b332a960-3c04-495a-827f-f17a5daed3a6.json │ │ │ ├── attack-pattern--b3c2e5de-0941-4b57-ba61-af029eb5517a.json │ │ │ ├── attack-pattern--b3d682b6-98f2-4fb0-aa3b-b4df007ca70a.json │ │ │ ├── attack-pattern--b4694861-542c-48ea-9eb1-10d356e7140a.json │ │ │ ├── attack-pattern--b4b7458f-81f2-4d38-84be-1c5ba0167a52.json │ │ │ ├── attack-pattern--b5327dd1-6bf9-4785-a199-25bcbd1f4a9d.json │ │ │ ├── attack-pattern--b5b9bacb-97f2-4249-b804-47fd44de1f95.json │ │ │ ├── attack-pattern--b6075259-dba3-44e9-87c7-e954f37ec0d5.json │ │ │ ├── attack-pattern--b6301b64-ef57-4cce-bb0b-77026f14a8db.json │ │ │ ├── attack-pattern--b63a34e8-0a61-4c97-a23b-bf8a2ed812e2.json │ │ │ ├── attack-pattern--b77cf5f3-6060-475d-bd60-40ccbf28fdc2.json │ │ │ ├── attack-pattern--b7dc639b-24cd-482d-a7f1-8897eda21023.json │ │ │ ├── attack-pattern--b7e13ee8-182c-4f19-92a4-a88d7d855d54.json │ │ │ ├── attack-pattern--b8017880-4b1e-42de-ad10-ae7ac6705166.json │ │ │ ├── attack-pattern--b80d107d-fa0d-4b60-9684-b0433e8bdba0.json │ │ │ ├── attack-pattern--b83e166d-13d7-4b52-8677-dff90c548fd7.json │ │ │ ├── attack-pattern--b84903f0-c7d5-435d-a69e-de47cc3578c0.json │ │ │ ├── attack-pattern--b85f6ce5-81e8-4f36-aff2-3df9d02a9c9d.json │ │ │ ├── attack-pattern--b8902400-e6c5-4ba2-95aa-2d35b442b118.json │ │ │ ├── attack-pattern--b8cfed42-6a8a-4989-ad72-541af74475ec.json │ │ │ ├── attack-pattern--b9160e77-ea9e-4ba9-b1c8-53a3c466b13d.json │ │ │ ├── attack-pattern--b97f1d35-4249-4486-a6b5-ee60ccf24fab.json │ │ │ ├── attack-pattern--ba203963-3182-41ac-af14-7e7ebc83cd61.json │ │ │ ├── attack-pattern--baf60e1a-afe5-4d31-830f-1b1ba2351884.json │ │ │ ├── attack-pattern--bb5a00de-e086-4859-a231-fa793f6797e2.json │ │ │ ├── attack-pattern--bbc3cba7-84ae-410d-b18b-16750731dfa2.json │ │ │ ├── attack-pattern--bbe5b322-e2af-4a5e-9625-a4e62bf84ed3.json │ │ │ ├── attack-pattern--bc0f5e80-91c0-4e04-9fbb-e4e332c85dae.json │ │ │ ├── attack-pattern--bc76d0a4-db11-4551-9ac4-01a469cfb161.json │ │ │ ├── attack-pattern--bd369cd9-abb8-41ce-b5bb-fff23ee86c00.json │ │ │ ├── attack-pattern--bd4d32f5-eed4-4018-a649-40b229dd1d69.json │ │ │ ├── attack-pattern--bd5b58a4-a52d-4a29-bc0d-3f1d3968eb6b.json │ │ │ ├── attack-pattern--be055942-6e63-49d7-9fa1-9cb7d8a8f3f4.json │ │ │ ├── attack-pattern--be2dcee9-a7a7-4e38-afd6-21b31ecc3d63.json │ │ │ ├── attack-pattern--be69c571-d746-4b1f-bdd0-c0c9817e9068.json │ │ │ ├── attack-pattern--bf147104-abf9-4221-95d1-e81585859441.json │ │ │ ├── attack-pattern--bf176076-b789-408e-8cba-7275e81c0ada.json │ │ │ ├── attack-pattern--bf1b6176-597c-4600-bfcd-ac989670f96b.json │ │ │ ├── attack-pattern--bf90d72c-c00b-45e3-b3aa-68560560d4c5.json │ │ │ ├── attack-pattern--bf96a5a3-3bce-43b7-8597-88545984c07b.json │ │ │ ├── attack-pattern--c0dfe7b0-b873-4618-9ff8-53e31f70907f.json │ │ │ ├── attack-pattern--c21d5a77-d422-4a69-acd7-2c53c1faa34b.json │ │ │ ├── attack-pattern--c267bbee-bb59-47fe-85e0-3ed210337c21.json │ │ │ ├── attack-pattern--c2e147a9-d1a8-4074-811a-d8789202d916.json │ │ │ ├── attack-pattern--c2f59d25-87fe-44aa-8f83-e8e59d077bf5.json │ │ │ ├── attack-pattern--c325b232-d5bc-4dde-a3ec-71f3db9e8adc.json │ │ │ ├── attack-pattern--c32f7008-9fea-41f7-8366-5eb9b74bd896.json │ │ │ ├── attack-pattern--c3888c54-775d-4b2f-b759-75a2ececcbfd.json │ │ │ ├── attack-pattern--c3c8c916-2f3c-4e71-94b2-240bdfc996f0.json │ │ │ ├── attack-pattern--c3d4bdd9-2cfe-4a80-9d0c-07a29ecdce8f.json │ │ │ ├── attack-pattern--c48a67ee-b657-45c1-91bf-6cdbe27205f8.json │ │ │ ├── attack-pattern--c4b96c0b-cb58-497a-a1c2-bb447d79d692.json │ │ │ ├── attack-pattern--c5089859-b21f-40a3-8be4-63e381b8b1c0.json │ │ │ ├── attack-pattern--c5e3cdbc-0387-4be9-8f83-ff5c0865f377.json │ │ │ ├── attack-pattern--c615231b-f253-4f58-9d47-d5b4cbdb6839.json │ │ │ ├── attack-pattern--c63a348e-ffc2-486a-b9d9-d7f11ec54d99.json │ │ │ ├── attack-pattern--c675646d-e204-4aa8-978d-e3d6d65885c4.json │ │ │ ├── attack-pattern--c6a146ae-9c63-4606-97ff-e261e76e8380.json │ │ │ ├── attack-pattern--c726e0a2-a57a-4b7b-a973-d0f013246617.json │ │ │ ├── attack-pattern--c898c4b5-bf36-4e6e-a4ad-5b8c4c13e35b.json │ │ │ ├── attack-pattern--c8e87b83-edbb-48d4-9295-4974897525b7.json │ │ │ ├── attack-pattern--c92e3d68-2349-49e4-a341-7edca2deff96.json │ │ │ ├── attack-pattern--ca9d3402-ada3-484d-876a-d717bd6e05f2.json │ │ │ ├── attack-pattern--cabe189c-a0e3-4965-a473-dcff00f17213.json │ │ │ ├── attack-pattern--cacc40da-4c9e-462c-80d5-fd70a178b12d.json │ │ │ ├── attack-pattern--cba37adb-d6fb-4610-b069-dd04c0643384.json │ │ │ ├── attack-pattern--cbb66055-0325-4111-aca0-40547b6ad5b0.json │ │ │ ├── attack-pattern--cc3502b5-30cc-4473-ad48-42d51a6ef6d1.json │ │ │ ├── attack-pattern--cc723aff-ec88-40e3-a224-5af9fd983cc4.json │ │ │ ├── attack-pattern--cc7b8c4e-9be0-47ca-b0bb-83915ec3ee2f.json │ │ │ ├── attack-pattern--cc89ecbd-3d33-4a41-bcca-001e702d18fd.json │ │ │ ├── attack-pattern--cca0ccb6-a068-4574-a722-b1556f86833a.json │ │ │ ├── attack-pattern--cd25c1b4-935c-4f0e-ba8d-552f28bc4783.json │ │ │ ├── attack-pattern--cd2c76a4-5e23-4ca5-9c40-d5e0604f7101.json │ │ │ ├── attack-pattern--cde2cb84-455e-410c-8aa9-086f2788bcd2.json │ │ │ ├── attack-pattern--cdfc5f0a-9bb9-4352-b896-553cfa2d8fd8.json │ │ │ ├── attack-pattern--ce0687a0-e692-4b77-964a-0784a8e54ff1.json │ │ │ ├── attack-pattern--ce4b7013-640e-48a9-b501-d0025a95f4bf.json │ │ │ ├── attack-pattern--cf1c2504-433f-4c4e-a1f8-91de45a0318c.json │ │ │ ├── attack-pattern--cf28ca46-1fd3-46b4-b1f6-ec0b72361848.json │ │ │ ├── attack-pattern--d0613359-5781-4fd2-b5be-c269270be1f6.json │ │ │ ├── attack-pattern--d0b4fcdb-d67d-4ed2-99ce-788b12f8c0f4.json │ │ │ ├── attack-pattern--d10cbd34-42e3-45c0-84d2-535a09849584.json │ │ │ ├── attack-pattern--d13fa042-8f26-44e1-a2a8-af0bf8e2ac9a.json │ │ │ ├── attack-pattern--d157f9d2-d09a-4efa-bb2a-64963f94e253.json │ │ │ ├── attack-pattern--d1f1337e-aea7-454c-86bd-482a98ffaf62.json │ │ │ ├── attack-pattern--d1fcf083-a721-4223-aedf-bf8960798d62.json │ │ │ ├── attack-pattern--d201d4cc-214d-4a74-a1ba-b3fa09fd4591.json │ │ │ ├── attack-pattern--d245808a-7086-4310-984a-a84aaaa43f8f.json │ │ │ ├── attack-pattern--d273434a-448e-4598-8e14-607f4a0d5e27.json │ │ │ ├── attack-pattern--d28ef391-8ed4-45dc-bc4a-2f43abf54416.json │ │ │ ├── attack-pattern--d2e112dc-f6d4-488d-b8df-ecbfb57a0a2d.json │ │ │ ├── attack-pattern--d3bc5020-f6a2-41c0-8ccb-5e563101b60c.json │ │ │ ├── attack-pattern--d40239b3-05ff-46d8-9bdd-b46d13463ef9.json │ │ │ ├── attack-pattern--d4536441-1bcc-49fa-80ae-a596ed3f7ffd.json │ │ │ ├── attack-pattern--d456de47-a16f-4e46-8980-e67478a12dcb.json │ │ │ ├── attack-pattern--d45a3d09-b3cf-48f4-9f0f-f521ee5cb05c.json │ │ │ ├── attack-pattern--d467bc38-284b-4a00-96ac-125f447799fc.json │ │ │ ├── attack-pattern--d4b96d2c-1032-4b22-9235-2b5b649d0605.json │ │ │ ├── attack-pattern--d4bdbdea-eaec-4071-b4f9-5105e12ea4b6.json │ │ │ ├── attack-pattern--d5a69cfb-fc2a-46cb-99eb-74b236db5061.json │ │ │ ├── attack-pattern--d614a9cf-18eb-4800-81e4-ab8ddf0baa73.json │ │ │ ├── attack-pattern--d63a3fb8-9452-4e9d-a60a-54be68d5998c.json │ │ │ ├── attack-pattern--d67adac8-e3b9-44f9-9e6d-6c2a7d69dbe4.json │ │ │ ├── attack-pattern--d731c21e-f27d-4756-b418-0e2aaabd6d63.json │ │ │ ├── attack-pattern--d742a578-d70e-4d0e-96a6-02a9c30204e6.json │ │ │ ├── attack-pattern--d74c4a7e-ffbf-432f-9365-7ebf1f787cab.json │ │ │ ├── attack-pattern--d8940e76-f9c1-4912-bea6-e21c251370b6.json │ │ │ ├── attack-pattern--d9db3d46-66ca-44b4-9daa-1ef97cb7465a.json │ │ │ ├── attack-pattern--d9e88203-2b5d-405f-a406-2933b1e3d7e4.json │ │ │ ├── attack-pattern--db8f5003-3b20-48f0-9b76-123e44208120.json │ │ │ ├── attack-pattern--dc31fe1e-d722-49da-8f5f-92c7b5aff534.json │ │ │ ├── attack-pattern--dca670cf-eeec-438f-8185-fd959d9ef211.json │ │ │ ├── attack-pattern--dcaa092b-7de9-4a21-977f-7fcb77e89c48.json │ │ │ ├── attack-pattern--dd43c543-bb85-4a6f-aa6e-160d90d06a49.json │ │ │ ├── attack-pattern--dd818ea5-adf5-41c7-93b5-f3b839a219fb.json │ │ │ ├── attack-pattern--deb98323-e13f-4b0c-8d94-175379069062.json │ │ │ ├── attack-pattern--df8b2a25-8bdf-4856-953c-a04372b1c161.json │ │ │ ├── attack-pattern--dfd7cc1d-e1d8-4394-a198-97c4cab8aa67.json │ │ │ ├── attack-pattern--dfe29258-ce59-421c-9dee-e85cb9fa90cd.json │ │ │ ├── attack-pattern--dfebc3b7-d19d-450b-81c7-6dafe4184c04.json │ │ │ ├── attack-pattern--dfefe2ed-4389-4318-8762-f0272b350a1b.json │ │ │ ├── attack-pattern--e0033c16-a07e-48aa-8204-7c3ca669998c.json │ │ │ ├── attack-pattern--e01be9c5-e763-4caf-aeb7-000b416aef67.json │ │ │ ├── attack-pattern--e076cca8-2f08-45c9-aff7-ea5ac798b387.json │ │ │ ├── attack-pattern--e0d74479-86d2-465d-bf36-903ebecef43e.json │ │ │ ├── attack-pattern--e196b5c5-8118-4a1c-ab8a-936586ce3db5.json │ │ │ ├── attack-pattern--e1c912a9-e305-434b-9172-8a6ce3ec9c4a.json │ │ │ ├── attack-pattern--e24fcba8-2557-4442-a139-1ee2f2e784db.json │ │ │ ├── attack-pattern--e2994b6a-122b-4043-b654-7411c5198ec0.json │ │ │ ├── attack-pattern--e2ea7f6b-8d4f-49c3-819d-660530d12b77.json │ │ │ ├── attack-pattern--e33c7ecc-5a38-497f-beb2-a9a2049a4c20.json │ │ │ ├── attack-pattern--e358d692-23c0-4a31-9eb6-ecc13a8d7735.json │ │ │ ├── attack-pattern--e399430e-30b7-48c5-b70a-f44dc8c175cb.json │ │ │ ├── attack-pattern--e3a12395-188d-4051-9a16-ea8e14d07b88.json │ │ │ ├── attack-pattern--e3b168bd-fcd7-439e-9382-2e6c2f63514d.json │ │ │ ├── attack-pattern--e3b6daca-e963-4a69-aee6-ed4fd653ad58.json │ │ │ ├── attack-pattern--e3b936a4-6321-4172-9114-038a866362ec.json │ │ │ ├── attack-pattern--e49920b0-6c54-40c1-9571-73723653205f.json │ │ │ ├── attack-pattern--e49ee9d2-0d98-44ef-85e5-5d3100065744.json │ │ │ ├── attack-pattern--e4c347e9-fb91-4bc5-83b8-391e389131e2.json │ │ │ ├── attack-pattern--e51137a5-1cdc-499e-911a-abaedaa5ac86.json │ │ │ ├── attack-pattern--e5cc9e7a-e61a-46a1-b869-55fb6eab058e.json │ │ │ ├── attack-pattern--e5de767e-f513-41cd-aa15-33f6ce5fbf92.json │ │ │ ├── attack-pattern--e624264c-033a-424d-9fd7-fc9c3bbdb03e.json │ │ │ ├── attack-pattern--e6415f09-df0e-48de-9aba-928c902b7549.json │ │ │ ├── attack-pattern--e64c62cf-9cd7-4a14-94ec-cdaac43ab44b.json │ │ │ ├── attack-pattern--e6919abc-99f9-4c6c-95a5-14761e7b2add.json │ │ │ ├── attack-pattern--e6c31185-8040-4267-83d3-b217b8a92f07.json │ │ │ ├── attack-pattern--e72425f8-9ae6-41d3-bfdb-e1b865e60722.json │ │ │ ├── attack-pattern--e74de37c-a829-446c-937d-56a44f0e9306.json │ │ │ ├── attack-pattern--e7cbc1de-1f79-48ee-abfd-da1241c65a15.json │ │ │ ├── attack-pattern--e8b4e1ec-8e3b-484c-9038-4459b1ed8060.json │ │ │ ├── attack-pattern--ea016b56-ae0e-47fe-967a-cc0ad51af67f.json │ │ │ ├── attack-pattern--ea0c980c-5cf0-43a7-a049-59c4c207566e.json │ │ │ ├── attack-pattern--ead7bd34-186e-4c79-9a4d-b65bcce6ed9d.json │ │ │ ├── attack-pattern--eb062747-2193-45de-8fa2-e62549c37ddf.json │ │ │ ├── attack-pattern--eb125d40-0b2d-41ac-a71a-3229241c2cd3.json │ │ │ ├── attack-pattern--ebb42bbe-62d7-47d7-a55f-3b08b61d792d.json │ │ │ ├── attack-pattern--ebbe170d-aa74-4946-8511-9921243415a3.json │ │ │ ├── attack-pattern--ec4be82f-940c-4dcb-87fe-2bbdd17c692f.json │ │ │ ├── attack-pattern--ec8fc7e2-b356-455c-8db5-2e37be158e7d.json │ │ │ ├── attack-pattern--ed2c05a1-4f81-4d97-9e1b-aff01c34ae84.json │ │ │ ├── attack-pattern--ed2e45f9-d338-4eb2-8ce5-3a2e03323bc1.json │ │ │ ├── attack-pattern--ed730f20-0e44-48b9-85f8-0e2adeb76867.json │ │ │ ├── attack-pattern--ed7efd4d-ce28-4a19-a8e6-c58011eb2c7a.json │ │ │ ├── attack-pattern--edadea33-549c-4ed1-9783-8f5a5853cbdf.json │ │ │ ├── attack-pattern--edf91964-b26e-4b4a-9600-ccacd7d7df24.json │ │ │ ├── attack-pattern--ee7ff928-801c-4f34-8a99-3df965e581a5.json │ │ │ ├── attack-pattern--eec23884-3fa1-4d8a-ac50-6f104d51e235.json │ │ │ ├── attack-pattern--ef67e13e-5598-4adc-bdb2-998225874fa9.json │ │ │ ├── attack-pattern--ef771e03-e080-43b4-a619-ac6f84899884.json │ │ │ ├── attack-pattern--efbf7888-f61b-4572-9c80-7e2965c60707.json │ │ │ ├── attack-pattern--f005e783-57d4-4837-88ad-dbe7faee1c51.json │ │ │ ├── attack-pattern--f0589bc3-a6ae-425a-a3d5-5659bfee07f4.json │ │ │ ├── attack-pattern--f1951e8a-500e-4a26-8803-76d95c4554b4.json │ │ │ ├── attack-pattern--f1c3d071-0c24-483d-aca0-e8b8496ce468.json │ │ │ ├── attack-pattern--f232fa7a-025c-4d43-abc7-318e81a73d65.json │ │ │ ├── attack-pattern--f244b8dd-af6c-4391-a497-fc03627ce995.json │ │ │ ├── attack-pattern--f24faf46-3b26-4dbb-98f2-63460498e433.json │ │ │ ├── attack-pattern--f2857333-11d4-45bf-b064-2c28d8525be5.json │ │ │ ├── attack-pattern--f2877f7f-9a4c-4251-879f-1224e3006bee.json │ │ │ ├── attack-pattern--f303a39a-6255-4b89-aecc-18c4d8ca7163.json │ │ │ ├── attack-pattern--f3c544dc-673c-4ef3-accb-53229f1ae077.json │ │ │ ├── attack-pattern--f3d95a1f-bba2-44ce-9af7-37866cd63fd0.json │ │ │ ├── attack-pattern--f4599aa0-4f85-4a32-80ea-fc39dc965945.json │ │ │ ├── attack-pattern--f4b843c1-7e92-4701-8fed-ce82f8be2636.json │ │ │ ├── attack-pattern--f4c1826f-a322-41cd-9557-562100848c84.json │ │ │ ├── attack-pattern--f58cd69a-e548-478b-9248-8a9af881dc34.json │ │ │ ├── attack-pattern--f5946b5e-9408-485f-a7f7-b5efc88909b6.json │ │ │ ├── attack-pattern--f5bb433e-bdf6-4781-84bc-35e97e43be89.json │ │ │ ├── attack-pattern--f5d8eed6-48a9-4cdf-a3d7-d1ffa99c3d2a.json │ │ │ ├── attack-pattern--f63fe421-b1d1-45c0-b8a7-02cd16ff2bed.json │ │ │ ├── attack-pattern--f6ad61ee-65f3-4bd0-a3f5-2f0accb36317.json │ │ │ ├── attack-pattern--f6dacc85-b37d-458e-b58d-74fc4bbf5755.json │ │ │ ├── attack-pattern--f6fe9070-7a65-49ea-ae72-76292f42cebe.json │ │ │ ├── attack-pattern--f7827069-0bf2-4764-af4f-23fae0d181b7.json │ │ │ ├── attack-pattern--f7c0689c-4dbd-489b-81be-7cb7c7079ade.json │ │ │ ├── attack-pattern--f870408c-b1cd-49c7-a5c7-0ef0fc496cc6.json │ │ │ ├── attack-pattern--f8df6b57-14bc-425f-9a91-6f59f6799307.json │ │ │ ├── attack-pattern--f981d199-2720-467e-9dc9-eea04dbe05cf.json │ │ │ ├── attack-pattern--f9cc4d06-775f-4ee1-b401-4e2cc0da30ba.json │ │ │ ├── attack-pattern--f9e9365a-9ca2-4d9c-8e7c-050d73d1101a.json │ │ │ ├── attack-pattern--fa44a152-ac48-441e-a524-dd7b04b8adcd.json │ │ │ ├── attack-pattern--fb3fa94a-3aee-4ab0-b7e7-abdf0a51286d.json │ │ │ ├── attack-pattern--fb640c43-aa6b-431e-a961-a279010424ac.json │ │ │ ├── attack-pattern--fb8d023d-45be-47e9-bc51-f56bcae6435b.json │ │ │ ├── attack-pattern--fc742192-19e3-466c-9eb5-964a97b29490.json │ │ │ ├── attack-pattern--fc74ba38-dc98-461f-8611-b3dbf9978e3d.json │ │ │ ├── attack-pattern--fd339382-bfec-4bf0-8d47-1caedc9e7e57.json │ │ │ ├── attack-pattern--fd658820-cbba-4c95-8ac9-0fac6b1099e2.json │ │ │ ├── attack-pattern--fdc47f44-dd32-4b99-af5f-209f556f63c2.json │ │ │ ├── attack-pattern--fe926152-f431-4baf-956c-4ad3cb0bf23b.json │ │ │ ├── attack-pattern--ff25900d-76d5-449b-a351-8824e62fc81b.json │ │ │ ├── attack-pattern--ff73aa03-0090-4464-83ac-f89e233c02bc.json │ │ │ └── attack-pattern--ffeb0780-356e-4261-b036-cfb6bd234335.json │ │ ├── course-of-action │ │ │ ├── course-of-action--0beabf44-e8d8-4ae4-9122-ef56369a2564.json │ │ │ ├── course-of-action--12241367-a8b7-49b4-b86e-2236901ba50c.json │ │ │ ├── course-of-action--15437c6d-b998-4a36-be41-4ace3d54d266.json │ │ │ ├── course-of-action--1553b156-6767-47f7-9eb4-2a692505666d.json │ │ │ ├── course-of-action--1dcaeb21-9348-42ea-950a-f842aaf1ae1f.json │ │ │ ├── course-of-action--20a2baeb-98c2-4901-bad7-dc62d0a03dea.json │ │ │ ├── course-of-action--20f6a9df-37c4-4e20-9e47-025983b1b39d.json │ │ │ ├── course-of-action--21da4fd4-27ad-4e9c-b93d-0b9b14d02c96.json │ │ │ ├── course-of-action--23843cff-f7b9-4659-a7b7-713ef347f547.json │ │ │ ├── course-of-action--25dc1ce8-eb55-4333-ae30-a7cb4f5894a1.json │ │ │ ├── course-of-action--2995bc22-2851-4345-ad19-4e7e295be264.json │ │ │ ├── course-of-action--2a4f6c11-a4a7-4cb9-b0ef-6ae1bb3a718a.json │ │ │ ├── course-of-action--2c2ad92a-d710-41ab-a996-1db143bb4808.json │ │ │ ├── course-of-action--2f316f6c-ae42-44fe-adf8-150989e0f6d3.json │ │ │ ├── course-of-action--337c4e2a-21a7-4d9a-bfee-9efd6cebf0e5.json │ │ │ ├── course-of-action--3992ce42-43e9-4bea-b8db-a102ec3ec1e3.json │ │ │ ├── course-of-action--3efe43d1-6f3f-4fcb-ab39-4a730971f70b.json │ │ │ ├── course-of-action--47e0e9fe-96ce-4f65-8bb1-8be1feacb5db.json │ │ │ ├── course-of-action--49c06d54-9002-491d-9147-8efb537fbd26.json │ │ │ ├── course-of-action--52c7a1a9-3a78-4528-a44f-cd7b0fa3541a.json │ │ │ ├── course-of-action--590777b3-b475-4c7c-aaf8-f4a73b140312.json │ │ │ ├── course-of-action--609191bf-7d06-40e4-b1f8-9e11eb3ff8a6.json │ │ │ ├── course-of-action--649f7268-4c12-483b-ac84-4b7bca9fe2ee.json │ │ │ ├── course-of-action--653492e3-27be-4a0e-b08c-938dd2b7e0e1.json │ │ │ ├── course-of-action--66cfe23e-34b6-4583-b178-ed6a412db2b0.json │ │ │ ├── course-of-action--72dade3e-1cba-4182-b3b3-a77ca52f02a1.json │ │ │ ├── course-of-action--72e46e53-e12d-4106-9c70-33241b6ed549.json │ │ │ ├── course-of-action--787fb64d-c87b-4ee5-a341-0ef17ec4c15c.json │ │ │ ├── course-of-action--78bb71be-92b4-46de-acd6-5f998fedf1cc.json │ │ │ ├── course-of-action--7b1cf46f-784b-405a-a8dd-4624c19d8321.json │ │ │ ├── course-of-action--7bb5fae9-53ad-4424-866b-f0ea2a8b731d.json │ │ │ ├── course-of-action--7da0387c-ba92-4553-b291-b636ee42b2eb.json │ │ │ ├── course-of-action--7f153c28-e5f1-4764-88fb-eea1d9b0ad4a.json │ │ │ ├── course-of-action--8220b57e-c400-4525-bf69-f8edc6b389a8.json │ │ │ ├── course-of-action--86598de0-b347-4928-9eb0-0acbfc21908c.json │ │ │ ├── course-of-action--874c0166-e407-45c2-a1d9-e4e3a6570fd8.json │ │ │ ├── course-of-action--8bc4a54e-810c-4600-8b6c-08fa8413a401.json │ │ │ ├── course-of-action--8ccd428d-39da-4e8f-a55b-d48ea1d56e58.json │ │ │ ├── course-of-action--90c218c3-fbf8-4830-98a7-e8cfb7eaa485.json │ │ │ ├── course-of-action--90f39ee1-d5a3-4aaa-9f28-3b42815b0d46.json │ │ │ ├── course-of-action--93e7968a-9074-4eac-8ae9-9f5200ec3317.json │ │ │ ├── course-of-action--987988f0-cf86-4680-a875-2f6456ab2448.json │ │ │ ├── course-of-action--98aa0d61-fc9d-4b2d-8f18-b25d03549f53.json │ │ │ ├── course-of-action--99c746d7-a08a-4169-94f9-b8c0dad716fa.json │ │ │ ├── course-of-action--9bb9e696-bff8-4ae1-9454-961fc7d91d5f.json │ │ │ ├── course-of-action--a2c36a5d-4058-475e-8e77-fff75e50d3b9.json │ │ │ ├── course-of-action--a6a47a06-08fc-4ec4-bdc3-20373375ebb9.json │ │ │ ├── course-of-action--aadac250-bcdc-44e3-a4ae-f52bd0a7a16a.json │ │ │ ├── course-of-action--b045d015-6bed-4490-bd38-56b41ece59a0.json │ │ │ ├── course-of-action--b11cad63-ef30-4eb8-af0d-6cc46eef3f3e.json │ │ │ ├── course-of-action--b5dbb4c5-b0b1-40b1-80b6-e9e84ab90067.json │ │ │ ├── course-of-action--b9f0c069-abbe-4a07-a245-2481219a1463.json │ │ │ ├── course-of-action--bcecd036-f40e-4916-9f8e-fd0ccf0ece8d.json │ │ │ ├── course-of-action--c7257b6e-4159-4771-b1f3-2bb93adaecac.json │ │ │ ├── course-of-action--cc2399fd-3cd3-4319-8d0a-fbd6420cdaf8.json │ │ │ ├── course-of-action--cf2cccb1-cab8-431a-8ecf-f7874d05f433.json │ │ │ ├── course-of-action--d2a24649-9694-4c97-9c62-ce7b270bf6a3.json │ │ │ ├── course-of-action--da44255d-85c5-492c-baf3-ee823d44f848.json │ │ │ ├── course-of-action--e0d38502-decb-481d-ad8b-b8f0a0c330bd.json │ │ │ ├── course-of-action--e3388c78-2a8d-47c2-8422-c1398b324462.json │ │ │ ├── course-of-action--e5d930e9-775a-40ad-9bdb-b941d8dfe86b.json │ │ │ ├── course-of-action--e8242a33-481c-4891-af63-4cf3e4cf6aff.json │ │ │ ├── course-of-action--e829ee51-1caf-4665-ba15-7f8979634124.json │ │ │ ├── course-of-action--e944670c-d03a-4e93-a21c-b3d4c53ec4c9.json │ │ │ ├── course-of-action--eb88d97c-32f1-40be-80f0-d61a4b0b4b31.json │ │ │ ├── course-of-action--f0f5c87a-a58d-440a-b3b5-ca679d98c6dd.json │ │ │ ├── course-of-action--f9f9e6ef-bc0a-41ad-ba11-0924e5e84c4c.json │ │ │ ├── course-of-action--fce6866f-9a87-4d3e-a73c-f02d8937fe0e.json │ │ │ ├── course-of-action--feff9142-e8c2-46f4-842b-bd6fb3d41157.json │ │ │ └── course-of-action--ff4821f6-5afb-481b-8c0f-26c28c0d666c.json │ │ ├── malware │ │ │ ├── malware--007b44b6-e4c5-480b-b5b9-56f2081b1b7b.json │ │ │ ├── malware--00806466-754d-44ea-ad6f-0caf59cb8556.json │ │ │ ├── malware--00c3bfcb-99bd-4767-8c03-b08f585f5c8a.json │ │ │ ├── malware--037f44f0-0c07-4c7f-b40e-0325b5b228a9.json │ │ │ ├── malware--039814a0-88de-46c5-a4fb-b293db21880a.json │ │ │ ├── malware--04227b24-7817-4de1-9050-b7b1b57f5866.json │ │ │ ├── malware--049ff071-0b3c-4712-95d2-d21c6aa54501.json │ │ │ ├── malware--04fc1842-f9e4-47cf-8cb8-5c61becad142.json │ │ │ ├── malware--051eaca1-958f-4091-9e5f-a9acd8f820b5.json │ │ │ ├── malware--05c4f87c-be8f-46ea-8d9a-2a0aad8f52c1.json │ │ │ ├── malware--0626c181-93cb-4860-9cb0-dff3b1c13063.json │ │ │ ├── malware--065196de-d7e8-4888-acfb-b2134022ba1b.json │ │ │ ├── malware--069af411-9b24-4e85-b26c-623d035bbe84.json │ │ │ ├── malware--06d735e7-1db1-4dbe-ab4b-acbe419f902b.json │ │ │ ├── malware--071d5d65-83ec-4a55-acfa-be7d5f28ba9a.json │ │ │ ├── malware--0817aaf2-afea-4c32-9285-4dcd1df5bf14.json │ │ │ ├── malware--083bb47b-02c8-4423-81a2-f9ef58572974.json │ │ │ ├── malware--0852567d-7958-4f4b-8947-4f840ec8d57d.json │ │ │ ├── malware--085eb36d-697d-4d9a-bac3-96eb879fe73c.json │ │ │ ├── malware--08784a9d-09e9-4dce-a839-9612398214e8.json │ │ │ ├── malware--08d20cd2-f084-45ee-8558-fa6ef5a18519.json │ │ │ ├── malware--0998045d-f96e-4284-95ce-3c8219707486.json │ │ │ ├── malware--099ecff2-41b8-436d-843c-038a9aa9aa69.json │ │ │ ├── malware--09b2cd76-c674-47cc-9f57-d2f2ad150a46.json │ │ │ ├── malware--0a607c53-df52-45da-a75d-0e53df4dad5f.json │ │ │ ├── malware--0a9c51e0-825d-4b9b-969d-ce86ed8ce3c3.json │ │ │ ├── malware--0b32ec39-ba61-4864-9ebe-b4b0b73caf9a.json │ │ │ ├── malware--0c824410-58ff-49b2-9cf2-1c96b182bdf0.json │ │ │ ├── malware--0ced8926-914e-4c78-bc93-356fb90dbd1f.json │ │ │ ├── malware--0d1f9f5b-11ea-42c3-b5f4-63cce0122541.json │ │ │ ├── malware--0db09158-6e48-4e7c-8ce7-2b10b9c0c039.json │ │ │ ├── malware--0e18b800-906c-4e44-a143-b11c72b3448b.json │ │ │ ├── malware--0efefea5-78da-4022-92bc-d726139e8883.json │ │ │ ├── malware--0f1ad2ef-41d4-4b7a-9304-ddae68ea3005.json │ │ │ ├── malware--0f862b01-99da-47cc-9bdb-db4a86a95bb1.json │ │ │ ├── malware--108b2817-bc01-404e-8e1b-8cdeec846326.json │ │ │ ├── malware--11194d8b-fdce-45d2-8047-df15bb8f16bd.json │ │ │ ├── malware--11e36d5b-6a92-4bf9-8eb7-85eb24f59e22.json │ │ │ ├── malware--123bd7b3-675c-4b1a-8482-c55782b20e2b.json │ │ │ ├── malware--12a7450d-b03e-4990-a5b8-b405ab9c803b.json │ │ │ ├── malware--1492d0f8-7e14-4af3-9239-bc3fe10d3407.json │ │ │ ├── malware--166c0eca-02fd-424a-92c0-6b5106994d31.json │ │ │ ├── malware--172444ab-97fc-4d94-b142-179452bfb760.json │ │ │ ├── malware--17b40f60-729f-4fe8-8aea-cc9ee44a95d5.json │ │ │ ├── malware--17dec760-9c8f-4f1b-9b4b-0ac47a453234.json │ │ │ ├── malware--17e919aa-4a49-445c-b103-dbb8df9e7351.json │ │ │ ├── malware--196f1f32-e0c2-4d46-99cd-234d4b6befe1.json │ │ │ ├── malware--198db886-47af-4f4c-bff5-11b891f85946.json │ │ │ ├── malware--199463de-d9be-46d6-bb41-07234c1dd5a6.json │ │ │ ├── malware--1b9f0800-035e-4ed1-9648-b18294cc5bc8.json │ │ │ ├── malware--1cc934e4-b01d-4543-a011-b988dfc1a458.json │ │ │ ├── malware--1cdbbcab-903a-414d-8eb0-439a97343737.json │ │ │ ├── malware--1d1fce2f-0db5-402b-9843-4278a0694637.json │ │ │ ├── malware--1d808f62-cf63-4063-9727-ff6132514c22.json │ │ │ ├── malware--1d8dccb3-e779-4702-aeb1-6627a22cc585.json │ │ │ ├── malware--1f6e3702-7ca1-4582-b2e7-4591297d05a8.json │ │ │ ├── malware--2074b2ad-612e-4758-adce-7901c1b49bbc.json │ │ │ ├── malware--20945359-3b39-4542-85ef-08ecb4e1c174.json │ │ │ ├── malware--20d56cd6-8dff-4871-9889-d32d254816de.json │ │ │ ├── malware--20dbaf05-59b8-4dc6-8777-0b17f4553a23.json │ │ │ ├── malware--21170624-89db-4e99-bf27-58d26be07c3a.json │ │ │ ├── malware--211cfe9f-2676-4e1c-a5f5-2c8091da2a68.json │ │ │ ├── malware--21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901.json │ │ │ ├── malware--21c0b55b-5ff3-4654-a05e-e3fc1ee1ce1b.json │ │ │ ├── malware--222ba512-32d9-49ac-aefd-50ce981ce2ce.json │ │ │ ├── malware--22addc7b-b39f-483d-979a-1b35147da5de.json │ │ │ ├── malware--22b596a6-d288-4409-8520-5f2846f85514.json │ │ │ ├── malware--22faaa56-a8ac-4292-9be6-b571b255ee40.json │ │ │ ├── malware--23040c15-e7d8-47b5-8c16-8fd3e0e297fe.json │ │ │ ├── malware--234e7770-99b0-4f65-b983-d3230f76a60b.json │ │ │ ├── malware--242622ca-3903-43d5-8aa0-3bbdaa3020ec.json │ │ │ ├── malware--24b4ce59-eaac-4c8b-8634-9b093b7ccd92.json │ │ │ ├── malware--251fbae2-78f6-4de7-84f6-194c727a64ad.json │ │ │ ├── malware--26fed817-e7bf-41f9-829a-9075ffac45c2.json │ │ │ ├── malware--2740eaf6-2db2-4a40-a63f-f5b166c7059c.json │ │ │ ├── malware--288fa242-e894-4c7e-ac86-856deedf5cea.json │ │ │ ├── malware--28b97733-ef07-4414-aaa5-df50b2d30cc5.json │ │ │ ├── malware--28e39395-91e7-4f02-b694-5e079c964da9.json │ │ │ ├── malware--29944858-da52-4d3d-b428-f8a6eb8dde6f.json │ │ │ ├── malware--2a6f4c7b-e690-4cc7-ab6b-1f821fb6b80b.json │ │ │ ├── malware--2a70812b-f1ef-44db-8578-a496a227aef2.json │ │ │ ├── malware--2cfe8a26-5be7-4a09-8915-ea3d9e787513.json │ │ │ ├── malware--2daa14d6-cbf3-4308-bb8e-213c324a08e4.json │ │ │ ├── malware--2dd34b01-6110-4aac-835d-b5e7b936b0be.json │ │ │ ├── malware--2eb9b131-d333-4a48-9eb4-d8dec46c19ee.json │ │ │ ├── malware--2f1a9fd0-3b7c-4d77-a358-78db13adbe78.json │ │ │ ├── malware--2fb26586-2b53-4b9a-ad4f-2b3bcb9a2421.json │ │ │ ├── malware--3049b2f2-e323-4cdb-91cb-13b37b904cbb.json │ │ │ ├── malware--308b3d68-a084-4dfb-885a-3125e1a9c1e8.json │ │ │ ├── malware--3161d76a-e2b2-4b97-9906-24909b735386.json │ │ │ ├── malware--317a2c10-d489-431e-b6b2-f0251fddc88e.json │ │ │ ├── malware--32066e94-3112-48ca-b9eb-ba2b59d2f023.json │ │ │ ├── malware--3240cbe4-c550-443b-aa76-cc2a7058b870.json │ │ │ ├── malware--3249e92a-870b-426d-8790-ba311c1abfb4.json │ │ │ ├── malware--326af1cd-78e7-45b7-a326-125d2f7ef8f2.json │ │ │ ├── malware--326eaf7b-5784-4f08-8fc2-61fd5d5bc5fb.json │ │ │ ├── malware--3271c107-92c4-442e-9506-e76d62230ee8.json │ │ │ ├── malware--32f49626-87f4-4d6c-8f59-a0dca953fe26.json │ │ │ ├── malware--33d9d91d-aad9-49d5-a516-220ce101ac8a.json │ │ │ ├── malware--35aae10a-97c5-471a-9c67-02c231a7a31a.json │ │ │ ├── malware--35cd1d01-1ede-44d2-b073-a264d727bc04.json │ │ │ ├── malware--363bc05d-13cb-4e98-a5b7-e250f2bbdc2b.json │ │ │ ├── malware--366c800f-97a8-48d5-b0a6-79d00198252a.json │ │ │ ├── malware--36ede314-7db4-4d09-b53d-81bbfbe5f6f8.json │ │ │ ├── malware--37cc7eb6-12e3-467b-82e8-f20f2cc73c69.json │ │ │ ├── malware--3a4197ae-ec63-4162-907b-9a073d1157e4.json │ │ │ ├── malware--3a913bac-4fae-4d0e-bca8-cae452f1599b.json │ │ │ ├── malware--3aa169f8-bbf6-44bb-b57d-7f6ada5c2128.json │ │ │ ├── malware--3bc1f0ad-ef11-4afc-83c0-fcffe08d4e50.json │ │ │ ├── malware--3c02fb1f-cbdb-48f5-abaf-8c81d6e0c322.json │ │ │ ├── malware--3c3b55a6-c3e9-4043-8aae-283fe96220c0.json │ │ │ ├── malware--3cab1b76-2f40-4cd0-8d2c-7ed16eeb909c.json │ │ │ ├── malware--3d57dcc4-be99-4613-9482-d5218f5ec13e.json │ │ │ ├── malware--3d8e547d-9456-4f32-a895-dc86134e282f.json │ │ │ ├── malware--40d3e230-ed32-469f-ba89-be70cc08ab39.json │ │ │ ├── malware--414dc555-c79e-4b24-a2da-9b607f7eaf16.json │ │ │ ├── malware--4189a679-72ed-4a89-a57c-7f689712ecf8.json │ │ │ ├── malware--41e3fd01-7b83-471f-835d-d2b1dc9a770c.json │ │ │ ├── malware--43155329-3edf-47a6-9a14-7dac899b01e4.json │ │ │ ├── malware--43213480-78f7-4fb3-976f-d48f5f6a4c2a.json │ │ │ ├── malware--432555de-63bf-4f2a-a3fa-f720a4561078.json │ │ │ ├── malware--44c75271-0e4d-496f-ae0a-a6d883a42a65.json │ │ │ ├── malware--454fe82d-6fd2-4ac6-91ab-28a33fe01369.json │ │ │ ├── malware--463f68f1-5cde-4dc2-a831-68b73488f8f4.json │ │ │ ├── malware--47124daf-44be-4530-9c63-038bc64318dd.json │ │ │ ├── malware--47afe41c-4c08-485e-b062-c3bd209a1cce.json │ │ │ ├── malware--48523614-309e-43bf-a2b8-705c2b45d7b2.json │ │ │ ├── malware--495b6cdb-7b5a-4fbc-8d33-e7ef68806d08.json │ │ │ ├── malware--496bff4d-0700-4b28-b06f-f30a63002be7.json │ │ │ ├── malware--49abab73-3c5c-476e-afd5-69b5c732d845.json │ │ │ ├── malware--49c04994-1035-4b58-89b7-cf8956e3b423.json │ │ │ ├── malware--4a98e44a-bd52-461e-af1e-a4457de87a36.json │ │ │ ├── malware--4ab44516-ad75-4e43-a280-705dc0420e2f.json │ │ │ ├── malware--4b072c90-bc7a-432b-940e-016fc1c01761.json │ │ │ ├── malware--4b346d12-7f91-48d2-8f06-b26ffa0d825b.json │ │ │ ├── malware--4b62ab58-c23b-4704-9c15-edd568cd59f8.json │ │ │ ├── malware--4b68b5ea-2e1b-4225-845b-8632f702b9a0.json │ │ │ ├── malware--4b6ec280-7bbb-48ff-ae59-b189520ebe83.json │ │ │ ├── malware--4bf6ba32-4165-42c1-b911-9c36165891c8.json │ │ │ ├── malware--4c59cce8-cb48-4141-b9f1-f646edfaadb0.json │ │ │ ├── malware--4c6d62c2-89f5-4159-8fab-0190b1f9d328.json │ │ │ ├── malware--4d56e6e9-1a6d-46e3-896c-dfdf3cc96e62.json │ │ │ ├── malware--4dcff507-5af8-47ce-964a-8d9569e9ccfe.json │ │ │ ├── malware--4e6b9625-bbda-4d96-a652-b3bb45453f26.json │ │ │ ├── malware--4efc3e00-72f2-466a-ab7c-8a7dc6603b19.json │ │ │ ├── malware--4f6aa78c-c3d4-4883-9840-96ca2f5d6d47.json │ │ │ ├── malware--507fe748-5e4a-4b45-9e9f-8b1115f4e878.json │ │ │ ├── malware--50d6688b-0985-4f3d-8cbe-0c796b30703b.json │ │ │ ├── malware--5147ef15-1cae-4707-8ea1-bee8d98b7f1d.json │ │ │ ├── malware--5189f018-fea2-45d7-b0ed-23f9ee0a46f3.json │ │ │ ├── malware--518bb5f1-91f4-4ff2-b09d-5a94e1ebe95f.json │ │ │ ├── malware--52c994fa-b6c8-45a8-9586-a4275cf19307.json │ │ │ ├── malware--53486bc7-7748-4716-8190-e4f1fde04c53.json │ │ │ ├── malware--536be338-e2ef-4a6b-afb6-8d5568b91eb2.json │ │ │ ├── malware--53a42597-1974-4b8e-84fd-3675e8992053.json │ │ │ ├── malware--53ab35c2-d00e-491a-8753-41d35ae7e547.json │ │ │ ├── malware--53cf6cc4-65aa-445a-bcf8-c3d296f8a7a2.json │ │ │ ├── malware--53d47b09-09c2-4015-8d37-6633ecd53f79.json │ │ │ ├── malware--54895630-efd2-4608-9c24-319de972a9eb.json │ │ │ ├── malware--54a01db0-9fab-4d5f-8209-53cef8425f4a.json │ │ │ ├── malware--54cc1d4f-5c53-4f0e-9ef5-11b4998e82e4.json │ │ │ ├── malware--54e8672d-5338-4ad1-954a-a7c986bee530.json │ │ │ ├── malware--552462b9-ae79-49dd-855c-5973014e157f.json │ │ │ ├── malware--56660521-6db4-4e5a-a927-464f22954b7c.json │ │ │ ├── malware--56d10a7f-bb42-4267-9b4c-63abb9c06010.json │ │ │ ├── malware--56e6b6c2-e573-4969-8bab-783205cebbbf.json │ │ │ ├── malware--56f46b17-8cfa-46c0-b501-dd52fef394e2.json │ │ │ ├── malware--5719af9d-6b16-46f9-9b28-fb019541ddbb.json │ │ │ ├── malware--5763217a-05b6-4edd-9bca-057e47b5e403.json │ │ │ ├── malware--58adaaa8-f1e8-4606-9a08-422e568461eb.json │ │ │ ├── malware--5967cc93-57c9-404a-8ffd-097edfa7bdfc.json │ │ │ ├── malware--59a97b15-8189-4d51-9404-e1ce8ea4a069.json │ │ │ ├── malware--5a3a31fe-5a8f-48e1-bff0-a753e5b1be70.json │ │ │ ├── malware--5a5dca4c-03c1-4b99-bfcf-c206e20aa663.json │ │ │ ├── malware--5a84dc36-df0d-4053-9b7c-f0c388a57283.json │ │ │ ├── malware--5af7a825-2d9f-400d-931a-e00eb9e27f48.json │ │ │ ├── malware--5bcd5511-6756-4824-a692-e8bb109364af.json │ │ │ ├── malware--5be33fef-39c0-4532-84ee-bea31e1b5324.json │ │ │ ├── malware--5c6ed2dc-37f4-40ea-b2e1-4c76140a388c.json │ │ │ ├── malware--5dd649c0-bca4-488b-bd85-b180474ec62e.json │ │ │ ├── malware--5ddf81ea-2c06-497b-8c30-5f1ab89a40f9.json │ │ │ ├── malware--5e595477-2e78-4ce7-ae42-e0b059b17808.json │ │ │ ├── malware--5e7ef1dc-7fb6-4913-ac75-e06113b59e0c.json │ │ │ ├── malware--5e814485-012d-423d-b769-026bfed0f451.json │ │ │ ├── malware--5f1d4579-4e8f-48e7-860e-2da773ae432e.json │ │ │ ├── malware--5f9f7648-04ba-4a9f-bb4c-2a13e74572bd.json │ │ │ ├── malware--60a9c2f0-b7a5-4e8e-959c-e1a3ff314a5f.json │ │ │ ├── malware--60c18d06-7b91-4742-bae3-647845cd9d81.json │ │ │ ├── malware--60d50676-459a-47dd-92e9-a827a9fe9c58.json │ │ │ ├── malware--6108f800-10b8-4090-944e-be579f01263d.json │ │ │ ├── malware--6146be90-470c-4049-bb3a-9986b8ffb65b.json │ │ │ ├── malware--63c2a130-8a5b-452f-ad96-07cf0af12ffe.json │ │ │ ├── malware--6447e3a1-ef4d-44b1-99d5-6b1c4888674f.json │ │ │ ├── malware--64d76fa5-cf8f-469c-b78c-1a4f7c5bad80.json │ │ │ ├── malware--64fa0de0-6240-41f4-8638-f4ca7ed528fd.json │ │ │ ├── malware--65341f30-bec6-4b1d-8abf-1a5620446c29.json │ │ │ ├── malware--65ffc206-d7c1-45b3-b543-f6b726e7840d.json │ │ │ ├── malware--66b1dcde-17a0-4c7b-95fa-b08d430c2131.json │ │ │ ├── malware--67e6d66b-1b82-4699-b47a-e2efb6268d14.json │ │ │ ├── malware--67fc172a-36fa-4a35-88eb-4ba730ed52a6.json │ │ │ ├── malware--680f680c-eef9-4f8a-b5f5-f451bf47e403.json │ │ │ ├── malware--687c23e4-4e25-4ee7-a870-c5e002511f54.json │ │ │ ├── malware--68dca94f-c11d-421e-9287-7c501108e18c.json │ │ │ ├── malware--691c60e2-273d-4d56-9ce6-b67e0f8719ad.json │ │ │ ├── malware--69d6f4a9-fcf0-4f51-bca7-597c51ad0bb8.json │ │ │ ├── malware--6a0ef5d4-fc7c-4dda-85d7-592e4dbdc5d9.json │ │ │ ├── malware--6a7aaab1-3e0a-48bb-ba66-bbf7665c0a65.json │ │ │ ├── malware--6a92d80f-cc65-45f6-aa66-3cdea6786b3c.json │ │ │ ├── malware--6b616fc1-1505-48e3-8b2c-0d19337bff38.json │ │ │ ├── malware--6b62e336-176f-417b-856a-8552dd8c44e1.json │ │ │ ├── malware--6ba1d7ae-d60b-43e6-9f08-a8b787e9d9cb.json │ │ │ ├── malware--6fcaf9b0-b509-4644-9f93-556222c81ed2.json │ │ │ ├── malware--705f0783-5f7d-4491-b6b7-9628e6e006d2.json │ │ │ ├── malware--72f54d66-675d-4587-9bd3-4ed09f9522e4.json │ │ │ ├── malware--7343e208-7cab-45f2-a47b-41ba5e2f0fab.json │ │ │ ├── malware--736a3b71-eccc-48b7-b5ed-adb2b74ca830.json │ │ │ ├── malware--73a4793a-ce55-4159-b2a6-208ef29b326f.json │ │ │ ├── malware--73c4711b-407a-449d-b269-e3b1531fe7a9.json │ │ │ ├── malware--7451bcf9-e6e6-4a70-bc3d-1599173d0035.json │ │ │ ├── malware--754effde-613c-4244-a83e-fb659b2a4d06.json │ │ │ ├── malware--7551188b-8f91-4d34-8350-0d0c57b2b913.json │ │ │ ├── malware--75bba379-4ba1-467e-8c60-ec2b269ee984.json │ │ │ ├── malware--75ecdbf1-c2bb-4afc-a3f9-c8da4de8c661.json │ │ │ ├── malware--76abb3ef-dafd-4762-97cb-a35379429db4.json │ │ │ ├── malware--76ac7989-c5cc-42e2-93e3-d6c476f01ace.json │ │ │ ├── malware--79499993-a8d6-45eb-b343-bf58dea5bdde.json │ │ │ ├── malware--7ba0fc46-197d-466d-8b9f-f1c64d5d81e5.json │ │ │ ├── malware--7bec698a-7e20-4fd3-bb6a-12787770fb1a.json │ │ │ ├── malware--7bef1b56-4870-4e74-b32a-7dd88c390c44.json │ │ │ ├── malware--7dbb67c7-270a-40ad-836e-c45f8948aa5a.json │ │ │ ├── malware--7e6c2a9d-9dc1-4eb0-b27c-91e8076a9d77.json │ │ │ ├── malware--7f8730af-f683-423f-9ee1-5f6875a80481.json │ │ │ ├── malware--80099a91-4c86-4bea-9ccb-dac55d61960e.json │ │ │ ├── malware--800bdfba-6d66-480f-9f45-15845c05cb5d.json │ │ │ ├── malware--80a014ba-3fef-4768-990b-37d8bd10d7f4.json │ │ │ ├── malware--81c57a96-fc8c-4f91-af8e-63e24c2927c2.json │ │ │ ├── malware--82cb34ba-02b5-432b-b2d2-07f55cbf674d.json │ │ │ ├── malware--835a79f1-842d-472d-b8f4-d54b545c341b.json │ │ │ ├── malware--838f647e-8ff8-48bd-bbd5-613cee7736cb.json │ │ │ ├── malware--8393dac0-0583-456a-9372-fd81691bca20.json │ │ │ ├── malware--84c1ecc6-e5a2-4e8a-bf4b-651a618e0053.json │ │ │ ├── malware--85b39628-204a-48d2-b377-ec368cbcb7ca.json │ │ │ ├── malware--86b92f6c-9c05-4c51-b361-4c7bb13e21a1.json │ │ │ ├── malware--86fc6f0c-86d9-473e-89f3-f50f3cb9319b.json │ │ │ ├── malware--876f6a77-fbc5-4e13-ab1a-5611986730a3.json │ │ │ ├── malware--8787e86d-8475-4f13-acea-d33eb83b6105.json │ │ │ ├── malware--88c621a7-aef9-4ae0-94e3-1fc87123eb24.json │ │ │ ├── malware--8901ac23-6b50-410c-b0dd-d8174a86f9b3.json │ │ │ ├── malware--89ab0ca5-f7e0-4d16-bf2a-17d68117fa4b.json │ │ │ ├── malware--89c3dbf6-f281-41b7-be1d-a0e641014853.json │ │ │ ├── malware--89f63ae4-f229-4a5c-95ad-6f22ed2b5c49.json │ │ │ ├── malware--8ab98e25-1672-4b5f-a2fb-e60f08a5ea9e.json │ │ │ ├── malware--8ae43c46-57ef-47d5-a77a-eebb35628db2.json │ │ │ ├── malware--8b880b41-5139-4807-baa9-309690218719.json │ │ │ ├── malware--8be7c69e-d8e3-4970-9668-61de08e508cc.json │ │ │ ├── malware--8beac7c2-48d2-4cd9-9b15-6c452f38ac06.json │ │ │ ├── malware--8c050cea-86e1-4b63-bf21-7af4fa483349.json │ │ │ ├── malware--8c553311-0baa-4146-997a-f79acef3d831.json │ │ │ ├── malware--8caa18af-4758-4fd3-9600-e8af579e89ed.json │ │ │ ├── malware--8d9e758b-735f-4cbc-ba7c-32cd15138b2a.json │ │ │ ├── malware--8dbadf80-468c-4a62-b817-4e4d8b606887.json │ │ │ ├── malware--8e101fdd-9f7f-4916-bb04-6bd9e94c129c.json │ │ │ ├── malware--8e461ca3-0996-4e6e-a0df-e2a5bbc51ebc.json │ │ │ ├── malware--8ec6e3b4-b06d-4805-b6aa-af916acc2122.json │ │ │ ├── malware--8f423bd7-6ca7-4303-9e85-008c7ad5fdaa.json │ │ │ ├── malware--8f460983-1bbb-4e7e-8094-f0b5e720f658.json │ │ │ ├── malware--8fc6c9e7-a162-4ca4-a488-f1819e9a7b06.json │ │ │ ├── malware--91000a8a-58cc-4aba-9ad0-993ad6302b86.json │ │ │ ├── malware--911fe4c3-444d-4e92-83b8-cc761ac5fd3b.json │ │ │ ├── malware--92b03a94-7147-4952-9d5a-b4d24da7487c.json │ │ │ ├── malware--92b55426-109f-4d93-899f-1833ce91ff90.json │ │ │ ├── malware--92ec0cbd-2c30-44a2-b270-73f4ec949841.json │ │ │ ├── malware--936be60d-90eb-4c36-9247-4b31128432c4.json │ │ │ ├── malware--93799a9d-3537-43d8-b6f4-17215de1657c.json │ │ │ ├── malware--94379dec-5c87-49db-b36e-66abc0b81344.json │ │ │ ├── malware--95047f03-4811-4300-922e-1ba937d53a61.json │ │ │ ├── malware--959f3b19-2dc8-48d5-8942-c66813a5101a.json │ │ │ ├── malware--96566860-9f11-4b6f-964d-1c924e4f24a4.json │ │ │ ├── malware--96b08451-b27a-4ff6-893f-790e26393a8e.json │ │ │ ├── malware--9752aef4-a1f3-4328-929f-b64eb0536090.json │ │ │ ├── malware--98e8a977-3416-43aa-87fa-33e287e9c14c.json │ │ │ ├── malware--99164b38-1775-40bc-b77b-a2373b14540a.json │ │ │ ├── malware--9af05de0-bc09-4511-a350-5eb8b06185c1.json │ │ │ ├── malware--9b19d6b4-cfcb-492f-8ca8-8449e7331573.json │ │ │ ├── malware--9b325b06-35a1-457d-be46-a4ecc0b7ff0c.json │ │ │ ├── malware--9ca488bd-9587-48ef-b923-1743523e63b2.json │ │ │ ├── malware--9dbdadb6-fdbf-490f-a35f-38762d06a0d2.json │ │ │ ├── malware--9e2bba94-950b-4fcf-8070-cb3f816c5f4e.json │ │ │ ├── malware--9e9b9415-a7df-406b-b14d-92bfe6809fbe.json │ │ │ ├── malware--9ea525fa-b0a9-4dde-84f2-bcea0137b3c1.json │ │ │ ├── malware--9ed10b5a-ff20-467f-bf2f-d3fbf763e381.json │ │ │ ├── malware--a020a61c-423f-4195-8c46-ba1d21abba37.json │ │ │ ├── malware--a04d9a4c-bb52-40bf-98ec-e350c2d6a862.json │ │ │ ├── malware--a0ebedca-d558-4e48-8ff7-4bf76208d90c.json │ │ │ ├── malware--a15c9357-2be0-4836-beec-594f28b9b4a9.json │ │ │ ├── malware--a1867c56-8c86-455a-96ad-b0d5f7e2bc17.json │ │ │ ├── malware--a19c49aa-36fe-4c05-b817-23e1c7a7d085.json │ │ │ ├── malware--a2282af0-f9dd-4373-9b92-eaf9e11e0c71.json │ │ │ ├── malware--a3c59d82-2c7c-44e5-a869-68e0a3e5935e.json │ │ │ ├── malware--a3dad2be-ce62-4440-953b-00fbce7aba93.json │ │ │ ├── malware--a4a98eab-b691-45d9-8c48-869ef8fefd57.json │ │ │ ├── malware--a4f57468-fbd5-49e4-8476-52088220b92d.json │ │ │ ├── malware--a5528622-3a8a-4633-86ce-8cdaf8423858.json │ │ │ ├── malware--a5575606-9b85-4e3d-9cd2-40ef30e3672d.json │ │ │ ├── malware--a5e91d50-24fa-44ec-9894-39a88f658cea.json │ │ │ ├── malware--a60657fa-e2e7-4f8f-8128-a882534ae8c5.json │ │ │ ├── malware--a6228601-03f6-4949-ae22-c1087627a637.json │ │ │ ├── malware--a705b085-1eae-455e-8f4d-842483d814eb.json │ │ │ ├── malware--a7881f21-e978-4fe4-af56-92c9416a2616.json │ │ │ ├── malware--a8839c95-029f-44cf-8f3d-a3cf2039e927.json │ │ │ ├── malware--a8a778f5-0035-4870-bb25-53dc05029586.json │ │ │ ├── malware--a8d3d497-2da9-4797-8e0b-ed176be08654.json │ │ │ ├── malware--aa1462a1-d065-416c-b354-bedd04998c7f.json │ │ │ ├── malware--aad11e34-02ca-4220-91cd-2ed420af4db3.json │ │ │ ├── malware--aae22730-e571-4d17-b037-65f2a3e26213.json │ │ │ ├── malware--aaf3fa65-8b27-4e68-91de-2b7738fe4c82.json │ │ │ ├── malware--ab3580c8-8435-4117-aace-3d9fbe46aa56.json │ │ │ ├── malware--ac61f1f9-7bb1-465e-9b8a-c2ce8e88baf5.json │ │ │ ├── malware--ad4f146f-e3ec-444a-ba71-24bffd7f0f8e.json │ │ │ ├── malware--ade37ada-14af-4b44-b36c-210eec255d53.json │ │ │ ├── malware--ae9d818d-95d0-41da-b045-9cabea1ca164.json │ │ │ ├── malware--aecc0097-c9f8-4786-9b39-e891ff173f54.json │ │ │ ├── malware--af2ad3b7-ab6a-4807-91fd-51bcaff9acbb.json │ │ │ ├── malware--b00f90b6-c75c-4bfd-b813-ca9e6c9ebf29.json │ │ │ ├── malware--b0f13390-cec7-4814-b37c-ccec01887faa.json │ │ │ ├── malware--b136d088-a829-432c-ac26-5529c26d4c7e.json │ │ │ ├── malware--b143dfa4-e944-43ff-8429-bfffc308c517.json │ │ │ ├── malware--b1de6916-7a22-4460-8d26-6b5483ffaa2a.json │ │ │ ├── malware--b2203c59-4089-4ee4-bfe1-28fa25f0dbfe.json │ │ │ ├── malware--b2c5d3ca-b43a-4888-ad8d-e2d43497bf85.json │ │ │ ├── malware--b2d134a1-7bd5-4293-94d4-8fc978cb1cd7.json │ │ │ ├── malware--b42378e0-f147-496f-992a-26a49705395b.json │ │ │ ├── malware--b45747dc-87ca-4597-a245-7e16a61bc491.json │ │ │ ├── malware--b4d80f8b-d2b9-4448-8844-4bef777ed676.json │ │ │ ├── malware--b51797f7-57da-4210-b8ac-b8632ee75d70.json │ │ │ ├── malware--b57f419e-8b12-49d3-886b-145383725dcd.json │ │ │ ├── malware--b6b3dfc7-9a81-43ff-ac04-698bad48973a.json │ │ │ ├── malware--b7e9880a-7a7c-4162-bddb-e28e8ef2bf1f.json │ │ │ ├── malware--b865dded-0553-4962-a44b-6fe7863effed.json │ │ │ ├── malware--b879758f-bbc4-4cab-b5ba-177ac9b009b4.json │ │ │ ├── malware--b8eb28e4-48a6-40ae-951a-328714f75eda.json │ │ │ ├── malware--b8fdef82-d2cf-4948-8949-6466357b1be1.json │ │ │ ├── malware--b96680d1-5eb3-4f07-b95c-00ab904ac236.json │ │ │ ├── malware--b9704a7d-feef-4af9-8898-5280f1686326.json │ │ │ ├── malware--b9799466-9dd7-4098-b2d6-f999ce50b9a8.json │ │ │ ├── malware--b9eec47e-98f4-4b3c-b574-3fa8a87ebe05.json │ │ │ ├── malware--ba09b86c-1c40-4ff1-bda0-0d8c4ca35997.json │ │ │ ├── malware--bb3c1098-d654-4620-bf40-694386d28921.json │ │ │ ├── malware--bbcd7a02-ef24-4171-ac94-a93540173b94.json │ │ │ ├── malware--bd0536d7-b081-43ae-a773-cfb057c5b988.json │ │ │ ├── malware--bd7a9e13-69fa-4243-a5e5-04326a63f9f2.json │ │ │ ├── malware--bdb27a1d-1844-42f1-a0c0-826027ae0326.json │ │ │ ├── malware--bf48e7f8-752c-4ce8-bf8f-748edacd8fa6.json │ │ │ ├── malware--bfd2738c-8b43-43c3-bc9f-d523c8e88bf4.json │ │ │ ├── malware--c0c45d38-fe57-4cd4-b2b2-9ecd0ddd4ca9.json │ │ │ ├── malware--c0efbaae-9e7d-4716-a92d-68373aac7424.json │ │ │ ├── malware--c13d9621-aca7-436b-ab3d-3a95badb3d00.json │ │ │ ├── malware--c19cfc89-5ac6-4d2d-a236-70d2b32e007c.json │ │ │ ├── malware--c2417bab-3189-4d4d-9d60-96de2cdaf0ab.json │ │ │ ├── malware--c251e4a5-9a2e-4166-8e42-442af75c3b9a.json │ │ │ ├── malware--c41a8b7c-3e42-4eee-b87d-ad8a100ee878.json │ │ │ ├── malware--c4de7d83-e875-4c88-8b5d-06c41e5b7e79.json │ │ │ ├── malware--c541efb4-e7b1-4ad6-9da8-b4e113f5dd42.json │ │ │ ├── malware--c5e9cb46-aced-466c-85ea-7db5572ad9ec.json │ │ │ ├── malware--c709da93-20c3-4d17-ab68-48cba76b2137.json │ │ │ ├── malware--c80a6bef-b3ce-44d0-b113-946e93124898.json │ │ │ ├── malware--c8770c81-c29f-40d2-a140-38544206b2b4.json │ │ │ ├── malware--c8b6cc43-ce61-42ae-87f3-a5f10526f952.json │ │ │ ├── malware--c984b414-b766-44c5-814a-2fe96c913c12.json │ │ │ ├── malware--ca4f63b9-a358-4214-bb26-8c912318cfde.json │ │ │ ├── malware--cafd0bf8-2b9c-46c7-ae3c-3e0f42c5062e.json │ │ │ ├── malware--cb444a16-3ea5-4a91-88c6-f329adcb8af3.json │ │ │ ├── malware--cb741463-f0fe-42e0-8d45-bc7e8335f5ae.json │ │ │ ├── malware--cb7bcf6f-085f-41db-81ee-4b68481661b5.json │ │ │ ├── malware--cba78a1c-186f-4112-9e6a-be1839f030f7.json │ │ │ ├── malware--cbf646f1-7db5-4dc6-808b-0094313949df.json │ │ │ ├── malware--cc5497f7-a9e8-436f-94da-b2b4a9b9ad3c.json │ │ │ ├── malware--ccd61dfc-b03f-4689-8c18-7c97eab08472.json │ │ │ ├── malware--cf8df906-179c-4a78-bd6e-6605e30f6624.json │ │ │ ├── malware--cfc75b0d-e579-40ae-ad07-a1ce00d49a6c.json │ │ │ ├── malware--d05f7357-4cbe-47ea-bf83-b8604226d533.json │ │ │ ├── malware--d1183cb9-258e-4f2f-8415-50ac8252c49e.json │ │ │ ├── malware--d1531eaa-9e17-473e-a680-3298469662c3.json │ │ │ ├── malware--d186c1d6-e3ac-4c3d-a534-9ddfeb8c57bb.json │ │ │ ├── malware--d1b7830a-fced-4be3-a99c-f495af9d9e1b.json │ │ │ ├── malware--d1c600f8-0fb6-4367-921b-85b71947d950.json │ │ │ ├── malware--d20b397a-ea47-48a9-b503-2e2a3551e11d.json │ │ │ ├── malware--d2c7f8ad-3b50-4cfa-bbb1-799eff06fb40.json │ │ │ ├── malware--d3afa961-a80c-4043-9509-282cdf69ab21.json │ │ │ ├── malware--d5268dfb-ae2b-4e0e-ac07-02a460613d8a.json │ │ │ ├── malware--d69c8146-ab35-4d50-8382-6fc80e641d43.json │ │ │ ├── malware--d6b3fcd0-1c86-4350-96f0-965ed02fcc51.json │ │ │ ├── malware--d89c132d-7752-4c7f-9372-954a71522985.json │ │ │ ├── malware--d906e6f7-434c-44c0-b51a-ed50af8f7945.json │ │ │ ├── malware--d9e07aea-baad-4b68-bdca-90c77647d7f9.json │ │ │ ├── malware--d9f7383c-95ec-4080-bbce-121c9384457b.json │ │ │ ├── malware--da2ef4a9-7cbe-400a-a379-e2f230f28db3.json │ │ │ ├── malware--da5880b4-f7da-4869-85f2-e0aba84b8565.json │ │ │ ├── malware--db1355a7-e5c9-4e2c-8da7-eccf2ae9bf5c.json │ │ │ ├── malware--dc5d1a33-62aa-4a0c-aa8c-589b87beb11e.json │ │ │ ├── malware--dcac85c1-6485-4790-84f6-de5e6f6b91dd.json │ │ │ ├── malware--de6cb631-52f6-4169-a73b-7965390b0c30.json │ │ │ ├── malware--dfa03c7d-79ed-4ce2-b9d1-ddc9dbf56ad2.json │ │ │ ├── malware--dfb5fa9b-3051-4b97-8035-08f80aef945b.json │ │ │ ├── malware--dfdac962-9461-47f0-a212-36dfce2a97e6.json │ │ │ ├── malware--e066bf86-9cfb-407a-9d25-26fd5d91e360.json │ │ │ ├── malware--e1161124-f22e-487f-9d5f-ed8efc8dcd61.json │ │ │ ├── malware--e13d084c-382f-40fd-aa9a-98d69e20301e.json │ │ │ ├── malware--e170995d-4f61-4f17-b60e-04f9a06ee517.json │ │ │ ├── malware--e2031fd5-02c2-43d4-85e2-b64f474530c2.json │ │ │ ├── malware--e33e4603-afab-402d-b2a1-248d435b5fe0.json │ │ │ ├── malware--e3cedcfe-6515-4348-af65-7f2c4157bf0d.json │ │ │ ├── malware--e48df773-7c95-4a4c-ba70-ea3d15900148.json │ │ │ ├── malware--e494ad79-37ee-4cd0-866b-299c521d8b94.json │ │ │ ├── malware--e669bb87-f773-4c7b-bfcc-a9ffebfdd8d4.json │ │ │ ├── malware--e6ef745b-077f-42e1-a37d-29eecff9c754.json │ │ │ ├── malware--e7a5229f-05eb-440e-b982-9a6d2b2b87c8.json │ │ │ ├── malware--e811ff6a-4cef-4856-a6ae-a7daf9ed39ae.json │ │ │ ├── malware--e8268361-a599-4e45-bd3f-71c8c7e700c0.json │ │ │ ├── malware--e8545794-b98c-492b-a5b3-4b5a02682e37.json │ │ │ ├── malware--e85cae1a-bce3-4ac4-b36b-b00acac0567b.json │ │ │ ├── malware--e9595678-d269-469e-ae6b-75e49259de63.json │ │ │ ├── malware--e9e9bfe2-76f4-4870-a2a1-b7af89808613.json │ │ │ ├── malware--eac3d77f-2b7b-4599-ba74-948dc16633ad.json │ │ │ ├── malware--ecc2f65a-b452-4eaf-9689-7e181f17f7a5.json │ │ │ ├── malware--edb24a93-1f7a-4bbf-a738-1397a14662c6.json │ │ │ ├── malware--edf5aee2-9b1c-4252-8e64-25b12f14c8b3.json │ │ │ ├── malware--eedc01d5-95e6-4d21-bcd4-1121b1df4586.json │ │ │ ├── malware--ef2247bf-8062-404b-894f-d65d00564817.json │ │ │ ├── malware--efece7e8-e40b-49c2-9f84-c55c5c93d05c.json │ │ │ ├── malware--eff1a885-6f90-42a1-901f-eef6e7a1905e.json │ │ │ ├── malware--f01e2711-4b48-4192-a2e8-5f56c945ca19.json │ │ │ ├── malware--f082fc59-0317-49cf-971f-a1b6296ebb52.json │ │ │ ├── malware--f0fc920e-57a3-4af5-89be-9ea594c8b1ea.json │ │ │ ├── malware--f108215f-3487-489d-be8b-80e346d32518.json │ │ │ ├── malware--f1314e75-ada8-49f4-b281-b1fb8b48f2a7.json │ │ │ ├── malware--f25aab1a-0cef-4910-a85d-bb38b32ea41a.json │ │ │ ├── malware--f2e8c7a1-cae1-45c4-baf0-6f21bdcbb2c2.json │ │ │ ├── malware--f36b2598-515f-4345-84e5-5ccde253edbe.json │ │ │ ├── malware--f4c80d39-ce10-4f74-9b50-a7e3f5df1f2e.json │ │ │ ├── malware--f4d8a2d6-c684-453a-8a14-cf4a94f755c5.json │ │ │ ├── malware--f5352566-1a64-49ac-8f7f-97e1d1a03300.json │ │ │ ├── malware--f666e17c-b290-43b3-8947-b96bd5148fbb.json │ │ │ ├── malware--f6ac21b6-2592-400c-8472-10d0e2f1bfaf.json │ │ │ ├── malware--f6ae7a52-f3b6-4525-9daf-640c083f006e.json │ │ │ ├── malware--f6d1d2cb-12f5-4221-9636-44606ea1f3f8.json │ │ │ ├── malware--f72251cb-2be5-421f-a081-99c29a1209e7.json │ │ │ ├── malware--f79c01eb-2954-40d8-a819-00b342f47ce7.json │ │ │ ├── malware--f8dfbc54-b070-4224-b560-79aaa5f835bd.json │ │ │ ├── malware--f9854ba6-989d-43bf-828b-7240b8a65291.json │ │ │ ├── malware--f99f3dcc-683f-4936-8791-075ac5e58f10.json │ │ │ ├── malware--f9b05f33-d45d-4e4d-aafe-c208d38a0080.json │ │ │ ├── malware--fb261c56-b80e-43a9-8351-c84081e7213d.json │ │ │ ├── malware--fb4e3792-e915-4fdd-a9cd-92dfa2ace7aa.json │ │ │ ├── malware--fb575479-14ef-41e9-bfab-0b7cf10bec73.json │ │ │ ├── malware--fbb470da-1d44-4f29-bbb3-9efbe20f94a3.json │ │ │ ├── malware--fc774af4-533b-4724-96d2-ac1026316794.json │ │ │ ├── malware--fde50aaa-f5de-4cb8-989a-babb57d6a704.json │ │ │ ├── malware--fece06b7-d4b1-42cf-b81a-5323c917546e.json │ │ │ ├── malware--ff6840c9-4c87-4d07-bbb6-9f50aa33d498.json │ │ │ ├── malware--ff742eeb-1f90-4f5a-8b92-9d40fffd99ca.json │ │ │ └── malware--ff8e0c38-be47-410f-a2d3-a3d24a87c617.json │ │ ├── mappings.json │ │ ├── relationships.json │ │ ├── threat-actors │ │ │ ├── intrusion-set--00f67a77-86a4-4adf-be26-1a54fc713340.json │ │ │ ├── intrusion-set--06a11b7e-2a36-47fe-8d3e-82c265df3258.json │ │ │ ├── intrusion-set--090242d7-73fc-4738-af68-20162f7a5aae.json │ │ │ ├── intrusion-set--0bbdf25b-30ff-4894-a1cd-49260d0dd2d9.json │ │ │ ├── intrusion-set--0ec2f388-bf0f-4b5c-97b1-fc736d26c25f.json │ │ │ ├── intrusion-set--17862c7d-9e60-48a0-b48e-da4dc4c3f6b0.json │ │ │ ├── intrusion-set--18854f55-ac7c-4634-bd9a-352dd07613b7.json │ │ │ ├── intrusion-set--1c63d4ec-0a75-4daa-b1df-0d11af3d3cc1.json │ │ │ ├── intrusion-set--222fbd21-fc4f-4b7e-9f85-0e6e3a76c33f.json │ │ │ ├── intrusion-set--269e8108-68c6-4f99-b911-14b2e765dec2.json │ │ │ ├── intrusion-set--277d2f87-2ae5-4730-a3aa-50c1fdff9656.json │ │ │ ├── intrusion-set--2a158b0a-7ef8-43cb-9985-bf34d1e12050.json │ │ │ ├── intrusion-set--2a7914cf-dff3-428d-ab0f-1014d1c28aeb.json │ │ │ ├── intrusion-set--32bca8ff-d900-4877-aa65-d70baa041b74.json │ │ │ ├── intrusion-set--6713ab67-e25b-49cc-808d-2b36d4fbc35c.json │ │ │ ├── intrusion-set--7113eaa5-ba79-4fb3-b68a-398ee9cd698e.json │ │ │ ├── intrusion-set--7331c66a-5601-4d3f-acf6-ad9e3035eb40.json │ │ │ ├── intrusion-set--7ecc3b4f-5cdb-457e-b55a-df376b359446.json │ │ │ ├── intrusion-set--7eda3dd8-b09b-4705-8090-c2ad9fb8c14d.json │ │ │ ├── intrusion-set--88489675-d216-4884-a98f-49a89fcc1643.json │ │ │ ├── intrusion-set--8c1f0187-0826-4320-bddc-5f326cfcfe2c.json │ │ │ ├── intrusion-set--8f5e8dc7-739d-4f5e-a8a1-a66e004d7063.json │ │ │ ├── intrusion-set--92d5b3fd-3b39-438e-af68-770e447beada.json │ │ │ ├── intrusion-set--96e239be-ad99-49eb-b127-3007b8c1bec9.json │ │ │ ├── intrusion-set--a653431d-6a5e-4600-8ad3-609b5af57064.json │ │ │ ├── intrusion-set--ae41895a-243f-4a65-b99b-d85022326c31.json │ │ │ ├── intrusion-set--c47f937f-1022-4f42-8525-e7a4779a14cb.json │ │ │ ├── intrusion-set--c5947e1c-1cbc-434c-94b8-27c7e3be0fff.json │ │ │ ├── intrusion-set--c93fccb1-e8e8-42cf-ae33-2ad1d183913a.json │ │ │ ├── intrusion-set--d0b3393b-3bec-4ba3-bda9-199d30db47b6.json │ │ │ ├── intrusion-set--d69e568e-9ac8-4c08-b32c-d93b43ba9172.json │ │ │ ├── intrusion-set--dcd81c6e-ebf7-4a16-93e0-9a97fa49c88a.json │ │ │ ├── intrusion-set--ead23196-d7b6-4ce6-a124-4ab4b67d81bd.json │ │ │ └── intrusion-set--fbd29c89-18ba-4c2d-b792-51c0adee049f.json │ │ └── tools │ │ │ ├── tool--03342581-f790-4f03-ba41-e82e67392e23.json │ │ │ ├── tool--066b057c-944e-4cfc-b654-e3dfba04b926.json │ │ │ ├── tool--0a68f1f1-da74-4d28-8d9a-696c082706cc.json │ │ │ ├── tool--0c8465c0-d0b4-4670-992e-4eee8d7ff952.json │ │ │ ├── tool--102c3898-85e0-43ee-ae28-62a0a3ed9507.json │ │ │ ├── tool--115f88dd-0618-4389-83cb-98d33ae81848.json │ │ │ ├── tool--13cd9151-83b7-410d-9f98-25d0f0d1d80d.json │ │ │ ├── tool--1622fd3d-fcfc-4d02-ac49-f2d786f79b81.json │ │ │ ├── tool--242f3da3-4425-4d11-8f5c-b842886da966.json │ │ │ ├── tool--26c87906-d750-42c5-946c-d4162c73fc7b.json │ │ │ ├── tool--294e2560-bd48-44b2-9da2-833b5588ad11.json │ │ │ ├── tool--2e45723a-31da-4a7e-aaa6-e01998a6788f.json │ │ │ ├── tool--2fab555f-7664-4623-b4e0-1675ae38190b.json │ │ │ ├── tool--30489451-5886-4c46-90c9-0dff9adc5252.json │ │ │ ├── tool--33b9e38f-103c-412d-bdcf-904a91fff1e4.json │ │ │ ├── tool--3433a9e8-1c47-4320-b9bf-ed449061d1c3.json │ │ │ ├── tool--362dc67f-4e85-4562-9dac-1b6b7f3ec4b5.json │ │ │ ├── tool--38952eac-cb1b-4a71-bad2-ee8223a1c8fe.json │ │ │ ├── tool--3ffbdc1f-d2bf-41ab-91a2-c7b857e98079.json │ │ │ ├── tool--4664b683-f578-434f-919b-1c1aad2a1111.json │ │ │ ├── tool--4b57c098-f043-4da2-83ef-7588a6d426bc.json │ │ │ ├── tool--4f45dfeb-fe51-4df0-8db3-edf7dd0513fe.json │ │ │ ├── tool--4fa49fc0-9162-4bdb-a37e-7aa3dcb6d38b.json │ │ │ ├── tool--5a33468d-844d-4b1f-98c9-0e786c556b27.json │ │ │ ├── tool--5a63f900-5e7e-4928-a746-dd4558e1df71.json │ │ │ ├── tool--5fc81b43-62b5-41b1-9113-c79ae5f030c4.json │ │ │ ├── tool--64764dc6-a032-495f-8250-1e4c06bdc163.json │ │ │ ├── tool--65370d0b-3bd4-4653-8cf9-daf56f6be830.json │ │ │ ├── tool--7cd0bc75-055b-4098-a00e-83dc8beaff14.json │ │ │ ├── tool--7fcbc4e8-1989-441f-9ac5-e7b6ff5806f1.json │ │ │ ├── tool--8f8cd191-902c-4e83-bf20-b57c8c4640e9.json │ │ │ ├── tool--90ac9266-68ce-46f2-b24f-5eb3b2a8ea38.json │ │ │ ├── tool--90ec2b22-7061-4469-b539-0989ec4f96c2.json │ │ │ ├── tool--96fd6cc4-a693-4118-83ec-619e5352d07d.json │ │ │ ├── tool--975737f1-b10d-476f-8bda-3ec26ea57172.json │ │ │ ├── tool--981acc4c-2ede-4b56-be6e-fa1a75f37acf.json │ │ │ ├── tool--999c4e6e-b8dc-4b4f-8d6e-1b829f29997e.json │ │ │ ├── tool--9a2640c2-9f43-46fe-b13f-bde881e55555.json │ │ │ ├── tool--9de2308e-7bed-43a3-8e58-f194b3586700.json │ │ │ ├── tool--a1dd2dbd-1550-44bf-abcc-1a4c52e97719.json │ │ │ ├── tool--a52edc76-328d-4596-85e7-d56ef5a9eb69.json │ │ │ ├── tool--afc079f3-c0ea-4096-b75d-3f05338b7f60.json │ │ │ ├── tool--b07c2c47-fefb-4d7c-a69e-6a3296171f54.json │ │ │ ├── tool--b35068ec-107a-4266-bda8-eb7036267aea.json │ │ │ ├── tool--b52d6583-14a2-4ddc-8527-87fd2142558f.json │ │ │ ├── tool--b76b2d94-60e4-4107-a903-4a3a7622fb3b.json │ │ │ ├── tool--b77b563c-34bb-4fb8-86a3-3694338f7b47.json │ │ │ ├── tool--bba595da-b73a-4354-aa6c-224d4de7cb4e.json │ │ │ ├── tool--c11ac61d-50f4-444f-85d8-6f006067f0de.json │ │ │ ├── tool--c256da91-6dd5-40b2-beeb-ee3b22ab3d27.json │ │ │ ├── tool--c4810609-7da6-48ec-8057-1b70a7814db0.json │ │ │ ├── tool--c8655260-9f4b-44e3-85e1-6538a5f6e4f4.json │ │ │ ├── tool--c9703cd3-141c-43a0-a926-380082be5d04.json │ │ │ ├── tool--c9cd7ec9-40b7-49db-80be-1399eddd9c52.json │ │ │ ├── tool--ca656c25-44f1-471b-9d9f-e2a3bbb84973.json │ │ │ ├── tool--cb69b20d-56d0-41ab-8440-4a4b251614d4.json │ │ │ ├── tool--cde2d700-9ed1-46cf-9bce-07364fe8b24f.json │ │ │ ├── tool--cf23bf4a-e003-4116-bbae-1ea6c558d565.json │ │ │ ├── tool--d5e96a35-7b0b-4c6a-9533-d63ecbda563e.json │ │ │ ├── tool--d8d19e33-94fd-4aa3-b94a-08ee801a2153.json │ │ │ ├── tool--da04ac30-27da-4959-a67d-450ce47d9470.json │ │ │ ├── tool--da21929e-40c0-443d-bdf4-6b60d15448b4.json │ │ │ ├── tool--ed7d0cb1-87a6-43b4-9f46-ef1bc56d6c68.json │ │ │ ├── tool--f59508a6-3615-47c3-b493-6676e1a39a87.json │ │ │ ├── tool--fbd727ea-c0dc-42a9-8448-9e12962d1ab5.json │ │ │ └── tool--ff6caf67-ea1f-4895-b80e-4bb0fc31c6db.json │ └── vocabulary.json ├── context.py ├── data │ ├── asns │ │ ├── Afghanistan.json │ │ ├── Albania.json │ │ ├── Algeria.json │ │ ├── American_Samoa.json │ │ ├── Andorra.json │ │ ├── Angola.json │ │ ├── Anguilla.json │ │ ├── Antigua_and_Barbuda.json │ │ ├── Argentina.json │ │ ├── Armenia.json │ │ ├── Aruba.json │ │ ├── Australia.json │ │ ├── Austria.json │ │ ├── Azerbaijan.json │ │ ├── Bahamas.json │ │ ├── Bahrain.json │ │ ├── Bangladesh.json │ │ ├── Barbados.json │ │ ├── Belarus.json │ │ ├── Belgium.json │ │ ├── Belize.json │ │ ├── Benin.json │ │ ├── Bermuda.json │ │ ├── Bhutan.json │ │ ├── Bolivia.json │ │ ├── Bosnia_and_Herzegovina.json │ │ ├── Botswana.json │ │ ├── Brazil.json │ │ ├── British_Virgin_Islands.json │ │ ├── Brunei.json │ │ ├── Bulgaria.json │ │ ├── Burkina_Faso.json │ │ ├── Burma.json │ │ ├── Burundi.json │ │ ├── Cabo_Verde.json │ │ ├── Cambodia.json │ │ ├── Cameroon.json │ │ ├── Canada.json │ │ ├── Cayman_Islands.json │ │ ├── Central_African_Republic.json │ │ ├── Chad.json │ │ ├── Chile.json │ │ ├── China.json │ │ ├── Colombia.json │ │ ├── Comoros.json │ │ ├── Congo_Democratic_Republic_of_the.json │ │ ├── Congo_Republic_of_the.json │ │ ├── Cook_Islands.json │ │ ├── Costa_Rica.json │ │ ├── Cote_dIvoire.json │ │ ├── Croatia.json │ │ ├── Cuba.json │ │ ├── Curacao.json │ │ ├── Cyprus.json │ │ ├── Czechia.json │ │ ├── Denmark.json │ │ ├── Djibouti.json │ │ ├── Dominica.json │ │ ├── Dominican_Republic.json │ │ ├── Ecuador.json │ │ ├── Egypt.json │ │ ├── El_Salvador.json │ │ ├── Equatorial_Guinea.json │ │ ├── Eritrea.json │ │ ├── Estonia.json │ │ ├── Eswatini.json │ │ ├── Ethiopia.json │ │ ├── Faroe_Islands.json │ │ ├── Fiji.json │ │ ├── Finland.json │ │ ├── France.json │ │ ├── French_Polynesia.json │ │ ├── Gabon.json │ │ ├── Gambia.json │ │ ├── Gaza_Strip.json │ │ ├── Georgia.json │ │ ├── Germany.json │ │ ├── Ghana.json │ │ ├── Gibraltar.json │ │ ├── Greece.json │ │ ├── Greenland.json │ │ ├── Grenada.json │ │ ├── Guam.json │ │ ├── Guatemala.json │ │ ├── Guernsey.json │ │ ├── Guinea-Bissau.json │ │ ├── Guinea.json │ │ ├── Guyana.json │ │ ├── Haiti.json │ │ ├── Honduras.json │ │ ├── Hong_Kong.json │ │ ├── Hungary.json │ │ ├── Iceland.json │ │ ├── India.json │ │ ├── Indonesia.json │ │ ├── Iran.json │ │ ├── Iraq.json │ │ ├── Ireland.json │ │ ├── Isle_of_Man.json │ │ ├── Israel.json │ │ ├── Italy.json │ │ ├── Jamaica.json │ │ ├── Japan.json │ │ ├── Jersey.json │ │ ├── Jordan.json │ │ ├── Kazakhstan.json │ │ ├── Kenya.json │ │ ├── Kiribati.json │ │ ├── Korea_North.json │ │ ├── Korea_South.json │ │ ├── Kosovo.json │ │ ├── Kuwait.json │ │ ├── Kyrgyzstan.json │ │ ├── Laos.json │ │ ├── Latvia.json │ │ ├── Lebanon.json │ │ ├── Lesotho.json │ │ ├── Liberia.json │ │ ├── Libya.json │ │ ├── Liechtenstein.json │ │ ├── Lithuania.json │ │ ├── Luxembourg.json │ │ ├── Macau.json │ │ ├── Madagascar.json │ │ ├── Malawi.json │ │ ├── Malaysia.json │ │ ├── Maldives.json │ │ ├── Mali.json │ │ ├── Malta.json │ │ ├── Marshall_Islands.json │ │ ├── Mauritania.json │ │ ├── Mauritius.json │ │ ├── Mexico.json │ │ ├── Micronesia_Federated_States_of.json │ │ ├── Moldova.json │ │ ├── Monaco.json │ │ ├── Mongolia.json │ │ ├── Montenegro.json │ │ ├── Montserrat.json │ │ ├── Morocco.json │ │ ├── Mozambique.json │ │ ├── Namibia.json │ │ ├── Nauru.json │ │ ├── Nepal.json │ │ ├── Netherlands.json │ │ ├── New_Caledonia.json │ │ ├── New_Zealand.json │ │ ├── Nicaragua.json │ │ ├── Niger.json │ │ ├── Nigeria.json │ │ ├── North_Macedonia.json │ │ ├── Norway.json │ │ ├── Oman.json │ │ ├── Pakistan.json │ │ ├── Palau.json │ │ ├── Panama.json │ │ ├── Papua_New_Guinea.json │ │ ├── Paraguay.json │ │ ├── Peru.json │ │ ├── Philippines.json │ │ ├── Poland.json │ │ ├── Portugal.json │ │ ├── Puerto_Rico.json │ │ ├── Qatar.json │ │ ├── Romania.json │ │ ├── Russia.json │ │ ├── Rwanda.json │ │ ├── Saint_Kitts_and_Nevis.json │ │ ├── Saint_Lucia.json │ │ ├── Saint_Martin.json │ │ ├── Saint_Vincent_and_the_Grenadines.json │ │ ├── Samoa.json │ │ ├── San_Marino.json │ │ ├── Sao_Tome_and_Principe.json │ │ ├── Saudi_Arabia.json │ │ ├── Senegal.json │ │ ├── Serbia.json │ │ ├── Seychelles.json │ │ ├── Sierra_Leone.json │ │ ├── Singapore.json │ │ ├── Slovakia.json │ │ ├── Slovenia.json │ │ ├── Solomon_Islands.json │ │ ├── Somalia.json │ │ ├── South_Africa.json │ │ ├── South_Sudan.json │ │ ├── Spain.json │ │ ├── Sri_Lanka.json │ │ ├── Sudan.json │ │ ├── Suriname.json │ │ ├── Sweden.json │ │ ├── Switzerland.json │ │ ├── Syria.json │ │ ├── Taiwan.json │ │ ├── Tajikistan.json │ │ ├── Tanzania.json │ │ ├── Thailand.json │ │ ├── Timor-Leste.json │ │ ├── Togo.json │ │ ├── Tonga.json │ │ ├── Trinidad_and_Tobago.json │ │ ├── Tunisia.json │ │ ├── Turkey.json │ │ ├── Turkmenistan.json │ │ ├── Turks_and_Caicos_Islands.json │ │ ├── Tuvalu.json │ │ ├── Uganda.json │ │ ├── Ukraine.json │ │ ├── United_Arab_Emirates.json │ │ ├── United_Kingdom.json │ │ ├── United_States.json │ │ ├── Uruguay.json │ │ ├── Uzbekistan.json │ │ ├── Vanuatu.json │ │ ├── Venezuela.json │ │ ├── Vietnam.json │ │ ├── Virgin_Islands.json │ │ ├── Wallis_and_Futuna.json │ │ ├── West_Bank.json │ │ ├── Yemen.json │ │ ├── Zambia.json │ │ └── Zimbabwe.json │ ├── cia_world_factbook │ │ ├── location--0.json │ │ ├── location--1.json │ │ ├── location--10.json │ │ ├── location--100.json │ │ ├── location--101.json │ │ ├── location--102.json │ │ ├── location--103.json │ │ ├── location--104.json │ │ ├── location--105.json │ │ ├── location--106.json │ │ ├── location--107.json │ │ ├── location--108.json │ │ ├── location--109.json │ │ ├── location--11.json │ │ ├── location--110.json │ │ ├── location--111.json │ │ ├── location--112.json │ │ ├── location--113.json │ │ ├── location--114.json │ │ ├── location--115.json │ │ ├── location--116.json │ │ ├── location--117.json │ │ ├── location--118.json │ │ ├── location--119.json │ │ ├── location--12.json │ │ ├── location--120.json │ │ ├── location--121.json │ │ ├── location--122.json │ │ ├── location--123.json │ │ ├── location--124.json │ │ ├── location--125.json │ │ ├── location--126.json │ │ ├── location--127.json │ │ ├── location--128.json │ │ ├── location--129.json │ │ ├── location--13.json │ │ ├── location--130.json │ │ ├── location--131.json │ │ ├── location--132.json │ │ ├── location--133.json │ │ ├── location--134.json │ │ ├── location--135.json │ │ ├── location--136.json │ │ ├── location--137.json │ │ ├── location--138.json │ │ ├── location--139.json │ │ ├── location--14.json │ │ ├── location--140.json │ │ ├── location--141.json │ │ ├── location--142.json │ │ ├── location--143.json │ │ ├── location--144.json │ │ ├── location--145.json │ │ ├── location--146.json │ │ ├── location--147.json │ │ ├── location--148.json │ │ ├── location--149.json │ │ ├── location--15.json │ │ ├── location--150.json │ │ ├── location--151.json │ │ ├── location--152.json │ │ ├── location--153.json │ │ ├── location--154.json │ │ ├── location--155.json │ │ ├── location--156.json │ │ ├── location--157.json │ │ ├── location--158.json │ │ ├── location--159.json │ │ ├── location--16.json │ │ ├── location--160.json │ │ ├── location--161.json │ │ ├── location--162.json │ │ ├── location--163.json │ │ ├── location--164.json │ │ ├── location--165.json │ │ ├── location--166.json │ │ ├── location--167.json │ │ ├── location--168.json │ │ ├── location--169.json │ │ ├── location--17.json │ │ ├── location--170.json │ │ ├── location--171.json │ │ ├── location--172.json │ │ ├── location--173.json │ │ ├── location--174.json │ │ ├── location--175.json │ │ ├── location--176.json │ │ ├── location--177.json │ │ ├── location--178.json │ │ ├── location--179.json │ │ ├── location--18.json │ │ ├── location--180.json │ │ ├── location--181.json │ │ ├── location--182.json │ │ ├── location--183.json │ │ ├── location--184.json │ │ ├── location--185.json │ │ ├── location--186.json │ │ ├── location--187.json │ │ ├── location--188.json │ │ ├── location--189.json │ │ ├── location--19.json │ │ ├── location--190.json │ │ ├── location--191.json │ │ ├── location--192.json │ │ ├── location--193.json │ │ ├── location--194.json │ │ ├── location--195.json │ │ ├── location--196.json │ │ ├── location--197.json │ │ ├── location--198.json │ │ ├── location--199.json │ │ ├── location--2.json │ │ ├── location--20.json │ │ ├── location--200.json │ │ ├── location--201.json │ │ ├── location--202.json │ │ ├── location--203.json │ │ ├── location--204.json │ │ ├── location--205.json │ │ ├── location--206.json │ │ ├── location--207.json │ │ ├── location--208.json │ │ ├── location--209.json │ │ ├── location--21.json │ │ ├── location--210.json │ │ ├── location--211.json │ │ ├── location--212.json │ │ ├── location--213.json │ │ ├── location--214.json │ │ ├── location--215.json │ │ ├── location--216.json │ │ ├── location--217.json │ │ ├── location--218.json │ │ ├── location--219.json │ │ ├── location--22.json │ │ ├── location--220.json │ │ ├── location--221.json │ │ ├── location--23.json │ │ ├── location--24.json │ │ ├── location--25.json │ │ ├── location--26.json │ │ ├── location--27.json │ │ ├── location--28.json │ │ ├── location--29.json │ │ ├── location--3.json │ │ ├── location--30.json │ │ ├── location--31.json │ │ ├── location--32.json │ │ ├── location--33.json │ │ ├── location--34.json │ │ ├── location--35.json │ │ ├── location--36.json │ │ ├── location--37.json │ │ ├── location--38.json │ │ ├── location--39.json │ │ ├── location--4.json │ │ ├── location--40.json │ │ ├── location--41.json │ │ ├── location--42.json │ │ ├── location--43.json │ │ ├── location--44.json │ │ ├── location--45.json │ │ ├── location--46.json │ │ ├── location--47.json │ │ ├── location--48.json │ │ ├── location--49.json │ │ ├── location--5.json │ │ ├── location--50.json │ │ ├── location--51.json │ │ ├── location--52.json │ │ ├── location--53.json │ │ ├── location--54.json │ │ ├── location--55.json │ │ ├── location--56.json │ │ ├── location--57.json │ │ ├── location--58.json │ │ ├── location--59.json │ │ ├── location--6.json │ │ ├── location--60.json │ │ ├── location--61.json │ │ ├── location--62.json │ │ ├── location--63.json │ │ ├── location--64.json │ │ ├── location--65.json │ │ ├── location--66.json │ │ ├── location--67.json │ │ ├── location--68.json │ │ ├── location--69.json │ │ ├── location--7.json │ │ ├── location--70.json │ │ ├── location--71.json │ │ ├── location--72.json │ │ ├── location--73.json │ │ ├── location--74.json │ │ ├── location--75.json │ │ ├── location--76.json │ │ ├── location--77.json │ │ ├── location--78.json │ │ ├── location--79.json │ │ ├── location--8.json │ │ ├── location--80.json │ │ ├── location--81.json │ │ ├── location--82.json │ │ ├── location--83.json │ │ ├── location--84.json │ │ ├── location--85.json │ │ ├── location--86.json │ │ ├── location--87.json │ │ ├── location--88.json │ │ ├── location--89.json │ │ ├── location--9.json │ │ ├── location--90.json │ │ ├── location--91.json │ │ ├── location--92.json │ │ ├── location--93.json │ │ ├── location--94.json │ │ ├── location--95.json │ │ ├── location--96.json │ │ ├── location--97.json │ │ ├── location--98.json │ │ └── location--99.json │ ├── disney_names.txt │ ├── geoseed.json │ ├── organization_names.txt │ └── personality_traits.txt ├── filestore.py └── simulator.py ├── docs ├── _config.yml ├── images │ └── input_folder.png └── index.md ├── sample_configs ├── randomize_actors_large_pdfjson.json ├── randomize_actors_small_pdf.json ├── randomize_all_large_pdfjson.json ├── randomize_all_small_pdf.json ├── randomize_countries_large_pdf.json └── randomize_countries_small_json.json └── setup.py /cdas/__init__.py: -------------------------------------------------------------------------------- 1 | # __init__.py 2 | 3 | # Version of the cdas package 4 | __version__ = "0.0.6" -------------------------------------------------------------------------------- /cdas/assets/images/CDAS.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cmu-sei/CDAS/7ee019eaa0d639c296df065444ac180450babe12/cdas/assets/images/CDAS.png -------------------------------------------------------------------------------- /cdas/assets/images/html_output.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cmu-sei/CDAS/7ee019eaa0d639c296df065444ac180450babe12/cdas/assets/images/html_output.png -------------------------------------------------------------------------------- /cdas/assets/images/misp_import.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cmu-sei/CDAS/7ee019eaa0d639c296df065444ac180450babe12/cdas/assets/images/misp_import.png -------------------------------------------------------------------------------- /cdas/assets/images/misp_output.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cmu-sei/CDAS/7ee019eaa0d639c296df065444ac180450babe12/cdas/assets/images/misp_output.png -------------------------------------------------------------------------------- /cdas/assets/images/pdf_output.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cmu-sei/CDAS/7ee019eaa0d639c296df065444ac180450babe12/cdas/assets/images/pdf_output.png -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/attack-patterns/attack-pattern--948a447c-d783-4ba0-8516-a64140fcacd5.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "attack-pattern--948a447c-d783-4ba0-8516-a64140fcacd5", 3 | "description": "Adversaries may use non-standard ports to exfiltrate information.", 4 | "name": "Uncommonly Used Port", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "external_id": "T1509", 9 | "source_name": "mitre-mobile-attack", 10 | "url": "https://attack.mitre.org/techniques/T1509" 11 | } 12 | ], 13 | "type": "attack-pattern", 14 | "kill_chain_phases": [ 15 | { 16 | "kill_chain_name": "mitre-mobile-attack", 17 | "phase_name": "command-and-control" 18 | } 19 | ], 20 | "modified": "2019-09-11T13:27:50.344Z", 21 | "created": "2019-08-01T13:44:09.368Z", 22 | "x_mitre_detection": "Detection would most likely be at the enterprise level, through packet and/or netflow inspection. Many properly configured firewalls may also naturally block command and control traffic over non-standard ports.", 23 | "x_mitre_platforms": [ 24 | "Android", 25 | "iOS" 26 | ], 27 | "x_mitre_tactic_type": [ 28 | "Post-Adversary Device Access" 29 | ], 30 | "x_mitre_version": "1.0" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/attack-patterns/attack-pattern--e4c347e9-fb91-4bc5-83b8-391e389131e2.json: -------------------------------------------------------------------------------- 1 | { 2 | "external_references": [ 3 | { 4 | "external_id": "T1507", 5 | "source_name": "mitre-mobile-attack", 6 | "url": "https://attack.mitre.org/techniques/T1507" 7 | } 8 | ], 9 | "created_by_ref": "The MITRE Corporation", 10 | "name": "Network Information Discovery", 11 | "description": "Adversaries may use device sensors to collect information about nearby networks, such as Wi-Fi and Bluetooth.", 12 | "id": "attack-pattern--e4c347e9-fb91-4bc5-83b8-391e389131e2", 13 | "type": "attack-pattern", 14 | "kill_chain_phases": [ 15 | { 16 | "kill_chain_name": "mitre-mobile-attack", 17 | "phase_name": "collection" 18 | } 19 | ], 20 | "modified": "2019-07-10T15:18:16.753Z", 21 | "created": "2019-07-10T15:18:16.753Z", 22 | "x_mitre_version": "1.0", 23 | "x_mitre_tactic_type": [ 24 | "Post-Adversary Device Access" 25 | ], 26 | "x_mitre_platforms": [ 27 | "Android" 28 | ] 29 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/attack-patterns/attack-pattern--f981d199-2720-467e-9dc9-eea04dbe05cf.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "attack-pattern--f981d199-2720-467e-9dc9-eea04dbe05cf", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Generate Fraudulent Advertising Revenue", 5 | "description": "An adversary could seek to generate fraudulent advertising revenue from mobile devices, for example by triggering automatic clicks of advertising links without user involvement.", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-mobile-attack", 9 | "url": "https://attack.mitre.org/techniques/T1472", 10 | "external_id": "T1472" 11 | } 12 | ], 13 | "type": "attack-pattern", 14 | "kill_chain_phases": [ 15 | { 16 | "kill_chain_name": "mitre-mobile-attack", 17 | "phase_name": "impact" 18 | } 19 | ], 20 | "modified": "2019-07-03T20:21:22.168Z", 21 | "created": "2017-10-25T14:48:18.937Z", 22 | "x_mitre_old_attack_id": "MOB-T1075", 23 | "x_mitre_version": "1.0", 24 | "x_mitre_tactic_type": [ 25 | "Post-Adversary Device Access" 26 | ], 27 | "x_mitre_platforms": [ 28 | "Android", 29 | "iOS" 30 | ] 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--0beabf44-e8d8-4ae4-9122-ef56369a2564.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--0beabf44-e8d8-4ae4-9122-ef56369a2564", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Use Recent OS Version", 5 | "description": "New mobile operating system versions bring not only patches against discovered vulnerabilities but also often bring security architecture improvements that provide resilience against potential vulnerabilities or weaknesses that have not yet been discovered. They may also bring improvements that block use of observed adversary techniques.", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1006", 10 | "external_id": "M1006" 11 | } 12 | ], 13 | "x_mitre_version": "1.0", 14 | "x_mitre_old_attack_id": "MOB-M1006", 15 | "type": "course-of-action", 16 | "modified": "2018-10-17T00:14:20.652Z", 17 | "created": "2017-10-25T14:48:51.657Z" 18 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--12241367-a8b7-49b4-b86e-2236901ba50c.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--12241367-a8b7-49b4-b86e-2236901ba50c", 3 | "type": "course-of-action", 4 | "created": "2019-06-10T20:46:02.263Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1031", 10 | "external_id": "M1031" 11 | } 12 | ], 13 | "description": "Use intrusion detection signatures to block traffic at network boundaries.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2019-06-10T20:46:02.263Z", 16 | "name": "Network Intrusion Prevention" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--15437c6d-b998-4a36-be41-4ace3d54d266.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--15437c6d-b998-4a36-be41-4ace3d54d266", 3 | "type": "course-of-action", 4 | "created": "2019-06-06T16:47:30.700Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1016", 10 | "external_id": "M1016" 11 | } 12 | ], 13 | "description": "Vulnerability scanning is used to find potentially exploitable software vulnerabilities to remediate them.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-07-14T22:22:06.356Z", 16 | "name": "Vulnerability Scanning" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--1dcaeb21-9348-42ea-950a-f842aaf1ae1f.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--1dcaeb21-9348-42ea-950a-f842aaf1ae1f", 3 | "type": "course-of-action", 4 | "created": "2019-06-11T16:30:16.672Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1035", 10 | "external_id": "M1035" 11 | } 12 | ], 13 | "description": "Prevent access to file shares, remote access to systems, unnecessary services. Mechanisms to limit access may include use of network concentrators, RDP gateways, etc.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2020-06-09T20:51:00.027Z", 16 | "name": "Limit Access to Resource Over Network" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--20a2baeb-98c2-4901-bad7-dc62d0a03dea.json: -------------------------------------------------------------------------------- 1 | { 2 | "created_by_ref": "The MITRE Corporation", 3 | "external_references": [ 4 | { 5 | "source_name": "mitre-attack", 6 | "external_id": "M1029", 7 | "url": "https://attack.mitre.org/mitigations/M1029" 8 | } 9 | ], 10 | "name": "Remote Data Storage", 11 | "description": "Use remote security log and sensitive file storage where access can be controlled better to prevent exposure of intrusion detection log data or sensitive information.", 12 | "id": "course-of-action--20a2baeb-98c2-4901-bad7-dc62d0a03dea", 13 | "type": "course-of-action", 14 | "modified": "2019-06-06T21:21:13.027Z", 15 | "created": "2019-06-06T21:21:13.027Z", 16 | "x_mitre_version": "1.0" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--20f6a9df-37c4-4e20-9e47-025983b1b39d.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--20f6a9df-37c4-4e20-9e47-025983b1b39d", 3 | "type": "course-of-action", 4 | "created": "2019-06-11T16:33:55.337Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1037", 10 | "external_id": "M1037" 11 | } 12 | ], 13 | "description": "Use network appliances to filter ingress or egress traffic and perform protocol-based filtering. Configure software on endpoints to filter network traffic.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-06-20T20:46:36.342Z", 16 | "name": "Filter Network Traffic" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--21da4fd4-27ad-4e9c-b93d-0b9b14d02c96.json: -------------------------------------------------------------------------------- 1 | { 2 | "created": "2019-06-06T20:52:59.206Z", 3 | "modified": "2019-06-06T20:52:59.206Z", 4 | "type": "course-of-action", 5 | "id": "course-of-action--21da4fd4-27ad-4e9c-b93d-0b9b14d02c96", 6 | "description": "Restrict use of certain websites, block downloads/attachments, block Javascript, restrict browser extensions, etc.", 7 | "name": "Restrict Web-Based Content", 8 | "external_references": [ 9 | { 10 | "source_name": "mitre-attack", 11 | "external_id": "M1021", 12 | "url": "https://attack.mitre.org/mitigations/M1021" 13 | } 14 | ], 15 | "created_by_ref": "The MITRE Corporation", 16 | "x_mitre_version": "1.0" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--23843cff-f7b9-4659-a7b7-713ef347f547.json: -------------------------------------------------------------------------------- 1 | { 2 | "created": "2019-06-11T16:26:52.202Z", 3 | "modified": "2019-06-11T16:26:52.202Z", 4 | "type": "course-of-action", 5 | "id": "course-of-action--23843cff-f7b9-4659-a7b7-713ef347f547", 6 | "description": "Block users or groups from installing unapproved software.", 7 | "name": "Limit Software Installation", 8 | "external_references": [ 9 | { 10 | "source_name": "mitre-attack", 11 | "external_id": "M1033", 12 | "url": "https://attack.mitre.org/mitigations/M1033" 13 | } 14 | ], 15 | "created_by_ref": "The MITRE Corporation", 16 | "x_mitre_version": "1.0" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--25dc1ce8-eb55-4333-ae30-a7cb4f5894a1.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--25dc1ce8-eb55-4333-ae30-a7cb4f5894a1", 3 | "name": "Application Developer Guidance", 4 | "created": "2017-10-25T14:48:53.732Z", 5 | "modified": "2018-10-17T00:14:20.652Z", 6 | "created_by_ref": "The MITRE Corporation", 7 | "external_references": [ 8 | { 9 | "source_name": "mitre-attack", 10 | "external_id": "M1013", 11 | "url": "https://attack.mitre.org/mitigations/M1013" 12 | } 13 | ], 14 | "description": "This mitigation describes any guidance or training given to developers of applications to avoid introducing security weaknesses that an adversary may be able to take advantage of.", 15 | "x_mitre_version": "1.0", 16 | "type": "course-of-action", 17 | "x_mitre_old_attack_id": "MOB-M1013" 18 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--2995bc22-2851-4345-ad19-4e7e295be264.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--2995bc22-2851-4345-ad19-4e7e295be264", 3 | "type": "course-of-action", 4 | "created": "2019-06-11T16:28:41.809Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1034", 10 | "external_id": "M1034" 11 | } 12 | ], 13 | "description": "Block users or groups from installing or using unapproved hardware on systems, including USB devices.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2020-06-09T20:48:12.326Z", 16 | "name": "Limit Hardware Installation" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--2a4f6c11-a4a7-4cb9-b0ef-6ae1bb3a718a.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--2a4f6c11-a4a7-4cb9-b0ef-6ae1bb3a718a", 3 | "type": "course-of-action", 4 | "created": "2019-06-06T16:50:04.963Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1017", 10 | "external_id": "M1017" 11 | } 12 | ], 13 | "description": "Train users to be aware of access or manipulation attempts by an adversary to reduce the risk of successful spearphishing, social engineering, and other techniques that involve user interaction.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-08-26T14:19:20.173Z", 16 | "name": "User Training" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--2c2ad92a-d710-41ab-a996-1db143bb4808.json: -------------------------------------------------------------------------------- 1 | { 2 | "created_by_ref": "The MITRE Corporation", 3 | "external_references": [ 4 | { 5 | "source_name": "mitre-attack", 6 | "external_id": "M1052", 7 | "url": "https://attack.mitre.org/mitigations/M1052" 8 | } 9 | ], 10 | "name": "User Account Control", 11 | "description": "Configure Windows User Account Control to mitigate risk of adversaries obtaining elevated process access.", 12 | "id": "course-of-action--2c2ad92a-d710-41ab-a996-1db143bb4808", 13 | "type": "course-of-action", 14 | "modified": "2020-03-31T13:49:49.636Z", 15 | "created": "2019-06-11T17:14:35.170Z", 16 | "x_mitre_version": "1.1" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--2f316f6c-ae42-44fe-adf8-150989e0f6d3.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--2f316f6c-ae42-44fe-adf8-150989e0f6d3", 3 | "type": "course-of-action", 4 | "created": "2019-06-06T21:16:18.709Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1028", 10 | "external_id": "M1028" 11 | } 12 | ], 13 | "description": "Make configuration changes related to the operating system or a common feature of the operating system that result in system hardening against techniques.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-06-19T16:50:45.681Z", 16 | "name": "Operating System Configuration" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--337c4e2a-21a7-4d9a-bfee-9efd6cebf0e5.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--337c4e2a-21a7-4d9a-bfee-9efd6cebf0e5", 3 | "type": "course-of-action", 4 | "created": "2020-09-11T16:32:21.854Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-ics-attack", 9 | "url": "https://collaborate.mitre.org/attackics/index.php/Mitigation/M0803", 10 | "external_id": "M0803" 11 | } 12 | ], 13 | "description": "Data Loss Prevention (DLP) technologies can be used to help identify adversarial attempts to exfiltrate operational information, such as engineering plans, trade secrets, recipes, intellectual property, or process telemetry. DLP functionality may be built into other security products such as firewalls or stand alone suites running on the network and host-based agents. DLP may be configured to prevent the transfer of information through corporate resources such as email, web, and physical media such as USB for host-based solutions.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2020-09-17T13:55:21.233Z", 16 | "name": "Data Loss Prevention" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--3efe43d1-6f3f-4fcb-ab39-4a730971f70b.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--3efe43d1-6f3f-4fcb-ab39-4a730971f70b", 3 | "type": "course-of-action", 4 | "created": "2019-07-19T14:33:33.543Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1053", 10 | "external_id": "M1053" 11 | } 12 | ], 13 | "description": "Take and store data backups from end user systems and critical servers. Ensure backup and storage systems are hardened and kept separate from the corporate network to prevent compromise.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-03-31T13:11:28.201Z", 16 | "name": "Data Backup" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--47e0e9fe-96ce-4f65-8bb1-8be1feacb5db.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--47e0e9fe-96ce-4f65-8bb1-8be1feacb5db", 3 | "type": "course-of-action", 4 | "created": "2019-06-11T16:35:25.488Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1038", 10 | "external_id": "M1038" 11 | } 12 | ], 13 | "description": "Block execution of code on a system through application control, and/or script blocking.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-06-20T20:11:42.195Z", 16 | "name": "Execution Prevention" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--49c06d54-9002-491d-9147-8efb537fbd26.json: -------------------------------------------------------------------------------- 1 | { 2 | "created": "2019-06-11T16:47:12.859Z", 3 | "modified": "2020-03-31T13:09:22.442Z", 4 | "type": "course-of-action", 5 | "id": "course-of-action--49c06d54-9002-491d-9147-8efb537fbd26", 6 | "description": "Use capabilities to prevent successful credential access by adversaries; including blocking forms of credential dumping.", 7 | "name": "Credential Access Protection", 8 | "external_references": [ 9 | { 10 | "source_name": "mitre-attack", 11 | "external_id": "M1043", 12 | "url": "https://attack.mitre.org/mitigations/M1043" 13 | } 14 | ], 15 | "created_by_ref": "The MITRE Corporation", 16 | "x_mitre_version": "1.1" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--52c7a1a9-3a78-4528-a44f-cd7b0fa3541a.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--52c7a1a9-3a78-4528-a44f-cd7b0fa3541a", 3 | "type": "course-of-action", 4 | "created": "2019-06-06T21:16:18.709Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-ics-attack", 9 | "url": "https://collaborate.mitre.org/attackics/index.php/Mitigation/M0814", 10 | "external_id": "M0814" 11 | } 12 | ], 13 | "description": "Configure hosts and devices to use static network configurations when possible, protocols that require dynamic discovery/addressing (e.g., ARP, DHCP, DNS) can be used to manipulate network message forwarding and enable various MitM attacks. This mitigation may not always be usable due to limited device features or challenges introduced with network configurations.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2020-09-22T16:50:45.681Z", 16 | "name": "Static Network Configuration" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--590777b3-b475-4c7c-aaf8-f4a73b140312.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--590777b3-b475-4c7c-aaf8-f4a73b140312", 3 | "type": "course-of-action", 4 | "created": "2019-06-11T17:01:25.405Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1045", 10 | "external_id": "M1045" 11 | } 12 | ], 13 | "description": "Enforce binary and application integrity with digital signature verification to prevent untrusted code from executing.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-05-20T13:12:02.881Z", 16 | "name": "Code Signing" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--609191bf-7d06-40e4-b1f8-9e11eb3ff8a6.json: -------------------------------------------------------------------------------- 1 | { 2 | "created": "2019-06-11T16:40:14.543Z", 3 | "modified": "2019-06-11T16:40:14.543Z", 4 | "type": "course-of-action", 5 | "id": "course-of-action--609191bf-7d06-40e4-b1f8-9e11eb3ff8a6", 6 | "description": "Prevent modification of environment variables by unauthorized users and groups.", 7 | "name": "Environment Variable Permissions", 8 | "external_references": [ 9 | { 10 | "source_name": "mitre-attack", 11 | "external_id": "M1039", 12 | "url": "https://attack.mitre.org/mitigations/M1039" 13 | } 14 | ], 15 | "created_by_ref": "The MITRE Corporation", 16 | "x_mitre_version": "1.0" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--649f7268-4c12-483b-ac84-4b7bca9fe2ee.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--649f7268-4c12-483b-ac84-4b7bca9fe2ee", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Enterprise Policy", 5 | "description": "An enterprise mobility management (EMM), also known as mobile device management (MDM), system can be used to provision policies to mobile devices to control aspects of their allowed behavior.", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1012", 10 | "external_id": "M1012" 11 | } 12 | ], 13 | "type": "course-of-action", 14 | "modified": "2020-06-24T15:08:18.395Z", 15 | "created": "2017-10-25T14:48:53.318Z", 16 | "x_mitre_old_attack_id": "MOB-M1012", 17 | "x_mitre_version": "1.0" 18 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--653492e3-27be-4a0e-b08c-938dd2b7e0e1.json: -------------------------------------------------------------------------------- 1 | { 2 | "created_by_ref": "The MITRE Corporation", 3 | "external_references": [ 4 | { 5 | "source_name": "mitre-attack", 6 | "external_id": "M1011", 7 | "url": "https://attack.mitre.org/mitigations/M1011" 8 | } 9 | ], 10 | "name": "User Guidance", 11 | "description": "Describes any guidance or training given to users to set particular configuration settings or avoid specific potentially risky behaviors.", 12 | "id": "course-of-action--653492e3-27be-4a0e-b08c-938dd2b7e0e1", 13 | "type": "course-of-action", 14 | "modified": "2019-10-18T15:51:48.318Z", 15 | "created": "2019-10-18T12:53:03.508Z", 16 | "x_mitre_version": "1.0" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--72dade3e-1cba-4182-b3b3-a77ca52f02a1.json: -------------------------------------------------------------------------------- 1 | { 2 | "created_by_ref": "The MITRE Corporation", 3 | "external_references": [ 4 | { 5 | "source_name": "mitre-attack", 6 | "external_id": "M1025", 7 | "url": "https://attack.mitre.org/mitigations/M1025" 8 | } 9 | ], 10 | "name": "Privileged Process Integrity", 11 | "description": "Protect processes with high privileges that can be used to interact with critical system components through use of protected process light, anti-process injection defenses, or other process integrity enforcement measures.", 12 | "id": "course-of-action--72dade3e-1cba-4182-b3b3-a77ca52f02a1", 13 | "type": "course-of-action", 14 | "modified": "2020-05-20T13:13:48.900Z", 15 | "created": "2019-06-06T21:08:58.465Z", 16 | "x_mitre_version": "1.1" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--72e46e53-e12d-4106-9c70-33241b6ed549.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--72e46e53-e12d-4106-9c70-33241b6ed549", 3 | "type": "course-of-action", 4 | "created": "2019-06-06T21:16:18.709Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-ics-attack", 9 | "url": "https://pedias-s.mitre.org/attackics/index.php/Mitigation/M0813", 10 | "external_id": "M0813" 11 | } 12 | ], 13 | "description": "Require the authentication of devices and software processes where appropriate. Devices that connect remotely to other systems should require strong authentication to prevent spoofing of communications. Furthermore, software processes should also require authentication if accessing a local or remote API.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2020-09-22T16:50:45.681Z", 16 | "name": "Software Process and Device Authentication" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--787fb64d-c87b-4ee5-a341-0ef17ec4c15c.json: -------------------------------------------------------------------------------- 1 | { 2 | "created_by_ref": "The MITRE Corporation", 3 | "external_references": [ 4 | { 5 | "source_name": "mitre-attack", 6 | "external_id": "M1055", 7 | "url": "https://attack.mitre.org/mitigations/M1055" 8 | } 9 | ], 10 | "name": "Do Not Mitigate", 11 | "description": "This category is to associate techniques that mitigation might increase risk of compromise and therefore mitigation is not recommended.", 12 | "id": "course-of-action--787fb64d-c87b-4ee5-a341-0ef17ec4c15c", 13 | "type": "course-of-action", 14 | "modified": "2019-07-23T14:44:24.727Z", 15 | "created": "2019-07-19T14:58:42.715Z", 16 | "x_mitre_version": "1.0" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--78bb71be-92b4-46de-acd6-5f998fedf1cc.json: -------------------------------------------------------------------------------- 1 | { 2 | "created_by_ref": "The MITRE Corporation", 3 | "external_references": [ 4 | { 5 | "source_name": "mitre-attack", 6 | "external_id": "M1056", 7 | "url": "https://attack.mitre.org/mitigations/M1056" 8 | } 9 | ], 10 | "description": "This category is used for any applicable mitigation activities that apply to techniques occurring before an adversary gains Initial Access, such as Reconnaissance and Resource Development techniques.", 11 | "name": "Pre-compromise", 12 | "id": "course-of-action--78bb71be-92b4-46de-acd6-5f998fedf1cc", 13 | "type": "course-of-action", 14 | "modified": "2020-10-20T19:52:32.439Z", 15 | "created": "2020-10-19T14:57:58.771Z", 16 | "x_mitre_version": "1.0" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--7b1cf46f-784b-405a-a8dd-4624c19d8321.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--7b1cf46f-784b-405a-a8dd-4624c19d8321", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "System Partition Integrity", 5 | "description": "Ensure that Android devices being used include and enable the Verified Boot capability, which cryptographically ensures the integrity of the system partition.", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1004", 10 | "external_id": "M1004" 11 | } 12 | ], 13 | "x_mitre_version": "1.0", 14 | "x_mitre_old_attack_id": "MOB-M1004", 15 | "type": "course-of-action", 16 | "modified": "2018-10-17T00:14:20.652Z", 17 | "created": "2017-10-25T14:48:52.270Z" 18 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--7bb5fae9-53ad-4424-866b-f0ea2a8b731d.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--7bb5fae9-53ad-4424-866b-f0ea2a8b731d", 3 | "type": "course-of-action", 4 | "created": "2019-06-06T20:15:34.146Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1020", 10 | "external_id": "M1020" 11 | } 12 | ], 13 | "description": "Break and inspect SSL/TLS sessions to look at encrypted web traffic for adversary activity.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2019-06-06T20:15:34.146Z", 16 | "name": "SSL/TLS Inspection" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--7da0387c-ba92-4553-b291-b636ee42b2eb.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--7da0387c-ba92-4553-b291-b636ee42b2eb", 3 | "type": "course-of-action", 4 | "created": "2019-06-11T17:02:36.984Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1046", 10 | "external_id": "M1046" 11 | } 12 | ], 13 | "description": "Use secure methods to boot a system and verify the integrity of the operating system and loading mechanisms.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2020-05-19T12:28:50.603Z", 16 | "name": "Boot Integrity" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--7f153c28-e5f1-4764-88fb-eea1d9b0ad4a.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--7f153c28-e5f1-4764-88fb-eea1d9b0ad4a", 3 | "type": "course-of-action", 4 | "created": "2020-09-11T16:32:21.854Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-ics-attack", 9 | "url": "https://collaborate.mitre.org/attackics/index.php/Mitigation/M0808", 10 | "external_id": "M0808" 11 | } 12 | ], 13 | "description": "Utilize strong cryptographic techniques and protocols to prevent eavesdropping on network communications.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2020-09-17T13:55:21.233Z", 16 | "name": "Encrypt Network Traffic" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--86598de0-b347-4928-9eb0-0acbfc21908c.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--86598de0-b347-4928-9eb0-0acbfc21908c", 3 | "type": "course-of-action", 4 | "created": "2019-06-10T20:41:03.271Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1030", 10 | "external_id": "M1030" 11 | } 12 | ], 13 | "description": "Architect sections of the network to isolate critical systems, functions, or resources. Use physical and logical segmentation to prevent access to potentially sensitive systems and information. Use a DMZ to contain any internet-facing services that should not be exposed from the internal network. Configure separate virtual private cloud (VPC) instances to isolate critical cloud systems.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-05-14T13:05:39.500Z", 16 | "name": "Network Segmentation" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--874c0166-e407-45c2-a1d9-e4e3a6570fd8.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--874c0166-e407-45c2-a1d9-e4e3a6570fd8", 3 | "type": "course-of-action", 4 | "created": "2019-06-06T19:55:50.927Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1019", 10 | "external_id": "M1019" 11 | } 12 | ], 13 | "description": "A threat intelligence program helps an organization generate their own threat intelligence information and track trends to inform defensive priorities to mitigate risk.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2019-06-06T19:55:50.927Z", 16 | "name": "Threat Intelligence Program" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--8ccd428d-39da-4e8f-a55b-d48ea1d56e58.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--8ccd428d-39da-4e8f-a55b-d48ea1d56e58", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Lock Bootloader", 5 | "description": "On devices that provide the capability to unlock the bootloader (hence allowing any operating system code to be flashed onto the device), perform periodic checks to ensure that the bootloader is locked.", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1003", 10 | "external_id": "M1003" 11 | } 12 | ], 13 | "x_mitre_version": "1.0", 14 | "x_mitre_old_attack_id": "MOB-M1003", 15 | "type": "course-of-action", 16 | "modified": "2018-10-17T00:14:20.652Z", 17 | "created": "2017-10-25T14:48:49.554Z" 18 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--90c218c3-fbf8-4830-98a7-e8cfb7eaa485.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--90c218c3-fbf8-4830-98a7-e8cfb7eaa485", 3 | "type": "course-of-action", 4 | "created": "2019-06-06T21:10:35.792Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1027", 10 | "external_id": "M1027" 11 | } 12 | ], 13 | "description": "Set and enforce secure password policies for accounts.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2019-06-06T21:10:35.792Z", 16 | "name": "Password Policies" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--90f39ee1-d5a3-4aaa-9f28-3b42815b0d46.json: -------------------------------------------------------------------------------- 1 | { 2 | "created_by_ref": "The MITRE Corporation", 3 | "external_references": [ 4 | { 5 | "source_name": "mitre-attack", 6 | "external_id": "M1040", 7 | "url": "https://attack.mitre.org/mitigations/M1040" 8 | } 9 | ], 10 | "name": "Behavior Prevention on Endpoint", 11 | "description": "Use capabilities to prevent suspicious behavior patterns from occurring on endpoint systems. This could include suspicious process, file, API call, etc. behavior.", 12 | "id": "course-of-action--90f39ee1-d5a3-4aaa-9f28-3b42815b0d46", 13 | "type": "course-of-action", 14 | "modified": "2019-06-11T16:43:05.712Z", 15 | "created": "2019-06-11T16:43:05.712Z", 16 | "x_mitre_version": "1.0" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--93e7968a-9074-4eac-8ae9-9f5200ec3317.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--93e7968a-9074-4eac-8ae9-9f5200ec3317", 3 | "type": "course-of-action", 4 | "created": "2019-06-06T16:50:58.767Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1018", 10 | "external_id": "M1018" 11 | } 12 | ], 13 | "description": "Manage the creation, modification, use, and permissions associated to user accounts.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-05-20T13:49:12.270Z", 16 | "name": "User Account Management" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--987988f0-cf86-4680-a875-2f6456ab2448.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--987988f0-cf86-4680-a875-2f6456ab2448", 3 | "type": "course-of-action", 4 | "created": "2019-06-06T20:54:49.964Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1022", 10 | "external_id": "M1022" 11 | } 12 | ], 13 | "description": "Restrict access by setting directory and file permissions that are not specific to users or privileged accounts.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-05-20T15:12:39.136Z", 16 | "name": "Restrict File and Directory Permissions" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--98aa0d61-fc9d-4b2d-8f18-b25d03549f53.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--98aa0d61-fc9d-4b2d-8f18-b25d03549f53", 3 | "type": "course-of-action", 4 | "created": "2019-06-06T21:16:18.709Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-ics-attack", 9 | "url": "https://collaborate.mitre.org/attackics/index.php/Mitigation/M0815", 10 | "external_id": "M0815" 11 | } 12 | ], 13 | "description": "Utilize watchdog timers to ensure devices can quickly detect whether a system is operational, unresponsive, or in a good state. System / process restarts should be performed when a timeout condition occurs.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2020-09-22T16:50:45.681Z", 16 | "name": "Watchdog Timers" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--99c746d7-a08a-4169-94f9-b8c0dad716fa.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--99c746d7-a08a-4169-94f9-b8c0dad716fa", 3 | "type": "course-of-action", 4 | "created": "2019-06-06T21:16:18.709Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-ics-attack", 9 | "url": "https://collaborate.mitre.org/attackics/index.php/Mitigation/M0809", 10 | "external_id": "M0809" 11 | } 12 | ], 13 | "description": "Deploy mechanisms to protect the confidentiality of information related to operational processes, facility locations, device configurations, programs, or databases that may have information that can be used to infer organizational trade-secrets, recipes, and other intellectual property (IP). Example mitigations could include restricting read privileges, encrypting data, and obfuscating the information (e.g., facility coverterms, codenames). In many cases this information may be necessary to support critical engineering, maintenance, or operational functions, therefore, it may not be feasible to implement.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2020-09-22T16:50:45.681Z", 16 | "name": "Operational Information Confidentiality" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--9bb9e696-bff8-4ae1-9454-961fc7d91d5f.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--9bb9e696-bff8-4ae1-9454-961fc7d91d5f", 3 | "type": "course-of-action", 4 | "created": "2019-06-06T21:09:47.115Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1026", 10 | "external_id": "M1026" 11 | } 12 | ], 13 | "description": "Manage the creation, modification, use, and permissions associated to privileged accounts, including SYSTEM and root.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-03-31T13:08:36.655Z", 16 | "name": "Privileged Account Management" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--a2c36a5d-4058-475e-8e77-fff75e50d3b9.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--a2c36a5d-4058-475e-8e77-fff75e50d3b9", 3 | "type": "course-of-action", 4 | "created": "2019-06-06T20:58:59.577Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1024", 10 | "external_id": "M1024" 11 | } 12 | ], 13 | "description": "Restrict the ability to modify certain hives or keys in the Windows Registry.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2019-06-06T20:58:59.577Z", 16 | "name": "Restrict Registry Permissions" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--a6a47a06-08fc-4ec4-bdc3-20373375ebb9.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--a6a47a06-08fc-4ec4-bdc3-20373375ebb9", 3 | "type": "course-of-action", 4 | "created": "2019-06-11T17:08:33.055Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1049", 10 | "external_id": "M1049" 11 | } 12 | ], 13 | "description": "Use signatures or heuristics to detect malicious software.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-03-31T13:07:15.684Z", 16 | "name": "Antivirus/Antimalware" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--aadac250-bcdc-44e3-a4ae-f52bd0a7a16a.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--aadac250-bcdc-44e3-a4ae-f52bd0a7a16a", 3 | "type": "course-of-action", 4 | "created": "2019-06-10T20:53:36.319Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-ics-attack", 9 | "url": "https://collaborate.mitre.org/attackics/index.php/Mitigation/M0807", 10 | "external_id": "M0807" 11 | } 12 | ], 13 | "description": "Network allowlists can be implemented through either host-based files or system hosts files to specify what external connections (e.g., IP address, MAC address, port, protocol) can be made from a device. Allowlist techniques that operate at the application layer (e.g., DNP3, Modbus, HTTP) are addressed in Filter Network Traffic mitigation.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2020-09-22T20:53:36.319Z", 16 | "name": "Network Allowlists" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--b045d015-6bed-4490-bd38-56b41ece59a0.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--b045d015-6bed-4490-bd38-56b41ece59a0", 3 | "type": "course-of-action", 4 | "created": "2019-06-10T20:53:36.319Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1032", 10 | "external_id": "M1032" 11 | } 12 | ], 13 | "description": "Use two or more pieces of evidence to authenticate to a system; such as username and password in addition to a token from a physical smart card or token generator.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2019-06-10T20:53:36.319Z", 16 | "name": "Multi-factor Authentication" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--b5dbb4c5-b0b1-40b1-80b6-e9e84ab90067.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--b5dbb4c5-b0b1-40b1-80b6-e9e84ab90067", 3 | "type": "course-of-action", 4 | "created": "2019-07-19T14:40:23.529Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1054", 10 | "external_id": "M1054" 11 | } 12 | ], 13 | "description": "Implement configuration changes to software (other than the operating system) to mitigate security risks associated to how the software operates.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-03-31T13:11:09.471Z", 16 | "name": "Software Configuration" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--b9f0c069-abbe-4a07-a245-2481219a1463.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--b9f0c069-abbe-4a07-a245-2481219a1463", 3 | "type": "course-of-action", 4 | "created": "2019-06-11T17:06:56.230Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1048", 10 | "external_id": "M1048" 11 | } 12 | ], 13 | "description": "Restrict execution of code to a virtual environment on or in transit to an endpoint system.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-03-31T13:08:03.851Z", 16 | "name": "Application Isolation and Sandboxing" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--bcecd036-f40e-4916-9f8e-fd0ccf0ece8d.json: -------------------------------------------------------------------------------- 1 | { 2 | "created_by_ref": "The MITRE Corporation", 3 | "external_references": [ 4 | { 5 | "source_name": "mitre-attack", 6 | "external_id": "M1001", 7 | "url": "https://attack.mitre.org/mitigations/M1001" 8 | } 9 | ], 10 | "name": "Security Updates", 11 | "description": "Install security updates in response to discovered vulnerabilities.\n\nPurchase devices with a vendor and/or mobile carrier commitment to provide security updates in a prompt manner for a set period of time.\n\nDecommission devices that will no longer receive security updates.\n\nLimit or block access to enterprise resources from devices that have not installed recent security updates.\n\nOn Android devices, access can be controlled based on each device's security patch level. On iOS devices, access can be controlled based on the iOS version.", 12 | "id": "course-of-action--bcecd036-f40e-4916-9f8e-fd0ccf0ece8d", 13 | "type": "course-of-action", 14 | "modified": "2019-10-18T14:56:15.631Z", 15 | "created": "2019-10-18T12:51:36.488Z", 16 | "x_mitre_version": "1.0" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--c7257b6e-4159-4771-b1f3-2bb93adaecac.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--c7257b6e-4159-4771-b1f3-2bb93adaecac", 3 | "type": "course-of-action", 4 | "created": "2020-09-11T16:32:21.854Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-ics-attack", 9 | "url": "https://collaborate.mitre.org/attackics/index.php/Mitigation/M0802", 10 | "external_id": "M0802" 11 | } 12 | ], 13 | "description": "When communicating over an untrusted network utilize secure network protocols that both authenticate the message sender and can verify its integrity, either through message authentication codes (MACs) or digital signatures, to prevent the transmission of spoofed network messages or unauthorized connections.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2020-09-17T13:55:21.233Z", 16 | "name": "Communication Authenticity" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--cc2399fd-3cd3-4319-8d0a-fbd6420cdaf8.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--cc2399fd-3cd3-4319-8d0a-fbd6420cdaf8", 3 | "type": "course-of-action", 4 | "created": "2019-06-11T17:06:14.029Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1047", 10 | "external_id": "M1047" 11 | } 12 | ], 13 | "description": "Perform audits or scans of systems, permissions, insecure software, insecure configurations, etc. to identify potential weaknesses.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-03-31T13:08:45.966Z", 16 | "name": "Audit" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--cf2cccb1-cab8-431a-8ecf-f7874d05f433.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--cf2cccb1-cab8-431a-8ecf-f7874d05f433", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Deploy Compromised Device Detection Method", 5 | "description": "A variety of methods exist that can be used to enable enterprises to identify compromised (e.g. rooted/jailbroken) devices, whether using security mechanisms built directly into the device, third-party mobile security applications, enterprise mobility management (EMM)/mobile device management (MDM) capabilities, or other methods. Some methods may be trivial to evade while others may be more sophisticated.", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1010", 10 | "external_id": "M1010" 11 | } 12 | ], 13 | "x_mitre_version": "1.0", 14 | "x_mitre_old_attack_id": "MOB-M1010", 15 | "type": "course-of-action", 16 | "modified": "2018-10-17T00:14:20.652Z", 17 | "created": "2017-10-25T14:48:52.601Z" 18 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--d2a24649-9694-4c97-9c62-ce7b270bf6a3.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--d2a24649-9694-4c97-9c62-ce7b270bf6a3", 3 | "type": "course-of-action", 4 | "created": "2019-06-11T17:10:57.070Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1050", 10 | "external_id": "M1050" 11 | } 12 | ], 13 | "description": "Use capabilities to detect and block conditions that may lead to or be indicative of a software exploit occurring.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-06-20T20:22:55.938Z", 16 | "name": "Exploit Protection" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--da44255d-85c5-492c-baf3-ee823d44f848.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--da44255d-85c5-492c-baf3-ee823d44f848", 3 | "type": "course-of-action", 4 | "created": "2019-06-06T21:16:18.709Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-ics-attack", 9 | "url": "https://collaborate.mitre.org/attackics/index.php/Mitigation/M0813", 10 | "external_id": "M0812" 11 | } 12 | ], 13 | "description": "Utilize Safety Instrumented Systems (SIS) to provide an additional layer of protection to hazard scenarios that may cause property damage. A SIS will typically included sensors, logic solvers, and a final control element that can be used to automatically respond to an hazardous condition. Ensure that all SISs are segmented from operational networks to prevent them from being targeted by additional adversarial behavior.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2020-09-22T16:50:45.681Z", 16 | "name": "Safety Instrumented Systems" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--e3388c78-2a8d-47c2-8422-c1398b324462.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--e3388c78-2a8d-47c2-8422-c1398b324462", 3 | "type": "course-of-action", 4 | "created": "2019-06-06T16:39:58.291Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1015", 10 | "external_id": "M1015" 11 | } 12 | ], 13 | "description": "Configure Active Directory to prevent use of certain techniques; use SID Filtering, etc.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-05-29T16:34:40.344Z", 16 | "name": "Active Directory Configuration" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--e5d930e9-775a-40ad-9bdb-b941d8dfe86b.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--e5d930e9-775a-40ad-9bdb-b941d8dfe86b", 3 | "type": "course-of-action", 4 | "created": "2019-06-11T17:12:55.207Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1051", 10 | "external_id": "M1051" 11 | } 12 | ], 13 | "description": "Perform regular software updates to mitigate exploitation risk.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2020-07-07T12:42:39.005Z", 16 | "name": "Update Software" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--e8242a33-481c-4891-af63-4cf3e4cf6aff.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--e8242a33-481c-4891-af63-4cf3e4cf6aff", 3 | "type": "course-of-action", 4 | "created": "2019-06-11T17:00:01.740Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1044", 10 | "external_id": "M1044" 11 | } 12 | ], 13 | "description": "Prevent abuse of library loading mechanisms in the operating system and software to load untrusted code by configuring appropriate library loading mechanisms and investigating potential vulnerable software.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2019-06-11T17:00:01.740Z", 16 | "name": "Restrict Library Loading" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--e944670c-d03a-4e93-a21c-b3d4c53ec4c9.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--e944670c-d03a-4e93-a21c-b3d4c53ec4c9", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Caution with Device Administrator Access", 5 | "description": "Warn device users not to accept requests to grant Device Administrator access to applications without good reason.\n\nAdditionally, application vetting should include a check on whether the application requests Device Administrator access. Applications that do request Device Administrator access should be carefully scrutinized and only allowed to be used if a valid reason exists.", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1007", 10 | "external_id": "M1007" 11 | } 12 | ], 13 | "x_mitre_version": "1.0", 14 | "x_mitre_old_attack_id": "MOB-M1007", 15 | "type": "course-of-action", 16 | "modified": "2018-10-17T00:14:20.652Z", 17 | "created": "2017-10-25T14:48:51.365Z" 18 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--eb88d97c-32f1-40be-80f0-d61a4b0b4b31.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--eb88d97c-32f1-40be-80f0-d61a4b0b4b31", 3 | "type": "course-of-action", 4 | "created": "2019-06-11T16:45:19.740Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1042", 10 | "external_id": "M1042" 11 | } 12 | ], 13 | "description": "Remove or deny access to unnecessary and potentially vulnerable software to prevent abuse by adversaries.", 14 | "x_mitre_version": "1.1", 15 | "modified": "2020-03-31T13:12:04.776Z", 16 | "name": "Disable or Remove Feature or Program" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--f0f5c87a-a58d-440a-b3b5-ca679d98c6dd.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--f0f5c87a-a58d-440a-b3b5-ca679d98c6dd", 3 | "type": "course-of-action", 4 | "created": "2019-06-06T21:16:18.709Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-ics-attack", 9 | "url": "https://collaborate.mitre.org/attackics/index.php/Mitigation/M0811", 10 | "external_id": "M0811" 11 | } 12 | ], 13 | "description": "Redundancy could be provided through both the devices or services, such as back-up devices or hot-standby's. Hot-standbys in diverse locations can ensure continued operations if the primarily system are compromised or unavailable. At the network layer, protocols such as the Parallel Redundancy Protocol (PRP, IEC 62439-3:2012-07) can be used to simulatenously use redundant and diverse communication over a local network.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2020-09-22T16:50:45.681Z", 16 | "name": "Redundancy of Service" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--f9f9e6ef-bc0a-41ad-ba11-0924e5e84c4c.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--f9f9e6ef-bc0a-41ad-ba11-0924e5e84c4c", 3 | "type": "course-of-action", 4 | "created": "2019-06-11T16:32:21.854Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1036", 10 | "external_id": "M1036" 11 | } 12 | ], 13 | "description": "Configure features related to account use like login attempt lockouts, specific login times, etc.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2019-06-13T16:07:21.233Z", 16 | "name": "Account Use Policies" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--feff9142-e8c2-46f4-842b-bd6fb3d41157.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "course-of-action--feff9142-e8c2-46f4-842b-bd6fb3d41157", 3 | "type": "course-of-action", 4 | "created": "2019-06-11T16:43:44.834Z", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/mitigations/M1041", 10 | "external_id": "M1041" 11 | } 12 | ], 13 | "description": "Protect sensitive information with strong encryption.", 14 | "x_mitre_version": "1.0", 15 | "modified": "2019-06-11T16:43:44.834Z", 16 | "name": "Encrypt Sensitive Information" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/course-of-action/course-of-action--ff4821f6-5afb-481b-8c0f-26c28c0d666c.json: -------------------------------------------------------------------------------- 1 | { 2 | "created_by_ref": "The MITRE Corporation", 3 | "external_references": [ 4 | { 5 | "source_name": "mitre-attack", 6 | "external_id": "M1002", 7 | "url": "https://attack.mitre.org/mitigations/M1002" 8 | } 9 | ], 10 | "name": "Attestation", 11 | "description": "Enable remote attestation capabilities when available (such as Android SafetyNet or Samsung Knox TIMA Attestation) and prohibit devices that fail the attestation from accessing enterprise resources.", 12 | "id": "course-of-action--ff4821f6-5afb-481b-8c0f-26c28c0d666c", 13 | "type": "course-of-action", 14 | "modified": "2019-10-18T14:52:53.019Z", 15 | "created": "2019-10-18T12:50:35.335Z", 16 | "x_mitre_version": "1.0" 17 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--0ced8926-914e-4c78-bc93-356fb90dbd1f.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--0ced8926-914e-4c78-bc93-356fb90dbd1f", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "HALFBAKED", 5 | "description": "[HALFBAKED](https://attack.mitre.org/software/S0151) is a malware family consisting of multiple components intended to establish persistence in victim networks. (Citation: FireEye FIN7 April 2017)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0151", 10 | "external_id": "S0151" 11 | }, 12 | { 13 | "source_name": "FireEye FIN7 April 2017", 14 | "description": "Carr, N., et al. (2017, April 24). FIN7 Evolution and the Phishing LNK. Retrieved April 24, 2017.", 15 | "url": "https://www.fireeye.com/blog/threat-research/2017/04/fin7-phishing-lnk.html" 16 | } 17 | ], 18 | "x_mitre_version": "1.0", 19 | "x_mitre_aliases": [ 20 | "HALFBAKED" 21 | ], 22 | "x_mitre_platforms": [ 23 | "Windows" 24 | ], 25 | "type": "malware", 26 | "labels": [ 27 | "malware" 28 | ], 29 | "modified": "2018-10-17T00:14:20.652Z", 30 | "created": "2017-12-14T16:46:06.044Z" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--0db09158-6e48-4e7c-8ce7-2b10b9c0c039.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--0db09158-6e48-4e7c-8ce7-2b10b9c0c039", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Misdat", 5 | "description": "[Misdat](https://attack.mitre.org/software/S0083) is a backdoor that was used by [Dust Storm](https://attack.mitre.org/groups/G0031) from 2010 to 2011. (Citation: Cylance Dust Storm)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0083", 10 | "external_id": "S0083" 11 | }, 12 | { 13 | "url": "https://www.cylance.com/content/dam/cylance/pdfs/reports/Op_Dust_Storm_Report.pdf", 14 | "description": "Gross, J. (2016, February 23). Operation Dust Storm. Retrieved September 19, 2017.", 15 | "source_name": "Cylance Dust Storm" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-20T18:16:26.920Z", 23 | "created": "2017-05-31T21:32:55.126Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "Misdat" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--199463de-d9be-46d6-bb41-07234c1dd5a6.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--199463de-d9be-46d6-bb41-07234c1dd5a6", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "GeminiDuke", 5 | "description": "[GeminiDuke](https://attack.mitre.org/software/S0049) is malware that was used by [APT29](https://attack.mitre.org/groups/G0016) from 2009 to 2012. (Citation: F-Secure The Dukes)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0049", 10 | "external_id": "S0049" 11 | }, 12 | { 13 | "url": "https://www.f-secure.com/documents/996508/1030745/dukes_whitepaper.pdf", 14 | "description": "F-Secure Labs. (2015, September 17). The Dukes: 7 years of Russian cyberespionage. Retrieved December 10, 2015.", 15 | "source_name": "F-Secure The Dukes" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-30T16:43:20.186Z", 23 | "created": "2017-05-31T21:32:36.177Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "GeminiDuke" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901.json: -------------------------------------------------------------------------------- 1 | { 2 | "external_references": [ 3 | { 4 | "external_id": "S0463", 5 | "source_name": "mitre-attack", 6 | "url": "https://attack.mitre.org/software/S0463" 7 | }, 8 | { 9 | "source_name": "Volexity Insomnia", 10 | "url": "https://www.volexity.com/blog/2020/04/21/evil-eye-threat-actor-resurfaces-with-ios-exploit-and-updated-implant/", 11 | "description": "A. Case, D. Lassalle, M. Meltzer, S. Koessel, et al.. (2020, April 21). Evil Eye Threat Actor Resurfaces with iOS Exploit and Updated Implant. Retrieved June 2, 2020." 12 | } 13 | ], 14 | "created_by_ref": "The MITRE Corporation", 15 | "description": "[INSOMNIA](https://attack.mitre.org/software/S0463) is spyware that has been used by the group Evil Eye.(Citation: Volexity Insomnia)", 16 | "name": "INSOMNIA", 17 | "id": "malware--21b7e0b0-0dea-4ccc-8ad4-8da51fe3a901", 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-06-24T18:24:35.433Z", 23 | "created": "2020-06-02T14:32:31.461Z", 24 | "x_mitre_version": "1.0", 25 | "x_mitre_aliases": [ 26 | "INSOMNIA" 27 | ], 28 | "x_mitre_platforms": [ 29 | "iOS" 30 | ] 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--22addc7b-b39f-483d-979a-1b35147da5de.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--22addc7b-b39f-483d-979a-1b35147da5de", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "WinMM", 5 | "description": "[WinMM](https://attack.mitre.org/software/S0059) is a full-featured, simple backdoor used by [Naikon](https://attack.mitre.org/groups/G0019). (Citation: Baumgartner Naikon 2015)", 6 | "external_references": [ 7 | { 8 | "external_id": "S0059", 9 | "url": "https://attack.mitre.org/software/S0059", 10 | "source_name": "mitre-attack" 11 | }, 12 | { 13 | "source_name": "Baumgartner Naikon 2015", 14 | "description": "Baumgartner, K., Golovkin, M.. (2015, May). The MsnMM Campaigns: The Earliest Naikon APT Campaigns. Retrieved April 10, 2019.", 15 | "url": "https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/07205555/TheNaikonAPT-MsnMM1.pdf" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-30T18:27:57.226Z", 23 | "created": "2017-05-31T21:32:40.004Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "WinMM" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--22faaa56-a8ac-4292-9be6-b571b255ee40.json: -------------------------------------------------------------------------------- 1 | { 2 | "created": "2020-07-27T14:14:56.729Z", 3 | "modified": "2020-08-11T14:23:15.002Z", 4 | "labels": [ 5 | "malware" 6 | ], 7 | "type": "malware", 8 | "id": "malware--22faaa56-a8ac-4292-9be6-b571b255ee40", 9 | "name": "Zen", 10 | "description": "[Zen](https://attack.mitre.org/software/S0494) is Android malware that was first seen in 2013.(Citation: Google Security Zen)", 11 | "created_by_ref": "The MITRE Corporation", 12 | "external_references": [ 13 | { 14 | "external_id": "S0494", 15 | "source_name": "mitre-attack", 16 | "url": "https://attack.mitre.org/software/S0494" 17 | }, 18 | { 19 | "source_name": "Google Security Zen", 20 | "url": "https://security.googleblog.com/2019/01/pha-family-highlights-zen-and-its.html", 21 | "description": "Siewierski, L. (2019, January 11). PHA Family Highlights: Zen and its cousins . Retrieved July 27, 2020." 22 | } 23 | ], 24 | "x_mitre_platforms": [ 25 | "Android" 26 | ], 27 | "x_mitre_aliases": [ 28 | "Zen" 29 | ], 30 | "x_mitre_version": "1.0" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--234e7770-99b0-4f65-b983-d3230f76a60b.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--234e7770-99b0-4f65-b983-d3230f76a60b", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Janicab", 5 | "description": "[Janicab](https://attack.mitre.org/software/S0163) is an OS X trojan that relied on a valid developer ID and oblivious users to install it. (Citation: Janicab)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0163", 10 | "external_id": "S0163" 11 | }, 12 | { 13 | "source_name": "Janicab", 14 | "description": "Thomas. (2013, July 15). New signed malware called Janicab. Retrieved July 17, 2017." 15 | } 16 | ], 17 | "type": "malware", 18 | "labels": [ 19 | "malware" 20 | ], 21 | "modified": "2020-03-19T18:00:00.645Z", 22 | "created": "2017-12-14T16:46:06.044Z", 23 | "x_mitre_platforms": [ 24 | "macOS" 25 | ], 26 | "x_mitre_aliases": [ 27 | "Janicab" 28 | ], 29 | "x_mitre_version": "1.1" 30 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--26fed817-e7bf-41f9-829a-9075ffac45c2.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--26fed817-e7bf-41f9-829a-9075ffac45c2", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Kasidet", 5 | "description": "[Kasidet](https://attack.mitre.org/software/S0088) is a backdoor that has been dropped by using malicious VBA macros. (Citation: Zscaler Kasidet)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0088", 10 | "external_id": "S0088" 11 | }, 12 | { 13 | "source_name": "Zscaler Kasidet", 14 | "description": "Yadav, A., et al. (2016, January 29). Malicious Office files dropping Kasidet and Dridex. Retrieved March 24, 2016.", 15 | "url": "http://research.zscaler.com/2016/01/malicious-office-files-dropping-kasidet.html" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-30T16:54:23.238Z", 23 | "created": "2017-05-31T21:32:57.344Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "Kasidet" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--3161d76a-e2b2-4b97-9906-24909b735386.json: -------------------------------------------------------------------------------- 1 | { 2 | "external_references": [ 3 | { 4 | "external_id": "S0456", 5 | "source_name": "mitre-attack", 6 | "url": "https://attack.mitre.org/software/S0456" 7 | }, 8 | { 9 | "source_name": "CheckPoint Naikon May 2020", 10 | "url": "https://research.checkpoint.com/2020/naikon-apt-cyber-espionage-reloaded/", 11 | "description": "CheckPoint. (2020, May 7). Naikon APT: Cyber Espionage Reloaded. Retrieved May 26, 2020." 12 | } 13 | ], 14 | "created_by_ref": "The MITRE Corporation", 15 | "description": "[Aria-body](https://attack.mitre.org/software/S0456) is a custom backdoor that has been used by [Naikon](https://attack.mitre.org/groups/G0019).(Citation: CheckPoint Naikon May 2020)", 16 | "name": "Aria-body", 17 | "id": "malware--3161d76a-e2b2-4b97-9906-24909b735386", 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-07-03T21:52:44.685Z", 23 | "created": "2020-05-26T19:36:04.663Z", 24 | "x_mitre_version": "1.0", 25 | "x_mitre_aliases": [ 26 | "Aria-body" 27 | ], 28 | "x_mitre_platforms": [ 29 | "Windows" 30 | ] 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--3cab1b76-2f40-4cd0-8d2c-7ed16eeb909c.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--3cab1b76-2f40-4cd0-8d2c-7ed16eeb909c", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "ELMER", 5 | "description": "[ELMER](https://attack.mitre.org/software/S0064) is a non-persistent, proxy-aware HTTP backdoor written in Delphi that has been used by [APT16](https://attack.mitre.org/groups/G0023). (Citation: FireEye EPS Awakens Part 2)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0064", 10 | "external_id": "S0064" 11 | }, 12 | { 13 | "source_name": "FireEye EPS Awakens Part 2", 14 | "description": "Winters, R.. (2015, December 20). The EPS Awakens - Part 2. Retrieved January 22, 2016.", 15 | "url": "https://www.fireeye.com/blog/threat-research/2015/12/the-eps-awakens-part-two.html" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-30T16:21:32.420Z", 23 | "created": "2017-05-31T21:32:43.237Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "ELMER" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--40d3e230-ed32-469f-ba89-be70cc08ab39.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--40d3e230-ed32-469f-ba89-be70cc08ab39", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Agent.btz", 5 | "description": "[Agent.btz](https://attack.mitre.org/software/S0092) is a worm that primarily spreads itself via removable devices such as USB drives. It reportedly infected U.S. military networks in 2008. (Citation: Securelist Agent.btz)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0092", 10 | "external_id": "S0092" 11 | }, 12 | { 13 | "url": "https://securelist.com/agent-btz-a-source-of-inspiration/58551/", 14 | "description": "Gostev, A.. (2014, March 12). Agent.btz: a Source of Inspiration?. Retrieved April 8, 2016.", 15 | "source_name": "Securelist Agent.btz" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-30T14:50:51.213Z", 23 | "created": "2017-05-31T21:32:59.153Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "Agent.btz" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--4a98e44a-bd52-461e-af1e-a4457de87a36.json: -------------------------------------------------------------------------------- 1 | { 2 | "external_references": [ 3 | { 4 | "source_name": "mitre-attack", 5 | "url": "https://attack.mitre.org/software/S0277", 6 | "external_id": "S0277" 7 | }, 8 | { 9 | "source_name": "FruitFly", 10 | "description": "(Citation: objsee mac malware 2017)." 11 | }, 12 | { 13 | "url": "https://objective-see.com/blog/blog_0x25.html", 14 | "description": "Patrick Wardle. (n.d.). Mac Malware of 2017. Retrieved September 21, 2018.", 15 | "source_name": "objsee mac malware 2017" 16 | } 17 | ], 18 | "description": "FruitFly is designed to spy on mac users (Citation: objsee mac malware 2017).", 19 | "name": "FruitFly", 20 | "created_by_ref": "The MITRE Corporation", 21 | "id": "malware--4a98e44a-bd52-461e-af1e-a4457de87a36", 22 | "type": "malware", 23 | "labels": [ 24 | "malware" 25 | ], 26 | "modified": "2020-03-30T16:42:09.499Z", 27 | "created": "2018-10-17T00:14:20.652Z", 28 | "x_mitre_version": "1.1", 29 | "x_mitre_aliases": [ 30 | "FruitFly" 31 | ], 32 | "x_mitre_platforms": [ 33 | "macOS" 34 | ] 35 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--54a01db0-9fab-4d5f-8209-53cef8425f4a.json: -------------------------------------------------------------------------------- 1 | { 2 | "external_references": [ 3 | { 4 | "external_id": "S0512", 5 | "source_name": "mitre-attack", 6 | "url": "https://attack.mitre.org/software/S0512" 7 | }, 8 | { 9 | "source_name": "ESET Dukes October 2019", 10 | "url": "https://www.welivesecurity.com/wp-content/uploads/2019/10/ESET_Operation_Ghost_Dukes.pdf", 11 | "description": "Faou, M., Tartare, M., Dupuy, T. (2019, October). OPERATION GHOST. Retrieved September 23, 2020." 12 | } 13 | ], 14 | "created_by_ref": "The MITRE Corporation", 15 | "name": "FatDuke", 16 | "description": "[FatDuke](https://attack.mitre.org/software/S0512) is a backdoor used by [APT29](https://attack.mitre.org/groups/G0016) since at least 2016.(Citation: ESET Dukes October 2019)", 17 | "id": "malware--54a01db0-9fab-4d5f-8209-53cef8425f4a", 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-10-09T16:08:00.074Z", 23 | "created": "2020-09-24T13:23:45.162Z", 24 | "x_mitre_version": "1.0", 25 | "x_mitre_aliases": [ 26 | "FatDuke" 27 | ], 28 | "x_mitre_platforms": [ 29 | "Windows" 30 | ] 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--552462b9-ae79-49dd-855c-5973014e157f.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--552462b9-ae79-49dd-855c-5973014e157f", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Zeroaccess", 5 | "description": "[Zeroaccess](https://attack.mitre.org/software/S0027) is a kernel-mode [Rootkit](https://attack.mitre.org/techniques/T1014) that attempts to add victims to the ZeroAccess botnet, often for monetary gain. (Citation: Sophos ZeroAccess)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0027", 10 | "external_id": "S0027" 11 | }, 12 | { 13 | "source_name": "Sophos ZeroAccess", 14 | "description": "Wyke, J. (2012, April). ZeroAccess. Retrieved July 18, 2016.", 15 | "url": "https://sophosnews.files.wordpress.com/2012/04/zeroaccess2.pdf" 16 | } 17 | ], 18 | "x_mitre_version": "1.0", 19 | "x_mitre_aliases": [ 20 | "Zeroaccess", 21 | "Trojan.Zeroaccess" 22 | ], 23 | "x_mitre_platforms": [ 24 | "Windows" 25 | ], 26 | "type": "malware", 27 | "labels": [ 28 | "malware" 29 | ], 30 | "modified": "2018-10-17T00:14:20.652Z", 31 | "created": "2017-05-31T21:32:20.949Z" 32 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--5967cc93-57c9-404a-8ffd-097edfa7bdfc.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--5967cc93-57c9-404a-8ffd-097edfa7bdfc", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Hi-Zor", 5 | "description": "[Hi-Zor](https://attack.mitre.org/software/S0087) is a remote access tool (RAT) that has characteristics similar to [Sakula](https://attack.mitre.org/software/S0074). It was used in a campaign named INOCNATION. (Citation: Fidelis Hi-Zor)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0087", 10 | "external_id": "S0087" 11 | }, 12 | { 13 | "source_name": "Fidelis Hi-Zor", 14 | "description": "Fidelis Threat Research Team. (2016, January 27). Introducing Hi-Zor RAT. Retrieved March 24, 2016.", 15 | "url": "https://www.fidelissecurity.com/threatgeek/archive/introducing-hi-zor-rat/" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-05-13T22:56:22.295Z", 23 | "created": "2017-05-31T21:32:56.860Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "Hi-Zor" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--5a84dc36-df0d-4053-9b7c-f0c388a57283.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--5a84dc36-df0d-4053-9b7c-f0c388a57283", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "CALENDAR", 5 | "description": "[CALENDAR](https://attack.mitre.org/software/S0025) is malware used by [APT1](https://attack.mitre.org/groups/G0006) that mimics legitimate Gmail Calendar traffic. (Citation: Mandiant APT1)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0025", 10 | "external_id": "S0025" 11 | }, 12 | { 13 | "source_name": "Mandiant APT1", 14 | "description": "Mandiant. (n.d.). APT1 Exposing One of China\u2019s Cyber Espionage Units. Retrieved July 18, 2016.", 15 | "url": "https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-30T15:12:21.836Z", 23 | "created": "2017-05-31T21:32:20.137Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "CALENDAR" 29 | ], 30 | "x_mitre_version": "1.2" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--5f9f7648-04ba-4a9f-bb4c-2a13e74572bd.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--5f9f7648-04ba-4a9f-bb4c-2a13e74572bd", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Pteranodon", 5 | "description": "[Pteranodon](https://attack.mitre.org/software/S0147) is a custom backdoor used by [Gamaredon Group](https://attack.mitre.org/groups/G0047). (Citation: Palo Alto Gamaredon Feb 2017)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0147", 10 | "external_id": "S0147" 11 | }, 12 | { 13 | "source_name": "Palo Alto Gamaredon Feb 2017", 14 | "description": "Kasza, A. and Reichel, D. (2017, February 27). The Gamaredon Group Toolset Evolution. Retrieved March 1, 2017.", 15 | "url": "https://researchcenter.paloaltonetworks.com/2017/02/unit-42-title-gamaredon-group-toolset-evolution/" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-06-22T17:54:15.287Z", 23 | "created": "2017-05-31T21:33:26.084Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "Pteranodon" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--66b1dcde-17a0-4c7b-95fa-b08d430c2131.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--66b1dcde-17a0-4c7b-95fa-b08d430c2131", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "S-Type", 5 | "description": "[S-Type](https://attack.mitre.org/software/S0085) is a backdoor that was used by [Dust Storm](https://attack.mitre.org/groups/G0031) from 2013 to 2014. (Citation: Cylance Dust Storm)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0085", 10 | "external_id": "S0085" 11 | }, 12 | { 13 | "url": "https://www.cylance.com/content/dam/cylance/pdfs/reports/Op_Dust_Storm_Report.pdf", 14 | "description": "Gross, J. (2016, February 23). Operation Dust Storm. Retrieved September 19, 2017.", 15 | "source_name": "Cylance Dust Storm" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-20T18:28:45.114Z", 23 | "created": "2017-05-31T21:32:55.925Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "S-Type" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--680f680c-eef9-4f8a-b5f5-f451bf47e403.json: -------------------------------------------------------------------------------- 1 | { 2 | "external_references": [ 3 | { 4 | "external_id": "S0507", 5 | "source_name": "mitre-attack", 6 | "url": "https://attack.mitre.org/software/S0507" 7 | }, 8 | { 9 | "source_name": "Lookout eSurv", 10 | "url": "https://blog.lookout.com/esurv-research", 11 | "description": "A. Bauer. (2019, April 8). Lookout discovers phishing sites distributing new iOS and Android surveillanceware. Retrieved September 11, 2020." 12 | } 13 | ], 14 | "created_by_ref": "The MITRE Corporation", 15 | "description": "[eSurv](https://attack.mitre.org/software/S0507) is mobile surveillanceware designed for the lawful intercept market that was developed over the course of many years.(Citation: Lookout eSurv)", 16 | "name": "eSurv", 17 | "id": "malware--680f680c-eef9-4f8a-b5f5-f451bf47e403", 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-09-14T15:39:17.698Z", 23 | "created": "2020-09-14T14:13:45.032Z", 24 | "x_mitre_version": "1.0", 25 | "x_mitre_aliases": [ 26 | "eSurv" 27 | ], 28 | "x_mitre_platforms": [ 29 | "Android", 30 | "iOS" 31 | ] 32 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--98e8a977-3416-43aa-87fa-33e287e9c14c.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--98e8a977-3416-43aa-87fa-33e287e9c14c", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "WINDSHIELD", 5 | "description": "[WINDSHIELD](https://attack.mitre.org/software/S0155) is a signature backdoor used by [APT32](https://attack.mitre.org/groups/G0050). (Citation: FireEye APT32 May 2017)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0155", 10 | "external_id": "S0155" 11 | }, 12 | { 13 | "source_name": "FireEye APT32 May 2017", 14 | "description": "Carr, N.. (2017, May 14). Cyber Espionage is Alive and Well: APT32 and the Threat to Global Corporations. Retrieved June 18, 2017.", 15 | "url": "https://www.fireeye.com/blog/threat-research/2017/05/cyber-espionage-apt32.html" 16 | } 17 | ], 18 | "x_mitre_version": "1.0", 19 | "x_mitre_aliases": [ 20 | "WINDSHIELD" 21 | ], 22 | "x_mitre_platforms": [ 23 | "Windows" 24 | ], 25 | "type": "malware", 26 | "labels": [ 27 | "malware" 28 | ], 29 | "modified": "2018-10-17T00:14:20.652Z", 30 | "created": "2017-12-14T16:46:06.044Z" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--a4a98eab-b691-45d9-8c48-869ef8fefd57.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "ACAD/Medre.A", 3 | "description": "[ACAD/Medre.A](https://collaborate.mitre.org/attackics/index.php/Software/S0018) is a worm that steals operational information. The worm collects AutoCAD files with drawings. ACAD/Medre.A has the capability to be used for industrial espionage.", 4 | "labels": [ 5 | "malware" 6 | ], 7 | "x_mitre_platforms": [ 8 | "Windows" 9 | ], 10 | "x_mitre_aliases": [ 11 | "ACAD", 12 | "Medre.A" 13 | ], 14 | "type": "malware", 15 | "x_mitre_version": "1.0", 16 | "created_by_ref": "The MITRE Corporation", 17 | "id": "malware--a4a98eab-b691-45d9-8c48-869ef8fefd57", 18 | "created": "2017-05-31T21:32:59.661Z", 19 | "modified": "2020-01-02T00:14:20.652Z", 20 | "external_references": [ 21 | { 22 | "external_id": "S1000", 23 | "source_name": "mitre-ics-attack", 24 | "url": "https://collaborate.mitre.org/attackics/index.php/Software/S0018" 25 | } 26 | ] 27 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--ad4f146f-e3ec-444a-ba71-24bffd7f0f8e.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--ad4f146f-e3ec-444a-ba71-24bffd7f0f8e", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "RIPTIDE", 5 | "description": "[RIPTIDE](https://attack.mitre.org/software/S0003) is a proxy-aware backdoor used by [APT12](https://attack.mitre.org/groups/G0005). (Citation: Moran 2014)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0003", 10 | "external_id": "S0003" 11 | }, 12 | { 13 | "url": "https://www.fireeye.com/blog/threat-research/2014/09/darwins-favorite-apt-group-2.html", 14 | "description": "Moran, N., Oppenheim, M., Engle, S., & Wartell, R.. (2014, September 3). Darwin\u2019s Favorite APT Group [Blog]. Retrieved November 12, 2014.", 15 | "source_name": "Moran 2014" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-30T17:28:04.217Z", 23 | "created": "2017-05-31T21:32:11.911Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "RIPTIDE" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--ae9d818d-95d0-41da-b045-9cabea1ca164.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--ae9d818d-95d0-41da-b045-9cabea1ca164", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "PinchDuke", 5 | "description": "[PinchDuke](https://attack.mitre.org/software/S0048) is malware that was used by [APT29](https://attack.mitre.org/groups/G0016) from 2008 to 2010. (Citation: F-Secure The Dukes)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0048", 10 | "external_id": "S0048" 11 | }, 12 | { 13 | "url": "https://www.f-secure.com/documents/996508/1030745/dukes_whitepaper.pdf", 14 | "description": "F-Secure Labs. (2015, September 17). The Dukes: 7 years of Russian cyberespionage. Retrieved December 10, 2015.", 15 | "source_name": "F-Secure The Dukes" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-30T17:21:09.930Z", 23 | "created": "2017-05-31T21:32:35.780Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "PinchDuke" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--b136d088-a829-432c-ac26-5529c26d4c7e.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--b136d088-a829-432c-ac26-5529c26d4c7e", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "OnionDuke", 5 | "description": "[OnionDuke](https://attack.mitre.org/software/S0052) is malware that was used by [APT29](https://attack.mitre.org/groups/G0016) from 2013 to 2015. (Citation: F-Secure The Dukes)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0052", 10 | "external_id": "S0052" 11 | }, 12 | { 13 | "source_name": "F-Secure The Dukes", 14 | "description": "F-Secure Labs. (2015, September 17). The Dukes: 7 years of Russian cyberespionage. Retrieved December 10, 2015.", 15 | "url": "https://www.f-secure.com/documents/996508/1030745/dukes_whitepaper.pdf" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-09-23T15:21:12.900Z", 23 | "created": "2017-05-31T21:32:37.341Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "OnionDuke" 29 | ], 30 | "x_mitre_version": "1.2" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--b143dfa4-e944-43ff-8429-bfffc308c517.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--b143dfa4-e944-43ff-8429-bfffc308c517", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Taidoor", 5 | "description": "[Taidoor](https://attack.mitre.org/software/S0011) is malware that has been used since at least 2010, primarily to target Taiwanese government organizations. (Citation: TrendMicro Taidoor)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0011", 10 | "external_id": "S0011" 11 | }, 12 | { 13 | "source_name": "TrendMicro Taidoor", 14 | "description": "Trend Micro. (2012). The Taidoor Campaign. Retrieved November 12, 2014.", 15 | "url": "http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp_the_taidoor_campaign.pdf" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-30T18:21:09.468Z", 23 | "created": "2017-05-31T21:32:14.900Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "Taidoor" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--b2203c59-4089-4ee4-bfe1-28fa25f0dbfe.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--b2203c59-4089-4ee4-bfe1-28fa25f0dbfe", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Cherry Picker", 5 | "description": "[Cherry Picker](https://attack.mitre.org/software/S0107) is a point of sale (PoS) memory scraper. (Citation: Trustwave Cherry Picker)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0107", 10 | "external_id": "S0107" 11 | }, 12 | { 13 | "source_name": "Trustwave Cherry Picker", 14 | "description": "Merritt, E.. (2015, November 16). Shining the Spotlight on Cherry Picker PoS Malware. Retrieved April 20, 2016.", 15 | "url": "https://www.trustwave.com/Resources/SpiderLabs-Blog/Shining-the-Spotlight-on-Cherry-Picker-PoS-Malware/" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-30T15:20:05.298Z", 23 | "created": "2017-05-31T21:33:05.710Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "Cherry Picker" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--c0c45d38-fe57-4cd4-b2b2-9ecd0ddd4ca9.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--c0c45d38-fe57-4cd4-b2b2-9ecd0ddd4ca9", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "TinyZBot", 5 | "description": "[TinyZBot](https://attack.mitre.org/software/S0004) is a bot written in C# that was developed by [Cleaver](https://attack.mitre.org/groups/G0003). (Citation: Cylance Cleaver)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0004", 10 | "external_id": "S0004" 11 | }, 12 | { 13 | "url": "https://www.cylance.com/content/dam/cylance/pages/operation-cleaver/Cylance_Operation_Cleaver_Report.pdf", 14 | "description": "Cylance. (2014, December). Operation Cleaver. Retrieved September 14, 2017.", 15 | "source_name": "Cylance Cleaver" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-30T18:21:44.275Z", 23 | "created": "2017-05-31T21:32:12.310Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "TinyZBot" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--c0efbaae-9e7d-4716-a92d-68373aac7424.json: -------------------------------------------------------------------------------- 1 | { 2 | "external_references": [ 3 | { 4 | "external_id": "S0403", 5 | "source_name": "mitre-attack", 6 | "url": "https://attack.mitre.org/software/S0403" 7 | }, 8 | { 9 | "description": "Tatyana Shishkova. (2019, June 25). Riltok mobile Trojan: A banker with global reach. Retrieved August 7, 2019.", 10 | "url": "https://securelist.com/mobile-banker-riltok/91374/", 11 | "source_name": "Kaspersky Riltok June 2019" 12 | } 13 | ], 14 | "created_by_ref": "The MITRE Corporation", 15 | "description": "[Riltok](https://attack.mitre.org/software/S0403) is banking malware that uses phishing popups to collect user credentials.(Citation: Kaspersky Riltok June 2019)", 16 | "name": "Riltok", 17 | "id": "malware--c0efbaae-9e7d-4716-a92d-68373aac7424", 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2019-09-18T13:44:13.080Z", 23 | "created": "2019-08-07T15:57:12.877Z", 24 | "x_mitre_version": "1.0", 25 | "x_mitre_aliases": [ 26 | "Riltok" 27 | ], 28 | "x_mitre_platforms": [ 29 | "Android" 30 | ] 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--c5e9cb46-aced-466c-85ea-7db5572ad9ec.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--c5e9cb46-aced-466c-85ea-7db5572ad9ec", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Trojan.Mebromi", 5 | "description": "[Trojan.Mebromi](https://attack.mitre.org/software/S0001) is BIOS-level malware that takes control of the victim before MBR. (Citation: Ge 2011)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0001", 10 | "external_id": "S0001" 11 | }, 12 | { 13 | "source_name": "Ge 2011", 14 | "description": "Ge, L. (2011, September 9). BIOS Threat is Showing up Again!. Retrieved November 14, 2014.", 15 | "url": "http://www.symantec.com/connect/blogs/bios-threat-showing-again" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-30T18:22:55.430Z", 23 | "created": "2017-05-31T21:32:11.148Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "Trojan.Mebromi" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--e1161124-f22e-487f-9d5f-ed8efc8dcd61.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--e1161124-f22e-487f-9d5f-ed8efc8dcd61", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Mis-Type", 5 | "description": "[Mis-Type](https://attack.mitre.org/software/S0084) is a backdoor hybrid that was used by [Dust Storm](https://attack.mitre.org/groups/G0031) in 2012. (Citation: Cylance Dust Storm)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0084", 10 | "external_id": "S0084" 11 | }, 12 | { 13 | "url": "https://www.cylance.com/content/dam/cylance/pdfs/reports/Op_Dust_Storm_Report.pdf", 14 | "description": "Gross, J. (2016, February 23). Operation Dust Storm. Retrieved September 19, 2017.", 15 | "source_name": "Cylance Dust Storm" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-20T18:16:03.001Z", 23 | "created": "2017-05-31T21:32:55.565Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "Mis-Type" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--ecc2f65a-b452-4eaf-9689-7e181f17f7a5.json: -------------------------------------------------------------------------------- 1 | { 2 | "external_references": [ 3 | { 4 | "external_id": "S0375", 5 | "source_name": "mitre-attack", 6 | "url": "https://attack.mitre.org/software/S0375" 7 | }, 8 | { 9 | "description": "Legezo, D. (2019, January 30). Chafer used Remexi malware to spy on Iran-based foreign diplomatic entities. Retrieved April 17, 2019.", 10 | "url": "https://securelist.com/chafer-used-remexi-malware/89538/", 11 | "source_name": "Securelist Remexi Jan 2019" 12 | } 13 | ], 14 | "created_by_ref": "The MITRE Corporation", 15 | "name": "Remexi", 16 | "description": "[Remexi](https://attack.mitre.org/software/S0375) is a Windows-based Trojan that was developed in the C programming language.(Citation: Securelist Remexi Jan 2019)", 17 | "id": "malware--ecc2f65a-b452-4eaf-9689-7e181f17f7a5", 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-30T18:04:25.880Z", 23 | "created": "2019-04-17T19:18:00.270Z", 24 | "x_mitre_version": "1.1", 25 | "x_mitre_aliases": [ 26 | "Remexi" 27 | ], 28 | "x_mitre_platforms": [ 29 | "Windows" 30 | ] 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--f082fc59-0317-49cf-971f-a1b6296ebb52.json: -------------------------------------------------------------------------------- 1 | { 2 | "external_references": [ 3 | { 4 | "external_id": "S0424", 5 | "source_name": "mitre-attack", 6 | "url": "https://attack.mitre.org/software/S0424" 7 | }, 8 | { 9 | "description": "Snow, J. (2016, March 3). Triada: organized crime on Android. Retrieved July 16, 2019.", 10 | "url": "https://www.kaspersky.com/blog/triada-trojan/11481/", 11 | "source_name": "Kaspersky Triada March 2016" 12 | } 13 | ], 14 | "created_by_ref": "The MITRE Corporation", 15 | "description": "[Triada](https://attack.mitre.org/software/S0424) was first reported in 2016 as a second stage malware. Later versions in 2019 appeared with new techniques and as an initial downloader of other Trojan apps.(Citation: Kaspersky Triada March 2016)", 16 | "name": "Triada", 17 | "id": "malware--f082fc59-0317-49cf-971f-a1b6296ebb52", 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-05-28T16:52:37.979Z", 23 | "created": "2019-07-16T14:33:12.034Z", 24 | "x_mitre_version": "1.0", 25 | "x_mitre_aliases": [ 26 | "Triada" 27 | ], 28 | "x_mitre_platforms": [ 29 | "Android" 30 | ] 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--f2e8c7a1-cae1-45c4-baf0-6f21bdcbb2c2.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--f2e8c7a1-cae1-45c4-baf0-6f21bdcbb2c2", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "GLOOXMAIL", 5 | "description": "[GLOOXMAIL](https://attack.mitre.org/software/S0026) is malware used by [APT1](https://attack.mitre.org/groups/G0006) that mimics legitimate Jabber/XMPP traffic. (Citation: Mandiant APT1)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0026", 10 | "external_id": "S0026" 11 | }, 12 | { 13 | "source_name": "Mandiant APT1", 14 | "description": "Mandiant. (n.d.). APT1 Exposing One of China\u2019s Cyber Espionage Units. Retrieved July 18, 2016.", 15 | "url": "https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-30T16:42:52.248Z", 23 | "created": "2017-05-31T21:32:20.526Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "GLOOXMAIL", 29 | "Trojan.GTALK" 30 | ], 31 | "x_mitre_version": "1.1" 32 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--f72251cb-2be5-421f-a081-99c29a1209e7.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--f72251cb-2be5-421f-a081-99c29a1209e7", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "MacSpy", 5 | "description": "[MacSpy](https://attack.mitre.org/software/S0282) is a malware-as-a-service offered on the darkweb (Citation: objsee mac malware 2017).", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0282", 10 | "external_id": "S0282" 11 | }, 12 | { 13 | "source_name": "MacSpy", 14 | "description": "(Citation: objsee mac malware 2017)." 15 | }, 16 | { 17 | "source_name": "objsee mac malware 2017", 18 | "description": "Patrick Wardle. (n.d.). Mac Malware of 2017. Retrieved September 21, 2018.", 19 | "url": "https://objective-see.com/blog/blog_0x25.html" 20 | } 21 | ], 22 | "type": "malware", 23 | "labels": [ 24 | "malware" 25 | ], 26 | "modified": "2020-03-30T17:00:58.813Z", 27 | "created": "2018-10-17T00:14:20.652Z", 28 | "x_mitre_platforms": [ 29 | "macOS" 30 | ], 31 | "x_mitre_aliases": [ 32 | "MacSpy" 33 | ], 34 | "x_mitre_version": "1.1" 35 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--fb261c56-b80e-43a9-8351-c84081e7213d.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "malware--fb261c56-b80e-43a9-8351-c84081e7213d", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "BACKSPACE", 5 | "description": "[BACKSPACE](https://attack.mitre.org/software/S0031) is a backdoor used by [APT30](https://attack.mitre.org/groups/G0013) that dates back to at least 2005. (Citation: FireEye APT30)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0031", 10 | "external_id": "S0031" 11 | }, 12 | { 13 | "source_name": "FireEye APT30", 14 | "description": "FireEye Labs. (2015, April). APT30 AND THE MECHANICS OF A LONG-RUNNING CYBER ESPIONAGE OPERATION. Retrieved May 1, 2015.", 15 | "url": "https://www2.fireeye.com/rs/fireye/images/rpt-apt30.pdf" 16 | } 17 | ], 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2020-03-30T14:54:21.256Z", 23 | "created": "2017-05-31T21:32:24.428Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "BACKSPACE", 29 | "Lecna" 30 | ], 31 | "x_mitre_version": "1.1" 32 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/malware/malware--ff8e0c38-be47-410f-a2d3-a3d24a87c617.json: -------------------------------------------------------------------------------- 1 | { 2 | "external_references": [ 3 | { 4 | "external_id": "S0406", 5 | "source_name": "mitre-attack", 6 | "url": "https://attack.mitre.org/software/S0406" 7 | }, 8 | { 9 | "source_name": "Talos Gustuff Apr 2019", 10 | "url": "https://blog.talosintelligence.com/2019/04/gustuff-targets-australia.html", 11 | "description": "Vitor Ventura. (2019, April 9). Gustuff banking botnet targets Australia . Retrieved September 3, 2019." 12 | } 13 | ], 14 | "created_by_ref": "The MITRE Corporation", 15 | "description": "[Gustuff](https://attack.mitre.org/software/S0406) is mobile malware designed to steal users' banking and virtual currency credentials.(Citation: Talos Gustuff Apr 2019)", 16 | "name": "Gustuff", 17 | "id": "malware--ff8e0c38-be47-410f-a2d3-a3d24a87c617", 18 | "type": "malware", 19 | "labels": [ 20 | "malware" 21 | ], 22 | "modified": "2019-10-14T19:14:17.007Z", 23 | "created": "2019-09-03T20:08:00.241Z", 24 | "x_mitre_version": "1.0", 25 | "x_mitre_aliases": [ 26 | "Gustuff" 27 | ], 28 | "x_mitre_platforms": [ 29 | "Android" 30 | ] 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--0a68f1f1-da74-4d28-8d9a-696c082706cc.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--0a68f1f1-da74-4d28-8d9a-696c082706cc", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "certutil", 5 | "description": "[certutil](https://attack.mitre.org/software/S0160) is a command-line utility that can be used to obtain certificate authority information and configure Certificate Services. (Citation: TechNet Certutil)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0160", 10 | "external_id": "S0160" 11 | }, 12 | { 13 | "url": "https://technet.microsoft.com/library/cc732443.aspx", 14 | "description": "Microsoft. (2012, November 14). Certutil. Retrieved July 3, 2017.", 15 | "source_name": "TechNet Certutil" 16 | } 17 | ], 18 | "type": "tool", 19 | "labels": [ 20 | "tool" 21 | ], 22 | "modified": "2019-07-31T19:57:28.859Z", 23 | "created": "2017-12-14T16:46:06.044Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "certutil", 29 | "certutil.exe" 30 | ], 31 | "x_mitre_version": "1.1" 32 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--0c8465c0-d0b4-4670-992e-4eee8d7ff952.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--0c8465c0-d0b4-4670-992e-4eee8d7ff952", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "at", 5 | "description": "[at](https://attack.mitre.org/software/S0110) is used to schedule tasks on a system to run at a specified date or time. (Citation: TechNet At)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0110", 10 | "external_id": "S0110" 11 | }, 12 | { 13 | "source_name": "TechNet At", 14 | "description": "Microsoft. (n.d.). At. Retrieved April 28, 2016.", 15 | "url": "https://technet.microsoft.com/en-us/library/bb490866.aspx" 16 | } 17 | ], 18 | "type": "tool", 19 | "labels": [ 20 | "tool" 21 | ], 22 | "modified": "2020-03-30T18:34:22.227Z", 23 | "created": "2017-05-31T21:33:06.824Z", 24 | "x_mitre_platforms": [ 25 | "Linux", 26 | "Windows", 27 | "macOS" 28 | ], 29 | "x_mitre_aliases": [ 30 | "at", 31 | "at.exe" 32 | ], 33 | "x_mitre_version": "1.1" 34 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--102c3898-85e0-43ee-ae28-62a0a3ed9507.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--102c3898-85e0-43ee-ae28-62a0a3ed9507", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "UACMe", 5 | "description": "[UACMe](https://attack.mitre.org/software/S0116) is an open source assessment tool that contains many methods for bypassing Windows User Account Control on multiple versions of the operating system. (Citation: Github UACMe)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0116", 10 | "external_id": "S0116" 11 | }, 12 | { 13 | "source_name": "Github UACMe", 14 | "description": "UACME Project. (2016, June 16). UACMe. Retrieved July 26, 2016.", 15 | "url": "https://github.com/hfiref0x/UACME" 16 | } 17 | ], 18 | "x_mitre_version": "1.0", 19 | "x_mitre_aliases": [ 20 | "UACMe" 21 | ], 22 | "x_mitre_platforms": [ 23 | "Windows" 24 | ], 25 | "type": "tool", 26 | "labels": [ 27 | "tool" 28 | ], 29 | "modified": "2018-10-17T00:14:20.652Z", 30 | "created": "2017-05-31T21:33:09.047Z" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--242f3da3-4425-4d11-8f5c-b842886da966.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--242f3da3-4425-4d11-8f5c-b842886da966", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Windows Credential Editor", 5 | "description": "[Windows Credential Editor](https://attack.mitre.org/software/S0005) is a password dumping tool. (Citation: Amplia WCE)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0005", 10 | "external_id": "S0005" 11 | }, 12 | { 13 | "source_name": "Amplia WCE", 14 | "description": "Amplia Security. (n.d.). Windows Credentials Editor (WCE) F.A.Q.. Retrieved December 17, 2015.", 15 | "url": "http://www.ampliasecurity.com/research/wcefaq.html" 16 | } 17 | ], 18 | "type": "tool", 19 | "labels": [ 20 | "tool" 21 | ], 22 | "modified": "2020-03-30T18:28:34.296Z", 23 | "created": "2017-05-31T21:32:12.684Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "Windows Credential Editor", 29 | "WCE" 30 | ], 31 | "x_mitre_version": "1.1" 32 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--294e2560-bd48-44b2-9da2-833b5588ad11.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--294e2560-bd48-44b2-9da2-833b5588ad11", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "ipconfig", 5 | "description": "[ipconfig](https://attack.mitre.org/software/S0100) is a Windows utility that can be used to find information about a system's TCP/IP, DNS, DHCP, and adapter configuration. (Citation: TechNet Ipconfig)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0100", 10 | "external_id": "S0100" 11 | }, 12 | { 13 | "source_name": "TechNet Ipconfig", 14 | "description": "Microsoft. (n.d.). Ipconfig. Retrieved April 17, 2016.", 15 | "url": "https://technet.microsoft.com/en-us/library/bb490921.aspx" 16 | } 17 | ], 18 | "x_mitre_version": "1.0", 19 | "x_mitre_aliases": [ 20 | "ipconfig", 21 | "ipconfig.exe" 22 | ], 23 | "x_mitre_platforms": [ 24 | "Windows" 25 | ], 26 | "type": "tool", 27 | "labels": [ 28 | "tool" 29 | ], 30 | "modified": "2018-10-17T00:14:20.652Z", 31 | "created": "2017-05-31T21:33:02.863Z" 32 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--2fab555f-7664-4623-b4e0-1675ae38190b.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--2fab555f-7664-4623-b4e0-1675ae38190b", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Lslsass", 5 | "description": "[Lslsass](https://attack.mitre.org/software/S0121) is a publicly-available tool that can dump active logon session password hashes from the lsass process. (Citation: Mandiant APT1)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0121", 10 | "external_id": "S0121" 11 | }, 12 | { 13 | "source_name": "Mandiant APT1", 14 | "description": "Mandiant. (n.d.). APT1 Exposing One of China\u2019s Cyber Espionage Units. Retrieved July 18, 2016.", 15 | "url": "https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf" 16 | } 17 | ], 18 | "type": "tool", 19 | "labels": [ 20 | "tool" 21 | ], 22 | "modified": "2020-03-30T16:59:48.036Z", 23 | "created": "2017-05-31T21:33:10.962Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "Lslsass" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--30489451-5886-4c46-90c9-0dff9adc5252.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--30489451-5886-4c46-90c9-0dff9adc5252", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Arp", 5 | "description": "[Arp](https://attack.mitre.org/software/S0099) displays information about a system's Address Resolution Protocol (ARP) cache. (Citation: TechNet Arp)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0099", 10 | "external_id": "S0099" 11 | }, 12 | { 13 | "source_name": "TechNet Arp", 14 | "description": "Microsoft. (n.d.). Arp. Retrieved April 17, 2016.", 15 | "url": "https://technet.microsoft.com/en-us/library/bb490864.aspx" 16 | } 17 | ], 18 | "x_mitre_version": "1.0", 19 | "x_mitre_aliases": [ 20 | "Arp", 21 | "arp.exe" 22 | ], 23 | "x_mitre_platforms": [ 24 | "Linux", 25 | "Windows", 26 | "macOS" 27 | ], 28 | "type": "tool", 29 | "labels": [ 30 | "tool" 31 | ], 32 | "modified": "2018-10-17T00:14:20.652Z", 33 | "created": "2017-05-31T21:33:02.428Z" 34 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--362dc67f-4e85-4562-9dac-1b6b7f3ec4b5.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--362dc67f-4e85-4562-9dac-1b6b7f3ec4b5", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "ifconfig", 5 | "description": "[ifconfig](https://attack.mitre.org/software/S0101) is a Unix-based utility used to gather information about and interact with the TCP/IP settings on a system. (Citation: Wikipedia Ifconfig)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0101", 10 | "external_id": "S0101" 11 | }, 12 | { 13 | "source_name": "Wikipedia Ifconfig", 14 | "description": "Wikipedia. (2016, January 26). ifconfig. Retrieved April 17, 2016.", 15 | "url": "https://en.wikipedia.org/wiki/Ifconfig" 16 | } 17 | ], 18 | "x_mitre_version": "1.0", 19 | "x_mitre_aliases": [ 20 | "ifconfig" 21 | ], 22 | "x_mitre_platforms": [ 23 | "Linux" 24 | ], 25 | "type": "tool", 26 | "labels": [ 27 | "tool" 28 | ], 29 | "modified": "2018-10-17T00:14:20.652Z", 30 | "created": "2017-05-31T21:33:03.377Z" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--4664b683-f578-434f-919b-1c1aad2a1111.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--4664b683-f578-434f-919b-1c1aad2a1111", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "netstat", 5 | "description": "[netstat](https://attack.mitre.org/software/S0104) is an operating system utility that displays active TCP connections, listening ports, and network statistics. (Citation: TechNet Netstat)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0104", 10 | "external_id": "S0104" 11 | }, 12 | { 13 | "source_name": "TechNet Netstat", 14 | "description": "Microsoft. (n.d.). Netstat. Retrieved April 17, 2016.", 15 | "url": "https://technet.microsoft.com/en-us/library/bb490947.aspx" 16 | } 17 | ], 18 | "x_mitre_version": "1.0", 19 | "x_mitre_aliases": [ 20 | "netstat", 21 | "netstat.exe" 22 | ], 23 | "x_mitre_platforms": [ 24 | "Windows", 25 | "Linux", 26 | "macOS" 27 | ], 28 | "type": "tool", 29 | "labels": [ 30 | "tool" 31 | ], 32 | "modified": "2018-10-17T00:14:20.652Z", 33 | "created": "2017-05-31T21:33:04.545Z" 34 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--4f45dfeb-fe51-4df0-8db3-edf7dd0513fe.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--4f45dfeb-fe51-4df0-8db3-edf7dd0513fe", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Fgdump", 5 | "description": "[Fgdump](https://attack.mitre.org/software/S0120) is a Windows password hash dumper. (Citation: Mandiant APT1)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0120", 10 | "external_id": "S0120" 11 | }, 12 | { 13 | "source_name": "Mandiant APT1", 14 | "description": "Mandiant. (n.d.). APT1 Exposing One of China\u2019s Cyber Espionage Units. Retrieved July 18, 2016.", 15 | "url": "https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf" 16 | } 17 | ], 18 | "type": "tool", 19 | "labels": [ 20 | "tool" 21 | ], 22 | "modified": "2020-03-30T16:40:33.738Z", 23 | "created": "2017-05-31T21:33:10.569Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "Fgdump" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--4fa49fc0-9162-4bdb-a37e-7aa3dcb6d38b.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--4fa49fc0-9162-4bdb-a37e-7aa3dcb6d38b", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "xCmd", 5 | "description": "[xCmd](https://attack.mitre.org/software/S0123) is an open source tool that is similar to [PsExec](https://attack.mitre.org/software/S0029) and allows the user to execute applications on remote systems. (Citation: xCmd)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0123", 10 | "external_id": "S0123" 11 | }, 12 | { 13 | "source_name": "xCmd", 14 | "description": "Rayaprolu, A.. (2011, April 12). xCmd an Alternative to PsExec. Retrieved August 10, 2016.", 15 | "url": "https://ashwinrayaprolu.wordpress.com/2011/04/12/xcmd-an-alternative-to-psexec/" 16 | } 17 | ], 18 | "x_mitre_version": "1.0", 19 | "x_mitre_aliases": [ 20 | "xCmd" 21 | ], 22 | "x_mitre_platforms": [ 23 | "Windows" 24 | ], 25 | "type": "tool", 26 | "labels": [ 27 | "tool" 28 | ], 29 | "modified": "2018-10-17T00:14:20.652Z", 30 | "created": "2017-05-31T21:33:11.941Z" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--5a63f900-5e7e-4928-a746-dd4558e1df71.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--5a63f900-5e7e-4928-a746-dd4558e1df71", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "netsh", 5 | "description": "[netsh](https://attack.mitre.org/software/S0108) is a scripting utility used to interact with networking components on local or remote systems. (Citation: TechNet Netsh)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0108", 10 | "external_id": "S0108" 11 | }, 12 | { 13 | "source_name": "TechNet Netsh", 14 | "description": "Microsoft. (n.d.). Using Netsh. Retrieved February 13, 2017.", 15 | "url": "https://technet.microsoft.com/library/bb490939.aspx" 16 | } 17 | ], 18 | "type": "tool", 19 | "labels": [ 20 | "tool" 21 | ], 22 | "modified": "2020-03-31T12:41:22.189Z", 23 | "created": "2017-05-31T21:33:06.083Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "netsh", 29 | "netsh.exe" 30 | ], 31 | "x_mitre_version": "1.1" 32 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--64764dc6-a032-495f-8250-1e4c06bdc163.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--64764dc6-a032-495f-8250-1e4c06bdc163", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "BITSAdmin", 5 | "description": "[BITSAdmin](https://attack.mitre.org/software/S0190) is a command line tool used to create and manage [BITS Jobs](https://attack.mitre.org/techniques/T1197). (Citation: Microsoft BITSAdmin)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0190", 10 | "external_id": "S0190" 11 | }, 12 | { 13 | "source_name": "Microsoft BITSAdmin", 14 | "description": "Microsoft. (n.d.). BITSAdmin Tool. Retrieved January 12, 2018.", 15 | "url": "https://msdn.microsoft.com/library/aa362813.aspx" 16 | } 17 | ], 18 | "type": "tool", 19 | "labels": [ 20 | "tool" 21 | ], 22 | "modified": "2020-03-20T18:09:11.516Z", 23 | "created": "2018-04-18T17:59:24.739Z", 24 | "x_mitre_contributors": [ 25 | "Edward Millington" 26 | ], 27 | "x_mitre_platforms": [ 28 | "Windows" 29 | ], 30 | "x_mitre_aliases": [ 31 | "BITSAdmin" 32 | ], 33 | "x_mitre_version": "1.2" 34 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--65370d0b-3bd4-4653-8cf9-daf56f6be830.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--65370d0b-3bd4-4653-8cf9-daf56f6be830", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "meek", 5 | "description": "[meek](https://attack.mitre.org/software/S0175) is an open-source Tor plugin that tunnels Tor traffic through HTTPS connections.", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0175", 10 | "external_id": "S0175" 11 | } 12 | ], 13 | "x_mitre_version": "1.0", 14 | "x_mitre_aliases": [ 15 | "meek" 16 | ], 17 | "x_mitre_platforms": [ 18 | "Linux", 19 | "Windows", 20 | "macOS" 21 | ], 22 | "type": "tool", 23 | "labels": [ 24 | "tool" 25 | ], 26 | "modified": "2018-10-17T00:14:20.652Z", 27 | "created": "2018-01-16T16:13:52.465Z" 28 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--7fcbc4e8-1989-441f-9ac5-e7b6ff5806f1.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--7fcbc4e8-1989-441f-9ac5-e7b6ff5806f1", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Systeminfo", 5 | "description": "[Systeminfo](https://attack.mitre.org/software/S0096) is a Windows utility that can be used to gather detailed information about a computer. (Citation: TechNet Systeminfo)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0096", 10 | "external_id": "S0096" 11 | }, 12 | { 13 | "source_name": "TechNet Systeminfo", 14 | "description": "Microsoft. (n.d.). Systeminfo. Retrieved April 8, 2016.", 15 | "url": "https://technet.microsoft.com/en-us/library/bb491007.aspx" 16 | } 17 | ], 18 | "x_mitre_version": "1.0", 19 | "x_mitre_aliases": [ 20 | "systeminfo.exe", 21 | "Systeminfo" 22 | ], 23 | "x_mitre_platforms": [ 24 | "Windows" 25 | ], 26 | "type": "tool", 27 | "labels": [ 28 | "tool" 29 | ], 30 | "modified": "2018-10-17T00:14:20.652Z", 31 | "created": "2017-05-31T21:33:00.969Z" 32 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--975737f1-b10d-476f-8bda-3ec26ea57172.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--975737f1-b10d-476f-8bda-3ec26ea57172", 3 | "name": "MCMD", 4 | "description": "[MCMD](https://attack.mitre.org/software/S0500) is a remote access tool that provides remote command shell capability used by [Dragonfly 2.0](https://attack.mitre.org/groups/G0074).(Citation: Secureworks MCMD July 2019)", 5 | "created_by_ref": "The MITRE Corporation", 6 | "external_references": [ 7 | { 8 | "external_id": "S0500", 9 | "source_name": "mitre-attack", 10 | "url": "https://attack.mitre.org/software/S0500" 11 | }, 12 | { 13 | "source_name": "Secureworks MCMD July 2019", 14 | "url": "https://www.secureworks.com/research/mcmd-malware-analysis", 15 | "description": "Secureworks. (2019, July 24). MCMD Malware Analysis. Retrieved August 13, 2020." 16 | } 17 | ], 18 | "type": "tool", 19 | "labels": [ 20 | "tool" 21 | ], 22 | "modified": "2020-08-20T14:52:23.369Z", 23 | "created": "2020-08-13T17:15:25.702Z", 24 | "x_mitre_version": "1.0", 25 | "x_mitre_aliases": [ 26 | "MCMD" 27 | ], 28 | "x_mitre_platforms": [ 29 | "Windows" 30 | ] 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--981acc4c-2ede-4b56-be6e-fa1a75f37acf.json: -------------------------------------------------------------------------------- 1 | { 2 | "external_references": [ 3 | { 4 | "external_id": "S0359", 5 | "source_name": "mitre-attack", 6 | "url": "https://attack.mitre.org/software/S0359" 7 | }, 8 | { 9 | "source_name": "Nltest Manual", 10 | "url": "https://ss64.com/nt/nltest.html", 11 | "description": "ss64. (n.d.). NLTEST.exe - Network Location Test. Retrieved February 14, 2019." 12 | } 13 | ], 14 | "created_by_ref": "The MITRE Corporation", 15 | "description": "[Nltest](https://attack.mitre.org/software/S0359) is a Windows command-line utility used to list domain controllers and enumerate domain trusts.(Citation: Nltest Manual)", 16 | "name": "Nltest", 17 | "id": "tool--981acc4c-2ede-4b56-be6e-fa1a75f37acf", 18 | "type": "tool", 19 | "labels": [ 20 | "tool" 21 | ], 22 | "modified": "2019-04-22T19:06:17.325Z", 23 | "created": "2019-02-14T17:08:55.176Z", 24 | "x_mitre_version": "1.0", 25 | "x_mitre_aliases": [ 26 | "Nltest" 27 | ], 28 | "x_mitre_platforms": [ 29 | "Windows" 30 | ] 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--9a2640c2-9f43-46fe-b13f-bde881e55555.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--9a2640c2-9f43-46fe-b13f-bde881e55555", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "sqlmap", 5 | "description": "[sqlmap](https://attack.mitre.org/software/S0225) is an open source penetration testing tool that can be used to automate the process of detecting and exploiting SQL injection flaws. (Citation: sqlmap Introduction)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0225", 10 | "external_id": "S0225" 11 | }, 12 | { 13 | "source_name": "sqlmap Introduction", 14 | "description": "Damele, B., Stampar, M. (n.d.). sqlmap. Retrieved March 19, 2018.", 15 | "url": "http://sqlmap.org/" 16 | } 17 | ], 18 | "x_mitre_version": "1.0", 19 | "x_mitre_aliases": [ 20 | "sqlmap" 21 | ], 22 | "x_mitre_platforms": [ 23 | "Linux", 24 | "Windows", 25 | "macOS" 26 | ], 27 | "type": "tool", 28 | "labels": [ 29 | "tool" 30 | ], 31 | "modified": "2018-10-17T00:14:20.652Z", 32 | "created": "2018-04-18T17:59:24.739Z" 33 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--9de2308e-7bed-43a3-8e58-f194b3586700.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--9de2308e-7bed-43a3-8e58-f194b3586700", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "pwdump", 5 | "description": "[pwdump](https://attack.mitre.org/software/S0006) is a credential dumper. (Citation: Wikipedia pwdump)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0006", 10 | "external_id": "S0006" 11 | }, 12 | { 13 | "source_name": "Wikipedia pwdump", 14 | "description": "Wikipedia. (2007, August 9). pwdump. Retrieved June 22, 2016.", 15 | "url": "https://en.wikipedia.org/wiki/Pwdump" 16 | } 17 | ], 18 | "type": "tool", 19 | "labels": [ 20 | "tool" 21 | ], 22 | "modified": "2020-08-13T20:12:50.895Z", 23 | "created": "2017-05-31T21:32:13.051Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "pwdump" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--a1dd2dbd-1550-44bf-abcc-1a4c52e97719.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--a1dd2dbd-1550-44bf-abcc-1a4c52e97719", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Responder", 5 | "description": "Responder is an open source tool used for LLMNR, NBT-NS and MDNS poisoning, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. (Citation: GitHub Responder)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0174", 10 | "external_id": "S0174" 11 | }, 12 | { 13 | "source_name": "GitHub Responder", 14 | "description": "Gaffie, L. (2016, August 25). Responder. Retrieved November 17, 2017.", 15 | "url": "https://github.com/SpiderLabs/Responder" 16 | } 17 | ], 18 | "x_mitre_version": "1.0", 19 | "x_mitre_aliases": [ 20 | "Responder" 21 | ], 22 | "x_mitre_platforms": [ 23 | "Windows" 24 | ], 25 | "type": "tool", 26 | "labels": [ 27 | "tool" 28 | ], 29 | "modified": "2018-10-17T00:14:20.652Z", 30 | "created": "2018-01-16T16:13:52.465Z" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--b07c2c47-fefb-4d7c-a69e-6a3296171f54.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--b07c2c47-fefb-4d7c-a69e-6a3296171f54", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "gsecdump", 5 | "description": "[gsecdump](https://attack.mitre.org/software/S0008) is a publicly-available credential dumper used to obtain password hashes and LSA secrets from Windows operating systems. (Citation: TrueSec Gsecdump)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0008", 10 | "external_id": "S0008" 11 | }, 12 | { 13 | "source_name": "TrueSec Gsecdump", 14 | "description": "TrueSec. (n.d.). gsecdump v2.0b5. Retrieved September 29, 2015.", 15 | "url": "https://www.truesec.se/sakerhet/verktyg/saakerhet/gsecdump_v2.0b5" 16 | } 17 | ], 18 | "type": "tool", 19 | "labels": [ 20 | "tool" 21 | ], 22 | "modified": "2020-03-30T18:35:48.851Z", 23 | "created": "2017-05-31T21:32:13.755Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "gsecdump" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--b35068ec-107a-4266-bda8-eb7036267aea.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--b35068ec-107a-4266-bda8-eb7036267aea", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "nbtstat", 5 | "description": "[nbtstat](https://attack.mitre.org/software/S0102) is a utility used to troubleshoot NetBIOS name resolution. (Citation: TechNet Nbtstat)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0102", 10 | "external_id": "S0102" 11 | }, 12 | { 13 | "source_name": "TechNet Nbtstat", 14 | "description": "Microsoft. (n.d.). Nbtstat. Retrieved April 17, 2016.", 15 | "url": "https://technet.microsoft.com/en-us/library/cc940106.aspx" 16 | } 17 | ], 18 | "x_mitre_version": "1.0", 19 | "x_mitre_aliases": [ 20 | "nbtstat", 21 | "nbtstat.exe" 22 | ], 23 | "x_mitre_platforms": [ 24 | "Windows" 25 | ], 26 | "type": "tool", 27 | "labels": [ 28 | "tool" 29 | ], 30 | "modified": "2018-10-17T00:14:20.652Z", 31 | "created": "2017-05-31T21:33:03.773Z" 32 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--b77b563c-34bb-4fb8-86a3-3694338f7b47.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--b77b563c-34bb-4fb8-86a3-3694338f7b47", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Ping", 5 | "description": "[Ping](https://attack.mitre.org/software/S0097) is an operating system utility commonly used to troubleshoot and verify network connections. (Citation: TechNet Ping)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0097", 10 | "external_id": "S0097" 11 | }, 12 | { 13 | "source_name": "TechNet Ping", 14 | "description": "Microsoft. (n.d.). Ping. Retrieved April 8, 2016.", 15 | "url": "https://technet.microsoft.com/en-us/library/bb490968.aspx" 16 | } 17 | ], 18 | "x_mitre_version": "1.0", 19 | "x_mitre_aliases": [ 20 | "ping.exe", 21 | "Ping" 22 | ], 23 | "x_mitre_platforms": [ 24 | "Linux", 25 | "Windows", 26 | "macOS" 27 | ], 28 | "type": "tool", 29 | "labels": [ 30 | "tool" 31 | ], 32 | "modified": "2018-10-17T00:14:20.652Z", 33 | "created": "2017-05-31T21:33:01.483Z" 34 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--c11ac61d-50f4-444f-85d8-6f006067f0de.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--c11ac61d-50f4-444f-85d8-6f006067f0de", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "route", 5 | "description": "[route](https://attack.mitre.org/software/S0103) can be used to find or change information within the local system IP routing table. (Citation: TechNet Route)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0103", 10 | "external_id": "S0103" 11 | }, 12 | { 13 | "source_name": "TechNet Route", 14 | "description": "Microsoft. (n.d.). Route. Retrieved April 17, 2016.", 15 | "url": "https://technet.microsoft.com/en-us/library/bb490991.aspx" 16 | } 17 | ], 18 | "x_mitre_version": "1.0", 19 | "x_mitre_aliases": [ 20 | "route", 21 | "route.exe" 22 | ], 23 | "x_mitre_platforms": [ 24 | "Linux", 25 | "Windows", 26 | "macOS" 27 | ], 28 | "type": "tool", 29 | "labels": [ 30 | "tool" 31 | ], 32 | "modified": "2018-10-17T00:14:20.652Z", 33 | "created": "2017-05-31T21:33:04.151Z" 34 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--c9703cd3-141c-43a0-a926-380082be5d04.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--c9703cd3-141c-43a0-a926-380082be5d04", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "schtasks", 5 | "description": "[schtasks](https://attack.mitre.org/software/S0111) is used to schedule execution of programs or scripts on a Windows system to run at a specific date and time. (Citation: TechNet Schtasks)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0111", 10 | "external_id": "S0111" 11 | }, 12 | { 13 | "source_name": "TechNet Schtasks", 14 | "description": "Microsoft. (n.d.). Schtasks. Retrieved April 28, 2016.", 15 | "url": "https://technet.microsoft.com/en-us/library/bb490996.aspx" 16 | } 17 | ], 18 | "type": "tool", 19 | "labels": [ 20 | "tool" 21 | ], 22 | "modified": "2020-03-31T12:42:36.620Z", 23 | "created": "2017-05-31T21:33:07.218Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "schtasks", 29 | "schtasks.exe" 30 | ], 31 | "x_mitre_version": "1.1" 32 | } -------------------------------------------------------------------------------- /cdas/assets/mitre_cti/tools/tool--c9cd7ec9-40b7-49db-80be-1399eddd9c52.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "tool--c9cd7ec9-40b7-49db-80be-1399eddd9c52", 3 | "created_by_ref": "The MITRE Corporation", 4 | "name": "Cachedump", 5 | "description": "[Cachedump](https://attack.mitre.org/software/S0119) is a publicly-available tool that program extracts cached password hashes from a system\u2019s registry. (Citation: Mandiant APT1)", 6 | "external_references": [ 7 | { 8 | "source_name": "mitre-attack", 9 | "url": "https://attack.mitre.org/software/S0119", 10 | "external_id": "S0119" 11 | }, 12 | { 13 | "source_name": "Mandiant APT1", 14 | "description": "Mandiant. (n.d.). APT1 Exposing One of China\u2019s Cyber Espionage Units. Retrieved July 18, 2016.", 15 | "url": "https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf" 16 | } 17 | ], 18 | "type": "tool", 19 | "labels": [ 20 | "tool" 21 | ], 22 | "modified": "2020-03-30T15:15:36.756Z", 23 | "created": "2017-05-31T21:33:10.197Z", 24 | "x_mitre_platforms": [ 25 | "Windows" 26 | ], 27 | "x_mitre_aliases": [ 28 | "Cachedump" 29 | ], 30 | "x_mitre_version": "1.1" 31 | } -------------------------------------------------------------------------------- /cdas/data/asns/Algeria.json: -------------------------------------------------------------------------------- 1 | {"36947": ["41.96.0.0/12", "41.200.0.0/15", "41.221.16.0/20", "41.223.236.0/22", "80.249.64.0/20", "105.96.0.0/12", "154.73.92.0/22", "196.20.64.0/18", "197.112.0.0/13", "197.200.0.0/13"], "33779": ["80.88.12.0/22", "105.235.128.0/20", "168.253.96.0/20"], "21391": ["80.246.0.0/20"], "30781": ["82.196.25.0/24"], "13213": ["103.111.61.0/24"], "327931": ["129.45.0.0/17"], "327712": ["154.121.0.0/16", "213.140.59.0/24"], "3223": ["172.94.64.0/24"], "22363": ["178.208.176.0/24"], "3208": ["193.194.64.0/19"], "36891": ["196.41.224.0/19", "197.140.0.0/14"], "16214": ["213.179.160.0/19"]} -------------------------------------------------------------------------------- /cdas/data/asns/American_Samoa.json: -------------------------------------------------------------------------------- 1 | {"9751": ["38.111.133.0/24", "38.134.240.0/24", "66.178.5.0/24", "66.178.14.0/24", "103.117.168.0/22", "206.80.28.0/22"], "23657": ["38.134.236.0/22", "198.52.28.0/22", "202.70.112.0/20"]} -------------------------------------------------------------------------------- /cdas/data/asns/Andorra.json: -------------------------------------------------------------------------------- 1 | {"6752": ["46.172.224.0/19", "80.80.84.0/22", "80.80.92.0/22", "85.94.160.0/19", "89.150.2.0/23", "89.150.4.0/22", "89.150.8.0/21", "91.187.64.0/19", "185.4.52.0/22", "185.33.0.0/22", "185.87.36.0/22", "185.132.200.0/22", "185.194.56.0/22", "194.158.64.0/19"]} -------------------------------------------------------------------------------- /cdas/data/asns/Anguilla.json: -------------------------------------------------------------------------------- 1 | {"11139": ["76.76.176.0/21", "76.76.184.0/22"], "15344": ["76.76.188.0/23"], "393410": ["192.30.124.0/24"], "33576": ["204.14.252.0/23", "204.14.255.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Antigua_and_Barbuda.json: -------------------------------------------------------------------------------- 1 | {"397529": ["23.132.144.0/24"], "19246": ["69.50.64.0/20"], "11139": ["69.57.233.0/24", "69.57.234.0/23", "76.76.190.0/23", "199.16.58.0/23", "204.16.112.0/22"], "11594": ["170.39.108.0/22", "208.83.80.0/21", "216.48.96.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Aruba.json: -------------------------------------------------------------------------------- 1 | {"11816": ["66.247.200.0/21", "179.61.32.0/19", "204.212.120.0/21", "206.48.100.0/22", "209.88.128.0/21"], "3223": ["104.243.246.0/24"], "264645": ["138.255.252.0/24", "138.255.254.0/23", "186.190.232.0/24", "190.104.96.0/21"]} -------------------------------------------------------------------------------- /cdas/data/asns/Bahamas.json: -------------------------------------------------------------------------------- 1 | {"15146": ["24.51.64.0/18", "24.206.0.0/19", "24.231.32.0/19", "24.244.128.0/18", "64.66.0.0/20", "64.150.192.0/18", "65.75.64.0/18", "69.4.160.0/20", "199.102.188.0/22", "206.138.16.0/20"], "8014": ["63.245.112.0/20", "65.198.208.0/21", "104.166.32.0/20", "108.60.224.0/19", "199.38.198.0/23", "204.236.64.0/18", "209.88.136.0/21"], "19128": ["66.226.160.0/19"], "19377": ["141.193.84.0/22", "192.231.36.0/24"], "398165": ["161.199.175.0/24"], "9009": ["172.111.233.0/24"], "18635": ["190.15.68.0/22", "208.87.32.0/21"]} -------------------------------------------------------------------------------- /cdas/data/asns/Bahrain.json: -------------------------------------------------------------------------------- 1 | {"16509": ["15.184.0.0/15", "99.77.147.0/24", "157.175.0.0/16"], "35457": ["46.235.208.0/21", "80.95.208.0/20"], "29802": ["46.243.150.0/24"], "51964": ["57.88.32.0/20"], "31452": ["62.209.0.0/19", "83.136.56.0/21", "94.79.192.0/18", "109.161.128.0/17"], "5416": ["77.69.128.0/17", "82.194.32.0/19", "84.255.128.0/18", "88.201.0.0/17", "89.148.0.0/18", "185.165.176.0/22", "193.188.12.0/23", "193.188.96.0/19", "217.17.224.0/19"], "39273": ["77.83.88.0/22", "78.110.64.0/20", "81.22.16.0/20", "87.236.48.0/21", "185.33.176.0/22"], "30882": ["79.171.240.0/21"], "35313": ["80.88.240.0/20", "188.137.128.0/17"], "35546": ["80.241.144.0/20"], "35019": ["85.158.128.0/21", "185.156.236.0/22"], "35568": ["87.236.136.0/21", "185.236.132.0/22"], "35729": ["87.252.96.0/21", "87.252.104.0/23", "87.252.126.0/23"], "51375": ["93.188.192.0/21", "95.84.80.0/20", "95.84.96.0/19", "185.143.124.0/22"], "59605": ["151.248.96.0/20"], "210052": ["176.118.176.0/22"], "56494": ["185.49.160.0/22"], "5237": ["207.132.224.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Barbados.json: -------------------------------------------------------------------------------- 1 | {"14813": ["23.236.0.0/20", "63.175.156.0/22", "64.210.40.0/21", "65.48.128.0/22", "65.48.132.0/23", "65.48.160.0/21", "65.48.168.0/23", "65.48.200.0/23", "65.48.208.0/22", "65.48.228.0/24", "65.48.230.0/23", "65.166.240.0/21", "65.172.24.0/22", "69.73.192.0/23", "69.73.209.0/24", "69.73.210.0/23", "69.73.216.0/21", "69.73.224.0/22", "69.73.232.0/22", "72.51.80.0/24", "104.153.128.0/21", "104.200.96.0/20", "162.246.104.0/21", "192.214.120.0/22", "192.214.124.0/23", "192.235.48.0/20", "199.254.104.0/21", "200.50.78.0/23", "200.50.86.0/23", "200.50.91.0/24", "204.212.240.0/21", "206.231.120.0/21", "208.0.96.0/21"], "33576": ["63.143.64.0/21", "162.212.12.0/23"], "35900": ["64.119.192.0/20", "199.47.52.0/22"], "11139": ["65.48.207.0/24", "65.48.214.0/24", "72.51.68.0/23", "72.51.125.0/24", "72.51.126.0/23", "200.50.68.0/23", "205.214.192.0/23", "205.214.194.0/24", "205.214.206.0/24"], "46408": ["72.51.87.0/24", "196.1.169.0/24", "216.110.119.0/24"], "3223": ["172.94.97.0/24"], "55033": ["192.171.120.0/21"], "31794": ["198.246.229.0/24", "198.246.230.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Belize.json: -------------------------------------------------------------------------------- 1 | {"265826": ["45.70.228.0/22"], "265818": ["45.70.240.0/22"], "267932": ["45.180.120.0/22"], "51852": ["45.227.254.0/24", "176.223.112.0/23"], "61317": ["45.231.206.0/23", "104.243.241.0/24"], "266762": ["45.234.88.0/22"], "49542": ["80.87.207.0/24"], "8100": ["103.230.140.0/24"], "203098": ["103.230.143.0/24"], "28094": ["131.161.148.0/22", "176.53.184.0/23", "200.123.208.0/21"], "266833": ["131.255.40.0/22"], "52449": ["138.97.156.0/22", "167.249.200.0/22", "168.195.76.0/22", "170.247.220.0/22"], "263824": ["138.185.76.0/22", "170.254.16.0/22"], "265727": ["160.238.136.0/22"], "264779": ["168.197.208.0/22"], "10269": ["170.0.180.0/22", "179.42.192.0/18", "190.197.0.0/17", "200.32.192.0/18"], "263187": ["179.51.252.0/22"], "264640": ["179.63.216.0/21"], "174": ["181.41.140.0/22"], "262287": ["181.114.240.0/20"], "56388": ["185.156.200.0/22"], "206264": ["185.169.253.0/24"], "262254": ["186.2.160.0/22", "186.2.168.0/22"], "262239": ["186.65.88.0/22", "190.211.145.0/24", "190.211.146.0/23", "190.211.148.0/24", "196.52.81.0/24"], "64200": ["190.14.11.0/24", "190.99.80.0/23", "190.99.84.0/22"], "29802": ["190.102.100.0/22"], "264663": ["191.97.80.0/21"], "213058": ["193.218.190.0/24"], "209242": ["203.23.103.0/24", "203.30.188.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Benin.json: -------------------------------------------------------------------------------- 1 | {"37292": ["41.74.0.0/20", "41.191.84.0/22", "41.223.248.0/22", "154.127.32.0/20"], "37424": ["41.79.216.0/22", "197.234.216.0/21"], "37090": ["41.86.224.0/19", "41.222.192.0/22", "102.38.128.0/19", "154.66.128.0/20"], "37136": ["41.138.88.0/22", "156.0.212.0/22"], "328092": ["45.221.224.0/19"], "28683": ["81.91.224.0/20", "137.255.0.0/16", "196.46.152.0/22", "196.192.16.0/20"], "36924": ["154.72.112.0/20", "196.250.64.0/18"], "328228": ["160.119.144.0/22"], "328098": ["164.160.140.0/22"], "327818": ["196.49.8.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Bermuda.json: -------------------------------------------------------------------------------- 1 | {"32020": ["64.147.80.0/20", "162.221.212.0/22", "209.240.32.0/20"], "3855": ["66.55.112.0/20", "104.218.168.0/21", "142.54.192.0/21", "162.255.216.0/21", "198.207.16.0/21", "199.96.64.0/22", "199.172.192.0/18", "206.188.128.0/19", "216.249.32.0/20"], "395705": ["66.97.172.0/23"], "11269": ["69.17.192.0/19", "198.182.170.0/24", "199.193.228.0/22", "200.10.166.0/24", "208.75.200.0/22", "208.82.164.0/22", "208.89.228.0/22"], "47060": ["74.114.240.0/22"], "16413": ["76.8.32.0/20", "206.53.176.0/20"], "11618": ["192.219.29.0/24"], "23021": ["196.1.107.0/24"], "19626": ["199.15.228.0/22", "199.68.192.0/22"], "23313": ["199.16.248.0/22"], "394478": ["199.27.70.0/23"], "395838": ["199.87.170.0/23"], "10388": ["205.211.8.0/23"]} -------------------------------------------------------------------------------- /cdas/data/asns/Bhutan.json: -------------------------------------------------------------------------------- 1 | {"136039": ["43.229.124.0/22", "103.80.108.0/22"], "135666": ["43.230.208.0/24", "103.78.111.0/24", "103.78.116.0/23", "103.252.84.0/24"], "23955": ["43.241.136.0/22", "103.29.224.0/22", "118.103.136.0/21"], "18025": ["45.64.248.0/22"], "132232": ["103.7.252.0/22"], "137925": ["103.117.80.0/24"], "137994": ["103.119.126.0/24"], "138529": ["103.127.254.0/24"], "134715": ["103.133.216.0/22", "103.197.176.0/22", "220.158.236.0/22"], "18024": ["119.2.96.0/19", "202.144.128.0/19"], "38004": ["202.89.24.0/21"]} -------------------------------------------------------------------------------- /cdas/data/asns/Botswana.json: -------------------------------------------------------------------------------- 1 | {"36963": ["41.74.48.0/20", "41.77.88.0/21", "41.138.72.0/21", "41.190.244.0/22", "41.223.140.0/22", "105.235.240.0/20"], "33781": ["41.75.0.0/20", "196.45.164.0/22"], "14988": ["41.76.240.0/21", "41.87.160.0/19", "41.216.208.0/21", "83.143.24.0/21", "168.167.0.0/16"], "327760": ["41.79.32.0/22"], "37395": ["41.79.136.0/22", "102.165.128.0/19"], "37604": ["41.191.64.0/22", "197.231.192.0/22"], "37678": ["41.191.216.0/22", "129.205.192.0/18", "156.38.16.0/20"], "37014": ["41.223.72.0/22", "156.38.4.0/22"], "328348": ["102.134.84.0/22"], "328343": ["102.134.136.0/22"], "327776": ["102.134.160.0/20", "154.73.84.0/22"], "327830": ["102.141.112.0/21", "169.255.80.0/22"], "327716": ["154.70.144.0/21"], "327757": ["154.73.36.0/22"], "16637": ["196.61.208.0/21", "213.193.40.0/21"], "36974": ["196.200.208.0/20"], "37051": ["196.216.163.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/British_Virgin_Islands.json: -------------------------------------------------------------------------------- 1 | {"14694": ["23.136.96.0/24", "206.81.110.0/24"], "397636": ["23.137.112.0/24"], "22069": ["74.113.104.0/22"], "49164": ["89.36.173.0/24"], "60907": ["89.36.174.0/24"], "56951": ["89.39.161.0/24"], "56729": ["89.40.96.0/22"], "202723": ["89.44.81.0/24"], "64471": ["89.44.83.0/24"], "58022": ["89.46.33.0/24"], "41646": ["89.46.38.0/24"], "49734": ["89.46.240.0/24"], "51441": ["89.46.244.0/24"], "9009": ["89.46.246.0/24"], "16255": ["94.232.28.0/23"], "41095": ["98.158.96.0/20", "104.254.124.0/22"], "139750": ["103.144.140.0/23"], "32475": ["104.219.72.0/22"], "3223": ["104.250.184.0/24"], "40034": ["162.210.68.0/23", "162.222.224.0/24", "162.251.87.0/24", "199.79.60.0/23", "199.191.50.0/23", "204.11.56.0/23", "208.91.196.0/23"], "40809": ["162.255.144.0/22"], "209242": ["203.24.102.0/23", "203.32.120.0/23", "203.34.28.0/24", "203.34.80.0/24", "203.55.107.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Brunei.json: -------------------------------------------------------------------------------- 1 | {"9009": ["37.230.172.0/24", "141.101.150.0/24"], "36351": ["37.230.183.0/24", "141.101.147.0/24", "172.94.29.0/24", "192.253.252.0/24"], "55303": ["43.225.40.0/22", "43.225.136.0/22", "43.251.128.0/22", "45.127.140.0/22", "103.16.120.0/22", "103.17.24.0/22", "103.18.172.0/22", "103.224.96.0/22", "103.230.64.0/22", "185.8.100.0/22", "185.100.40.0/22", "195.128.4.0/22"], "10094": ["61.6.192.0/18", "118.103.248.0/21", "119.160.128.0/18", "158.161.0.0/16", "202.12.26.0/24", "202.93.208.0/20", "202.160.0.0/19", "202.160.32.0/20"], "131467": ["103.4.188.0/22"], "132395": ["103.20.24.0/22"], "133788": ["103.42.208.0/22"], "45259": ["103.139.109.0/24", "202.59.230.0/24", "202.90.36.0/24"], "10101": ["202.152.64.0/19"]} -------------------------------------------------------------------------------- /cdas/data/asns/Burkina_Faso.json: -------------------------------------------------------------------------------- 1 | {"37163": ["41.78.48.0/21"], "25543": ["41.138.96.0/19", "41.203.224.0/20", "154.66.160.0/20", "192.136.55.0/24", "196.28.240.0/20", "212.52.128.0/19"], "37073": ["41.216.144.0/20"], "37008": ["41.223.232.0/22"], "36924": ["102.23.0.0/18"], "328534": ["102.36.164.0/22"], "37721": ["102.67.96.0/19", "165.16.208.0/20"], "328448": ["102.68.125.0/24"], "60171": ["102.69.152.0/22"], "37577": ["102.178.0.0/15", "102.180.0.0/16", "196.223.47.0/24"], "328649": ["102.223.102.0/24"], "328627": ["102.223.174.0/23"], "37526": ["105.235.176.0/20"], "328330": ["192.12.116.0/24"], "327871": ["196.13.207.0/24"], "328245": ["196.43.247.0/24"], "328010": ["196.49.19.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Burundi.json: -------------------------------------------------------------------------------- 1 | {"37336": ["41.79.44.0/22"], "37545": ["41.79.224.0/22", "102.134.96.0/20"], "327720": ["154.70.196.0/22"], "327799": ["154.73.104.0/22", "154.117.192.0/18"], "327798": ["154.119.0.0/19"], "25429": ["196.2.8.0/21"], "327734": ["196.13.223.0/24"], "37429": ["197.157.192.0/22"], "37586": ["197.231.248.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Cabo_Verde.json: -------------------------------------------------------------------------------- 1 | {"37517": ["41.74.128.0/20", "41.215.208.0/20", "41.221.192.0/20", "165.90.96.0/19", "197.255.128.0/20"], "37575": ["41.79.124.0/22", "102.222.140.0/22", "169.239.12.0/22"], "327862": ["213.150.192.0/21"]} -------------------------------------------------------------------------------- /cdas/data/asns/Cameroon.json: -------------------------------------------------------------------------------- 1 | {"327741": ["41.77.80.0/21"], "37475": ["41.78.204.0/22", "41.79.128.0/22", "154.73.200.0/21"], "36912": ["41.202.192.0/19", "102.244.0.0/14"], "15964": ["41.204.64.0/19", "154.72.128.0/18", "165.210.0.0/15", "192.145.186.0/23", "195.24.192.0/19"], "30992": ["41.205.0.0/19", "129.0.0.0/16", "154.70.96.0/19", "196.202.232.0/21"], "36905": ["41.205.64.0/19", "41.223.28.0/22"], "36955": ["41.211.96.0/19"], "37672": ["41.216.232.0/22"], "37620": ["41.244.0.0/16"], "328352": ["102.135.189.0/24"], "328666": ["102.223.6.0/24"], "327920": ["169.239.40.0/22"], "327820": ["169.255.4.0/22", "196.216.212.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Cayman_Islands.json: -------------------------------------------------------------------------------- 1 | {"16437": ["23.188.0.0/24", "161.199.132.0/22", "162.247.220.0/22", "192.160.250.0/24"], "6639": ["63.136.112.0/21", "162.211.136.0/22", "192.0.4.0/22", "199.201.84.0/22", "205.136.238.0/23", "208.157.144.0/21", "208.168.224.0/19", "208.169.64.0/22", "208.169.86.0/23", "208.169.88.0/21", "209.27.52.0/22", "209.27.60.0/22"], "21744": ["63.251.158.0/24", "64.94.58.0/24", "162.249.128.0/21"], "36549": ["74.222.64.0/19", "173.225.208.0/20", "216.144.80.0/20"], "40065": ["103.140.242.0/23"], "398132": ["138.43.115.0/24"], "397343": ["138.43.248.0/22"], "3223": ["172.94.113.0/24"], "16705": ["208.26.64.0/19", "208.82.216.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Central_African_Republic.json: -------------------------------------------------------------------------------- 1 | {"37460": ["41.223.184.0/22", "197.242.176.0/21"], "328079": ["169.239.96.0/22"], "5511": ["196.216.160.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Chad.json: -------------------------------------------------------------------------------- 1 | {"328594": ["41.218.0.0/21", "41.242.152.0/21"], "327975": ["102.131.56.0/22", "169.239.120.0/22"], "328679": ["102.223.48.0/22"], "328104": ["154.68.128.0/19"], "327756": ["154.73.112.0/22"], "327802": ["154.73.160.0/21"], "327864": ["169.255.152.0/22"], "37462": ["197.149.128.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Comoros.json: -------------------------------------------------------------------------------- 1 | {"328061": ["164.160.136.0/22"], "36939": ["197.255.224.0/20"]} -------------------------------------------------------------------------------- /cdas/data/asns/Congo_Democratic_Republic_of_the.json: -------------------------------------------------------------------------------- 1 | {"37447": ["41.77.220.0/22", "169.239.156.0/22", "197.157.208.0/22"], "37677": ["41.79.232.0/22"], "37453": ["41.190.80.0/22", "41.215.252.0/22", "193.110.104.0/23", "197.149.184.0/22"], "37638": ["41.190.232.0/22"], "37020": ["41.222.196.0/22", "196.13.110.0/24", "196.49.68.0/23"], "37415": ["41.222.216.0/22"], "37414": ["41.223.104.0/22", "196.61.72.0/22"], "327933": ["41.242.128.0/22"], "327738": ["45.221.4.0/22", "154.73.20.0/22"], "328566": ["102.23.116.0/22"], "328542": ["102.36.168.0/22"], "328552": ["102.36.180.0/24"], "328551": ["102.64.76.0/22"], "206283": ["102.67.60.0/22"], "328442": ["102.68.56.0/21"], "328443": ["102.68.152.0/22"], "328407": ["102.128.64.0/21"], "328344": ["102.135.176.0/21"], "328249": ["156.0.88.0/22"], "328238": ["156.0.198.0/24"], "328003": ["169.239.72.0/22"], "327750": ["169.239.212.0/22"], "327879": ["169.255.188.0/22"], "328601": ["192.145.188.0/22"], "43256": ["196.8.224.0/24"], "13126": ["196.41.67.0/24"], "327875": ["196.216.216.0/23"], "37598": ["197.189.0.0/17"], "37571": ["197.231.252.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Congo_Republic_of_the.json: -------------------------------------------------------------------------------- 1 | {"37281": ["41.75.64.0/20", "164.160.16.0/22"], "328500": ["102.64.116.0/22"], "328425": ["102.68.184.0/22"], "36924": ["102.141.0.0/18"], "327829": ["102.223.220.0/22", "169.255.72.0/22"], "37451": ["154.53.208.0/22", "197.157.252.0/22"], "37463": ["160.113.0.0/16", "197.149.136.0/22"], "37548": ["196.43.240.0/24"], "52356": ["196.53.69.0/24"], "37550": ["197.214.128.0/17"], "37322": ["197.255.176.0/20"]} -------------------------------------------------------------------------------- /cdas/data/asns/Cook_Islands.json: -------------------------------------------------------------------------------- 1 | {} -------------------------------------------------------------------------------- /cdas/data/asns/Cuba.json: -------------------------------------------------------------------------------- 1 | {"27725": ["152.206.0.0/15", "181.225.224.0/19", "190.6.64.0/19", "190.15.144.0/20", "190.92.112.0/20", "190.107.0.0/20", "200.0.24.0/22", "200.5.12.0/22", "200.13.144.0/21", "200.14.48.0/21", "200.55.128.0/18", "201.220.192.0/19"], "11960": ["200.0.16.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Curacao.json: -------------------------------------------------------------------------------- 1 | {"265825": ["45.71.156.0/22"], "266780": ["45.234.112.0/22"], "52233": ["63.245.108.0/23", "131.221.144.0/22", "138.219.140.0/22", "161.0.96.0/20", "170.245.0.0/22", "186.2.176.0/20", "190.112.224.0/19"], "11081": ["65.208.122.0/23", "131.72.112.0/22", "200.6.56.0/21", "216.152.160.0/20"], "27660": ["138.99.212.0/22", "138.255.253.0/24", "186.190.233.0/24"], "26505": ["186.190.240.0/21", "186.190.248.0/22", "186.190.252.0/23", "200.124.128.0/19"], "52344": ["190.104.104.0/21"], "27762": ["190.121.240.0/20"], "52391": ["190.123.20.0/22"], "262238": ["200.115.179.0/24"], "27748": ["206.107.225.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Djibouti.json: -------------------------------------------------------------------------------- 1 | {"327831": ["196.49.10.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Dominica.json: -------------------------------------------------------------------------------- 1 | {"40945": ["69.12.108.0/22", "104.153.248.0/22", "162.213.168.0/22"], "11139": ["69.80.36.0/22", "69.80.40.0/22", "69.80.44.0/23", "162.253.100.0/22", "198.101.28.0/22", "206.53.141.0/24", "209.59.104.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Equatorial_Guinea.json: -------------------------------------------------------------------------------- 1 | {"37337": ["41.79.48.0/22", "102.223.24.0/22"], "37173": ["41.222.112.0/21"], "37529": ["102.141.216.0/22", "102.164.248.0/21", "164.160.84.0/22", "169.239.112.0/22", "197.214.64.0/20"], "37487": ["105.235.224.0/20"], "37512": ["154.73.56.0/22", "197.149.168.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Eritrea.json: -------------------------------------------------------------------------------- 1 | {"30987": ["196.200.96.0/20"]} -------------------------------------------------------------------------------- /cdas/data/asns/Eswatini.json: -------------------------------------------------------------------------------- 1 | {"37510": ["41.77.232.0/21"], "19711": ["41.84.224.0/19", "41.215.144.0/20", "69.63.64.0/20", "102.67.144.0/22", "196.8.219.0/24"], "32398": ["41.204.0.0/19", "196.28.7.0/24"], "327765": ["41.211.32.0/19"], "206283": ["102.68.48.0/22"], "328144": ["160.119.208.0/22"], "328169": ["165.73.132.0/22"], "37518": ["196.245.168.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Ethiopia.json: -------------------------------------------------------------------------------- 1 | {"3223": ["104.250.178.0/24"], "24757": ["164.160.184.0/22", "196.188.0.0/14", "197.156.64.0/18", "213.55.64.0/18"]} -------------------------------------------------------------------------------- /cdas/data/asns/Faroe_Islands.json: -------------------------------------------------------------------------------- 1 | {"56704": ["37.120.252.0/23"], "20963": ["46.227.112.0/21", "80.77.128.0/20", "81.25.176.0/20", "185.88.228.0/22"], "15389": ["81.18.224.0/20", "88.85.32.0/19", "178.19.192.0/20", "185.74.208.0/22", "193.34.104.0/22", "212.55.32.0/19", "217.172.80.0/20"], "206928": ["185.171.172.0/22"], "209175": ["195.80.36.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Fiji.json: -------------------------------------------------------------------------------- 1 | {"38442": ["43.245.56.0/22", "103.244.228.0/22", "183.81.128.0/20"], "4638": ["45.112.224.0/22", "103.52.88.0/22", "103.76.157.0/24", "103.148.54.0/23", "119.235.64.0/19", "119.235.96.0/21", "202.62.118.0/23", "202.62.120.0/21", "210.7.0.0/19"], "45355": ["45.117.240.0/21", "103.1.180.0/22", "103.58.20.0/22", "103.101.240.0/22", "202.129.228.0/22", "202.151.16.0/20"], "132248": ["103.71.204.0/24"], "135647": ["103.77.225.0/24", "103.137.129.0/24"], "136921": ["103.99.43.0/24"], "137890": ["103.116.156.0/24"], "9241": ["110.35.88.0/21", "113.20.64.0/19", "202.170.32.0/20", "203.202.235.0/24"], "24390": ["144.120.0.0/16"]} -------------------------------------------------------------------------------- /cdas/data/asns/French_Polynesia.json: -------------------------------------------------------------------------------- 1 | {"56017": ["43.249.176.0/22", "103.4.72.0/22", "113.197.68.0/22"], "9471": ["103.46.216.0/22", "123.50.64.0/18", "148.66.64.0/18", "202.3.224.0/19", "202.90.64.0/19", "203.185.160.0/20", "203.185.176.0/21"], "138179": ["103.129.120.0/22"], "55943": ["103.254.224.0/22", "218.100.77.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Gabon.json: -------------------------------------------------------------------------------- 1 | {"37390": ["41.78.240.0/22", "154.0.32.0/19", "169.159.0.0/18", "197.242.0.0/19"], "16058": ["41.211.128.0/18", "154.112.0.0/16", "154.116.0.0/17", "154.119.192.0/19", "217.77.64.0/20"], "37669": ["41.223.168.0/22", "154.66.232.0/21"], "328429": ["102.129.32.0/22"], "328485": ["102.135.164.0/22"], "36924": ["102.142.0.0/16", "160.119.160.0/19"], "328304": ["102.164.124.0/22"], "37616": ["154.0.176.0/20"], "31167": ["169.239.148.0/22"], "327876": ["169.255.148.0/22"], "327796": ["196.49.17.0/24"], "328124": ["196.50.32.0/19"]} -------------------------------------------------------------------------------- /cdas/data/asns/Gambia.json: -------------------------------------------------------------------------------- 1 | {"37503": ["41.76.8.0/21", "197.231.128.0/21"], "37309": ["41.223.212.0/22", "146.196.128.0/17", "155.251.0.0/16", "160.182.0.0/15", "196.46.232.0/21", "197.242.128.0/20"], "25250": ["102.140.128.0/19", "212.60.64.0/19"], "327719": ["196.49.1.0/24", "196.223.34.0/24"], "328140": ["196.223.144.0/21"], "37524": ["197.148.72.0/21"], "37552": ["197.231.204.0/22"], "37323": ["197.255.192.0/20"]} -------------------------------------------------------------------------------- /cdas/data/asns/Gibraltar.json: -------------------------------------------------------------------------------- 1 | {"60117": ["5.183.230.0/24"], "1273": ["31.222.48.0/22"], "21110": ["31.222.55.0/24"], "198849": ["91.109.248.0/21"], "29390": ["91.198.133.0/24"], "47448": ["93.191.192.0/23", "93.191.196.0/24", "213.187.234.0/24"], "202087": ["94.26.93.0/24", "94.26.95.0/24", "94.26.97.0/24", "94.26.98.0/23", "94.26.103.0/24", "94.26.109.0/24", "94.190.196.0/22", "104.255.128.0/21", "153.94.56.0/21", "185.9.212.0/22", "185.75.80.0/22", "185.83.148.0/22", "185.94.76.0/22", "192.190.168.0/22"], "35583": ["95.164.48.0/24"], "29632": ["95.164.50.0/23", "95.164.56.0/21", "95.164.96.0/19", "95.164.144.0/20", "95.164.240.0/20", "185.39.28.0/22", "195.10.218.0/24"], "265850": ["95.164.192.0/19"], "8301": ["178.208.192.0/19", "185.74.72.0/22", "195.244.192.0/19", "212.120.224.0/19", "217.65.48.0/20"], "34803": ["185.104.220.0/22", "195.166.192.0/19"], "196775": ["193.169.30.0/24"], "46918": ["193.218.156.0/22"], "39249": ["195.149.96.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Greenland.json: -------------------------------------------------------------------------------- 1 | {"8818": ["37.18.44.0/22", "37.230.164.0/22", "46.16.16.0/21", "46.243.151.0/24", "88.83.0.0/19", "128.0.70.0/24", "178.170.132.0/22", "178.170.147.0/24", "178.170.160.0/22", "178.170.199.0/24", "178.170.200.0/22", "178.170.204.0/23", "178.170.210.0/23", "178.170.212.0/22", "178.170.216.0/24", "185.18.188.0/22", "185.21.228.0/22", "185.57.160.0/22", "185.93.20.0/22", "185.157.200.0/22", "188.72.71.0/24", "194.177.224.0/19"], "396319": ["185.195.238.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Grenada.json: -------------------------------------------------------------------------------- 1 | {"63351": ["38.86.181.0/24"], "46650": ["63.245.30.0/23", "63.245.56.0/22", "63.245.66.0/23", "65.48.134.0/23", "65.48.136.0/22", "65.48.202.0/23", "65.48.204.0/23", "65.48.206.0/24", "69.73.194.0/23", "69.73.208.0/24", "69.73.230.0/23", "69.73.240.0/22", "69.73.244.0/23", "69.80.46.0/23", "69.80.48.0/23", "69.80.50.0/24", "72.22.146.0/23", "72.22.154.0/23", "72.51.70.0/23", "72.51.72.0/24", "72.51.81.0/24", "72.51.82.0/23", "72.51.84.0/23", "72.51.86.0/24", "72.51.124.0/24", "74.117.84.0/22", "74.122.88.0/21", "104.245.92.0/22", "162.222.84.0/23", "162.245.152.0/22", "192.214.126.0/23", "199.83.192.0/21", "199.85.236.0/22", "200.50.71.0/24", "200.50.72.0/24", "205.214.207.0/24", "205.214.210.0/23", "216.110.113.0/24", "216.110.114.0/23", "216.110.118.0/24", "216.110.125.0/24", "216.110.126.0/23"], "30272": ["67.159.199.0/24"], "393682": ["104.245.48.0/22"], "14813": ["200.50.70.0/24"], "393629": ["201.221.88.0/22"], "14432": ["206.126.244.0/24"], "10278": ["216.110.116.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Guam.json: -------------------------------------------------------------------------------- 1 | {"9246": ["43.240.88.0/22", "67.98.160.0/21", "103.7.100.0/22", "114.142.192.0/18", "117.20.120.0/21", "120.29.200.0/21", "202.151.64.0/19", "209.164.184.0/21"], "55863": ["49.128.104.0/22"], "7131": ["103.3.240.0/22"], "17456": ["103.212.24.0/22", "139.5.136.0/22", "199.127.236.0/22", "203.95.8.0/21"], "21996": ["116.68.0.0/19", "202.47.144.0/20"], "3605": ["121.55.192.0/18", "182.173.192.0/18", "202.128.64.0/19", "202.131.160.0/19", "204.44.188.0/22"], "395400": ["168.123.0.0/16", "192.149.202.0/24"], "703": ["202.22.176.0/20"], "56200": ["203.215.52.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Guernsey.json: -------------------------------------------------------------------------------- 1 | {"8680": ["37.72.152.0/21", "77.81.75.0/24", "78.111.192.0/20", "84.247.1.0/24", "85.204.71.0/24", "85.204.135.0/24", "85.204.144.0/24", "85.204.192.0/24", "86.104.12.0/24", "86.104.64.0/24", "86.105.10.0/23", "88.81.128.0/19", "89.32.207.0/24", "89.33.15.0/24", "89.35.82.0/23", "89.37.59.0/24", "89.40.64.0/24", "89.42.115.0/24", "89.42.179.0/24", "91.190.160.0/21", "93.187.144.0/21", "185.3.100.0/22", "185.104.200.0/22", "185.110.36.0/22"], "13216": ["45.11.144.0/22"], "203872": ["84.247.0.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Guinea-Bissau.json: -------------------------------------------------------------------------------- 1 | {"327769": ["154.73.60.0/22"], "11300": ["196.22.12.0/22"], "37559": ["197.214.80.0/20"]} -------------------------------------------------------------------------------- /cdas/data/asns/Guinea.json: -------------------------------------------------------------------------------- 1 | {"37430": ["41.77.184.0/21"], "37427": ["41.79.200.0/22"], "37141": ["41.79.236.0/22", "41.191.220.0/22"], "37665": ["41.223.48.0/22", "196.49.64.0/24"], "37612": ["41.242.88.0/22", "102.176.160.0/20"], "328107": ["45.220.52.0/22"], "328244": ["160.119.128.0/21"]} -------------------------------------------------------------------------------- /cdas/data/asns/Guyana.json: -------------------------------------------------------------------------------- 1 | {"264694": ["168.232.144.0/22"], "19863": ["181.41.64.0/18", "181.199.224.0/19", "190.80.0.0/17"], "52433": ["181.177.216.0/22"], "52253": ["190.108.196.0/22", "190.108.200.0/21", "190.108.208.0/21", "190.124.220.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Haiti.json: -------------------------------------------------------------------------------- 1 | {"27759": ["148.102.128.0/17", "168.197.100.0/22", "170.239.12.0/22", "186.190.0.0/17", "190.120.192.0/19", "190.196.192.0/20", "200.2.128.0/19", "201.150.104.0/22"], "27653": ["161.0.128.0/20", "161.0.144.0/21", "200.113.192.0/18", "201.131.77.0/24"], "264616": ["170.83.192.0/22"], "52260": ["186.1.192.0/20", "190.102.64.0/19", "190.115.128.0/18"], "52382": ["200.115.182.0/23"]} -------------------------------------------------------------------------------- /cdas/data/asns/Isle_of_Man.json: -------------------------------------------------------------------------------- 1 | {"8680": ["37.18.136.0/21", "46.31.200.0/21", "185.48.76.0/22"], "24851": ["37.235.55.0/24", "192.71.211.0/24"], "13122": ["43.225.112.0/22", "46.226.184.0/21", "80.65.240.0/20", "87.254.64.0/19", "92.39.192.0/20", "178.16.0.0/20", "195.10.96.0/19", "213.137.0.0/19", "217.28.0.0/20"], "208770": ["45.85.196.0/22"], "14537": ["78.24.208.0/21"], "15766": ["83.218.0.0/19", "217.23.160.0/20"], "42455": ["84.246.200.0/21", "89.107.0.0/21", "109.70.40.0/21", "185.74.56.0/22"], "59268": ["91.223.161.0/24"], "60923": ["185.16.0.0/22"], "34738": ["185.31.220.0/22"], "201898": ["185.60.88.0/22"], "50763": ["185.241.44.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Jamaica.json: -------------------------------------------------------------------------------- 1 | {"33576": ["23.156.32.0/24", "63.143.72.0/22", "63.143.80.0/20", "66.54.112.0/21", "69.160.96.0/19", "104.244.224.0/21", "184.170.0.0/18"], "30689": ["65.183.0.0/20", "67.230.32.0/19", "67.230.64.0/20", "69.79.192.0/20", "72.27.192.0/19", "72.252.26.0/23", "72.252.28.0/22", "72.252.32.0/21", "72.252.104.0/21", "72.252.112.0/20", "72.252.128.0/17", "96.43.160.0/19", "104.152.236.0/22", "162.216.160.0/21", "162.246.0.0/22", "192.131.32.0/21", "196.1.138.0/23", "196.3.95.0/24", "196.32.0.0/21", "207.204.64.0/18", "216.10.208.0/20"], "394469": ["66.110.74.0/24"], "35878": ["67.213.144.0/20", "142.0.224.0/20", "199.73.60.0/22", "199.195.220.0/22"], "9009": ["104.250.182.0/24"], "3586": ["196.2.0.0/23", "196.3.0.0/21", "198.58.0.0/23"], "22306": ["196.3.184.0/21"], "40143": ["200.9.115.0/24"], "10292": ["200.10.152.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Jersey.json: -------------------------------------------------------------------------------- 1 | {"8681": ["5.35.160.0/21", "31.186.112.0/21", "37.156.38.0/23", "82.112.128.0/19", "87.237.128.0/21", "87.244.64.0/18", "185.3.52.0/22", "185.57.212.0/22", "185.113.12.0/22", "185.206.12.0/22", "209.251.252.0/23", "212.9.0.0/19"], "8680": ["5.42.128.0/21", "46.254.248.0/21", "83.137.248.0/21", "185.48.60.0/22"], "13126": ["77.73.184.0/21"], "18986": ["173.255.152.0/21"]} -------------------------------------------------------------------------------- /cdas/data/asns/Kiribati.json: -------------------------------------------------------------------------------- 1 | {"134783": ["103.25.140.0/22", "202.6.120.0/22"], "132486": ["103.73.80.0/23"], "140066": ["103.148.4.0/23"]} -------------------------------------------------------------------------------- /cdas/data/asns/Korea_North.json: -------------------------------------------------------------------------------- 1 | {"131279": ["175.45.176.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Kosovo.json: -------------------------------------------------------------------------------- 1 | {"202441": ["178.223.224.0/19"], "8661": ["185.47.188.0/22"], "3225": ["185.75.59.0/24"], "208286": ["185.222.138.0/24", "185.244.25.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Laos.json: -------------------------------------------------------------------------------- 1 | {"9009": ["5.253.184.0/23", "88.218.82.0/23"], "9873": ["43.224.36.0/22", "103.43.76.0/22", "115.84.64.0/18", "202.137.128.0/19"], "56309": ["43.228.84.0/23", "103.245.164.0/24"], "63989": ["43.228.87.0/24"], "10226": ["43.252.244.0/22", "101.78.8.0/21", "103.13.88.0/22", "114.129.24.0/21", "202.62.96.0/20"], "131267": ["103.1.28.0/22", "183.182.96.0/19"], "55508": ["103.1.232.0/22", "157.119.180.0/22", "202.9.76.0/23", "203.110.64.0/20"], "17804": ["103.26.103.0/24", "103.82.56.0/22", "103.228.101.0/24", "185.19.104.0/22"], "136486": ["103.59.52.0/22"], "136748": ["103.95.24.0/22"], "135059": ["103.112.191.0/24", "103.145.48.0/24"], "137905": ["103.114.146.0/23"], "138934": ["103.137.88.0/22"], "139011": ["103.138.142.0/24"], "140631": ["103.150.74.0/23"], "140635": ["103.151.76.0/23"], "132335": ["103.205.16.0/22", "203.76.252.0/22"], "24337": ["103.228.252.0/22", "139.5.156.0/22", "202.123.176.0/21"], "133500": ["103.232.80.0/22"], "55511": ["103.240.240.0/22", "202.144.184.0/21"], "45906": ["180.131.148.0/22"], "23900": ["202.136.240.0/21"]} -------------------------------------------------------------------------------- /cdas/data/asns/Lesotho.json: -------------------------------------------------------------------------------- 1 | {"37057": ["41.76.16.0/21", "41.191.200.0/21", "197.189.128.0/18", "197.231.32.0/19", "197.254.128.0/18"], "33567": ["41.203.176.0/20", "129.232.0.0/17", "196.4.255.0/24", "197.155.192.0/20", "197.220.128.0/19"], "51964": ["57.83.160.0/20"], "25695": ["64.57.112.0/20"], "37642": ["154.66.108.0/22"], "37505": ["196.11.175.0/24", "196.43.249.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Liberia.json: -------------------------------------------------------------------------------- 1 | {"37410": ["41.57.80.0/20", "197.231.152.0/21"], "37203": ["41.86.0.0/19"], "37094": ["41.191.104.0/22"], "328279": ["154.65.24.0/22"], "328196": ["164.160.8.0/22"], "37715": ["196.49.16.0/24"], "328136": ["196.250.176.0/20"], "37580": ["197.215.216.0/22"], "37560": ["197.231.220.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Libya.json: -------------------------------------------------------------------------------- 1 | {"37284": ["5.63.0.0/21", "41.74.64.0/20", "102.69.0.0/17", "102.222.252.0/23", "102.223.156.0/22", "154.73.52.0/22", "154.73.108.0/22", "154.73.128.0/21", "154.127.64.0/20", "160.19.96.0/21", "165.16.0.0/17", "169.239.92.0/22", "169.239.116.0/22", "169.255.108.0/22"], "37566": ["41.242.16.0/20", "197.231.228.0/22"], "21003": ["41.252.0.0/14", "62.68.32.0/19", "62.240.32.0/19"], "327752": ["102.68.128.0/21"], "29286": ["154.73.28.0/22"], "328073": ["164.160.144.0/22"], "39356": ["185.10.240.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Liechtenstein.json: -------------------------------------------------------------------------------- 1 | {"198288": ["5.34.248.0/21", "81.161.56.0/23", "185.44.156.0/22"], "58057": ["45.136.136.0/22"], "20634": ["80.66.224.0/20", "80.72.48.0/20", "185.112.48.0/22", "193.17.79.0/24", "217.173.224.0/20"], "35535": ["80.241.112.0/20"], "35223": ["82.117.0.0/19", "193.168.168.0/22"], "42162": ["85.31.152.0/21", "185.70.80.0/22"], "39145": ["88.82.96.0/19"], "25581": ["91.207.130.0/23", "185.34.148.0/22"], "57210": ["149.255.176.0/21", "195.245.218.0/24"], "15830": ["178.250.56.0/21"], "59748": ["185.73.156.0/22"], "48576": ["185.77.44.0/22"], "48491": ["185.77.52.0/22"], "48362": ["185.101.8.0/22"], "15955": ["185.101.48.0/22"], "13190": ["185.117.164.0/22"], "206478": ["185.174.32.0/22", "195.225.200.0/22"], "39430": ["185.236.220.0/22"], "204342": ["185.251.164.0/22", "185.251.184.0/22"], "559": ["193.5.26.0/23"], "6830": ["194.147.68.0/23"], "202405": ["194.147.196.0/22"], "20546": ["195.234.0.0/23"], "49652": ["195.254.128.0/23"]} -------------------------------------------------------------------------------- /cdas/data/asns/Macau.json: -------------------------------------------------------------------------------- 1 | {"4609": ["27.109.128.0/17", "45.64.20.0/22", "60.246.0.0/16", "103.233.188.0/22", "113.52.64.0/18", "122.100.128.0/17", "125.31.0.0/18", "180.94.128.0/18", "182.93.0.0/18", "192.203.232.0/24", "202.86.128.0/18", "202.171.252.0/22", "202.174.0.0/22", "202.175.0.0/17", "202.175.160.0/19", "205.215.0.0/19"], "133613": ["43.247.24.0/22", "45.123.200.0/22", "103.96.60.0/22", "103.192.44.0/22", "103.237.124.0/22", "149.102.96.0/20", "154.18.148.0/22", "205.198.48.0/20"], "133847": ["103.43.108.0/22", "135.84.232.0/21"], "136167": ["103.143.92.0/23", "202.75.248.0/22"], "9009": ["104.243.240.0/24"], "22363": ["128.90.200.0/22", "128.90.204.0/23", "128.90.206.0/24"], "7582": ["161.64.0.0/16"]} -------------------------------------------------------------------------------- /cdas/data/asns/Madagascar.json: -------------------------------------------------------------------------------- 1 | {"37037": ["41.74.16.0/20", "41.74.208.0/20", "41.190.236.0/22", "197.159.144.0/20", "197.215.192.0/20"], "37303": ["41.77.16.0/21", "197.148.128.0/18"], "37054": ["41.188.0.0/18", "41.207.32.0/19", "41.242.96.0/20", "102.16.0.0/14", "102.20.0.0/15", "154.126.0.0/17", "196.49.13.0/24", "196.192.32.0/20", "197.149.0.0/18"], "21042": ["41.204.96.0/19", "196.43.214.0/24", "197.158.64.0/18"], "51964": ["57.83.208.0/20"]} -------------------------------------------------------------------------------- /cdas/data/asns/Malawi.json: -------------------------------------------------------------------------------- 1 | {"37187": ["41.75.112.0/20", "41.190.92.0/22", "41.217.216.0/22"], "37098": ["41.77.8.0/21", "41.216.228.0/22", "154.66.120.0/21"], "37294": ["41.78.248.0/22", "41.222.184.0/21", "102.70.0.0/15", "168.253.224.0/19", "169.255.52.0/22", "196.216.8.0/21", "196.223.27.0/24"], "36969": ["41.87.0.0/19", "41.221.96.0/20"], "328117": ["45.221.25.0/24"], "328565": ["102.36.145.0/24"], "328300": ["102.176.250.0/24"], "327941": ["196.11.80.0/21"]} -------------------------------------------------------------------------------- /cdas/data/asns/Maldives.json: -------------------------------------------------------------------------------- 1 | {"7642": ["27.114.128.0/18", "43.226.220.0/22", "69.94.32.0/20", "69.94.80.0/20", "83.137.200.0/21", "103.31.84.0/22", "103.87.188.0/24", "123.176.0.0/19", "124.195.192.0/19", "185.215.32.0/22", "202.1.192.0/20", "203.104.24.0/21", "209.212.192.0/19"], "136238": ["36.255.104.0/23", "103.84.134.0/24", "103.110.109.0/24", "103.110.110.0/23"], "55944": ["43.231.28.0/22", "103.50.104.0/22", "202.153.80.0/22", "202.153.86.0/23", "216.183.208.0/20"], "24082": ["103.67.26.0/24", "103.141.98.0/24"], "132218": ["103.71.57.0/24"], "133742": ["103.76.2.0/24"], "136234": ["103.84.132.0/24"], "137056": ["103.103.66.0/24"], "137477": ["103.110.40.0/24"], "137981": ["103.119.75.0/24", "103.143.252.0/24"], "63930": ["103.152.174.0/24"], "24016": ["103.197.164.0/22", "115.84.128.0/19", "202.21.176.0/20", "220.158.220.0/22"], "19905": ["202.153.85.0/24"], "24184": ["203.82.2.0/23"]} -------------------------------------------------------------------------------- /cdas/data/asns/Mali.json: -------------------------------------------------------------------------------- 1 | {"30985": ["41.73.96.0/19", "41.221.176.0/20", "196.200.80.0/20", "197.155.128.0/18"], "36864": ["41.203.192.0/20", "165.90.208.0/20", "196.49.48.0/24", "196.200.48.0/20"], "328253": ["102.68.176.0/22", "196.251.156.0/22"], "21271": ["102.130.232.0/22", "196.50.16.0/22", "217.64.96.0/20"], "328416": ["102.164.40.0/22"], "60171": ["102.223.64.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Marshall_Islands.json: -------------------------------------------------------------------------------- 1 | {"24439": ["103.202.148.0/22", "117.103.88.0/21", "203.78.152.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Mauritania.json: -------------------------------------------------------------------------------- 1 | {"37541": ["41.138.128.0/19", "197.231.0.0/19"], "29544": ["41.188.64.0/18", "82.151.64.0/19"], "37508": ["41.223.96.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Micronesia_Federated_States_of.json: -------------------------------------------------------------------------------- 1 | {"45193": ["103.39.252.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Monaco.json: -------------------------------------------------------------------------------- 1 | {"48996": ["37.44.224.0/22"], "6758": ["80.94.96.0/20", "82.113.0.0/19", "87.254.224.0/19", "88.209.64.0/18", "91.199.109.0/24", "176.114.96.0/20", "185.47.116.0/22", "185.162.120.0/22", "185.250.4.0/22", "188.191.136.0/21", "195.20.192.0/23", "195.78.0.0/19", "213.133.72.0/21"], "3215": ["87.238.104.0/21"], "3223": ["104.250.168.0/24"], "12463": ["213.215.38.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Montenegro.json: -------------------------------------------------------------------------------- 1 | {"8585": ["31.204.192.0/18", "37.122.160.0/19", "46.33.192.0/19", "46.161.64.0/18", "77.222.0.0/19", "78.155.32.0/19", "85.94.96.0/19", "95.155.0.0/18", "109.228.64.0/18", "195.66.160.0/19"], "31042": ["37.0.64.0/21", "79.140.144.0/20", "89.207.192.0/21", "185.12.40.0/22", "185.80.96.0/22"], "15397": ["79.143.96.0/20"], "25467": ["81.17.234.0/24"], "51434": ["91.217.138.0/24"], "51924": ["91.220.187.0/24"], "47881": ["94.102.224.0/20"], "29278": ["104.167.244.0/24"], "43940": ["109.72.96.0/20", "185.64.0.0/22", "185.179.92.0/22", "213.133.0.0/19"], "8661": ["178.175.0.0/17", "213.163.96.0/19"], "201649": ["185.68.48.0/22"], "202644": ["185.147.200.0/22"], "203824": ["185.255.228.0/22"], "29453": ["195.140.164.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Montserrat.json: -------------------------------------------------------------------------------- 1 | {"11139": ["208.90.112.0/22"], "46516": ["209.242.222.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Morocco.json: -------------------------------------------------------------------------------- 1 | {"36925": ["41.87.128.0/19", "41.92.0.0/17", "41.205.192.0/19", "41.214.128.0/17", "45.216.0.0/14", "102.96.0.0/13", "105.188.0.0/14", "196.112.0.0/12", "197.153.0.0/16", "197.247.0.0/16", "197.253.128.0/17"], "36941": ["41.216.224.0/22", "196.2.80.0/20", "196.223.176.0/20"], "9009": ["45.95.129.0/24", "45.95.130.0/23", "92.240.204.0/24"], "6713": ["62.251.128.0/17", "81.192.0.0/16", "160.77.0.0/16", "160.89.0.0/16", "160.90.0.0/16", "160.105.0.0/16", "160.160.0.0/12", "193.188.7.0/24", "193.194.32.0/19", "196.66.0.0/15", "197.128.0.0/14", "212.217.0.0/17"], "328493": ["102.67.148.0/22"], "328280": ["102.165.189.0/24"], "36351": ["154.16.96.0/24"], "205897": ["154.70.200.0/21"], "328055": ["169.255.176.0/22"], "328268": ["192.12.117.0/24"], "328272": ["196.11.103.0/24"], "36884": ["196.12.192.0/18"], "327917": ["196.13.108.0/24"], "328066": ["196.61.232.0/21"], "30983": ["196.200.128.0/18"], "29286": ["196.200.240.0/20"]} -------------------------------------------------------------------------------- /cdas/data/asns/Mozambique.json: -------------------------------------------------------------------------------- 1 | {"42235": ["41.76.0.0/21", "41.77.32.0/21", "196.40.112.0/20", "197.242.160.0/20"], "37110": ["41.77.128.0/21", "41.223.152.0/22", "165.90.64.0/19", "195.140.248.0/22"], "3491": ["41.79.244.0/22"], "327700": ["41.94.0.0/16"], "30619": ["41.138.224.0/20", "41.191.72.0/22", "41.220.160.0/20", "169.239.104.0/22", "196.28.224.0/20", "196.43.234.0/24", "197.158.0.0/18"], "25139": ["41.220.32.0/20", "196.46.0.0/20", "197.249.0.0/16"], "36945": ["41.220.192.0/20"], "36865": ["41.221.64.0/20", "196.22.48.0/20"], "32017": ["41.223.124.0/22"], "328460": ["102.67.188.0/22"], "328274": ["102.176.248.0/23"], "37489": ["105.235.216.0/21"], "328187": ["160.19.190.0/23"], "37697": ["160.119.112.0/21", "169.255.132.0/22", "196.10.148.0/24"], "328223": ["160.119.156.0/22"], "31960": ["196.3.96.0/21"], "327759": ["196.11.135.0/24"], "327951": ["196.13.101.0/24"], "37477": ["196.43.241.0/24"], "37342": ["197.218.0.0/15"], "37556": ["197.231.216.0/22"], "37223": ["197.235.0.0/16"]} -------------------------------------------------------------------------------- /cdas/data/asns/Namibia.json: -------------------------------------------------------------------------------- 1 | {"37009": ["41.63.192.0/18", "41.219.64.0/18", "105.232.0.0/16", "196.3.94.0/24", "197.243.128.0/17"], "36996": ["41.182.0.0/16", "41.205.128.0/19", "196.44.128.0/19", "197.188.0.0/16"], "37026": ["41.190.84.0/22"], "36999": ["41.190.96.0/19", "41.223.80.0/22", "197.233.0.0/16"], "36877": ["41.198.16.0/20", "41.198.32.0/19"], "22735": ["154.0.192.0/18"], "33763": ["160.242.0.0/20", "160.242.48.0/20", "160.242.64.0/22", "160.242.68.0/23", "160.242.70.0/24", "160.242.72.0/21", "160.242.80.0/20", "196.1.28.0/22", "196.49.2.0/24", "196.216.32.0/20"], "206283": ["160.242.71.0/24"], "37513": ["196.12.10.0/24", "196.216.164.0/22"], "16637": ["196.20.0.0/19"], "37201": ["196.46.28.0/24"], "327842": ["196.216.207.0/24"], "327694": ["196.223.18.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Nauru.json: -------------------------------------------------------------------------------- 1 | {"55723": ["43.230.6.0/24", "103.20.124.0/24", "103.49.173.0/24", "103.49.174.0/23"], "45355": ["203.190.216.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/New_Caledonia.json: -------------------------------------------------------------------------------- 1 | {"18200": ["43.224.192.0/22", "61.5.208.0/20", "101.101.0.0/18", "103.43.156.0/22", "180.214.96.0/19", "202.87.128.0/19"], "17480": ["43.255.236.0/22", "113.21.96.0/19", "202.171.64.0/20", "203.147.64.0/20", "203.147.80.0/21", "220.156.160.0/20"], "45345": ["103.2.184.0/22", "115.126.160.0/19", "163.47.224.0/22"], "56055": ["103.17.44.0/22", "118.179.224.0/19", "163.47.248.0/22", "202.22.224.0/20", "203.80.48.0/21"], "56089": ["103.24.112.0/22", "114.69.176.0/20", "175.158.128.0/18", "202.22.128.0/19", "202.166.176.0/21"], "137243": ["103.105.191.0/24"], "134405": ["103.123.232.0/23"], "45461": ["113.20.32.0/19", "223.29.128.0/19"]} -------------------------------------------------------------------------------- /cdas/data/asns/Nicaragua.json: -------------------------------------------------------------------------------- 1 | {"267797": ["45.170.224.0/22"], "269770": ["45.182.188.0/24"], "52468": ["45.238.28.0/22", "170.80.16.0/22", "190.107.208.0/22"], "263751": ["138.97.160.0/22"], "263765": ["138.117.4.0/22", "170.84.132.0/22"], "263817": ["138.185.28.0/24", "138.185.30.0/23"], "263760": ["138.185.104.0/22"], "52242": ["143.137.24.0/22", "190.181.128.0/18"], "11830": ["143.202.252.0/22"], "28036": ["152.231.32.0/20"], "25607": ["161.0.32.0/19", "190.106.48.0/20", "191.103.112.0/20", "200.85.160.0/20"], "18840": ["170.246.152.0/22", "186.1.0.0/18"], "14754": ["186.76.0.0/15", "200.9.187.0/24", "200.11.30.0/24", "200.62.64.0/18"], "27742": ["190.53.32.0/21", "190.111.30.0/23", "190.124.32.0/21", "200.30.165.0/24", "200.30.177.0/24", "208.96.128.0/21", "208.96.136.0/22"], "19447": ["190.106.0.0/19", "191.98.224.0/19"], "263177": ["191.102.48.0/21"], "27905": ["200.6.55.0/24"], "27999": ["200.10.205.0/24", "201.131.115.0/24"], "262185": ["200.106.247.0/24"], "61513": ["201.131.66.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Niger.json: -------------------------------------------------------------------------------- 1 | {"37205": ["41.78.116.0/22"], "37385": ["41.138.32.0/19", "41.190.228.0/22", "154.127.80.0/20"], "37233": ["41.203.128.0/19"], "328121": ["45.221.28.0/24"], "26130": ["154.66.220.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Oman.json: -------------------------------------------------------------------------------- 1 | {"50010": ["5.21.0.0/16", "37.28.0.0/17", "37.200.128.0/17", "46.40.192.0/18", "94.185.0.0/18", "145.255.64.0/18", "185.6.220.0/22", "188.66.128.0/17", "188.135.0.0/17"], "28885": ["5.36.0.0/15", "37.40.0.0/15", "62.61.160.0/19", "85.154.0.0/16", "185.53.240.0/22", "188.140.128.0/17", "212.72.0.0/19"], "204170": ["5.102.176.0/21", "84.242.32.0/20", "89.147.128.0/18", "94.176.16.0/20", "96.9.128.0/19", "161.8.64.0/18", "178.20.16.0/21", "185.29.140.0/22", "185.112.104.0/22", "206.167.33.0/24"], "207865": ["45.135.88.0/22"], "197508": ["46.255.56.0/21"], "51964": ["57.88.176.0/20"], "201684": ["185.64.24.0/22"], "202655": ["185.255.204.0/22"], "210297": ["193.56.120.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Palau.json: -------------------------------------------------------------------------------- 1 | {"58932": ["103.30.248.0/22"], "133897": ["103.251.132.0/23"], "17893": ["202.124.224.0/20"]} -------------------------------------------------------------------------------- /cdas/data/asns/Papua_New_Guinea.json: -------------------------------------------------------------------------------- 1 | {"17828": ["14.192.72.0/22", "103.49.207.0/24", "103.77.24.0/23", "103.96.134.0/23", "202.58.128.0/22", "202.61.0.0/24", "202.165.192.0/20"], "55792": ["27.122.16.0/20", "103.3.168.0/22", "202.95.192.0/20"], "60725": ["103.9.226.0/24", "103.209.54.0/24"], "132160": ["103.11.160.0/23"], "58460": ["103.14.88.0/22", "180.150.252.0/22", "203.83.16.0/21"], "63945": ["103.43.144.0/22", "103.103.182.0/23"], "134151": ["103.53.176.0/22"], "136587": ["103.82.247.0/24", "103.91.114.0/23", "103.122.72.0/23"], "136239": ["103.83.32.0/23", "103.110.30.0/23"], "136940": ["103.99.174.0/23"], "45572": ["103.107.152.0/22"], "134605": ["103.110.130.0/24"], "38456": ["103.112.101.0/24", "103.212.40.0/24"], "138506": ["103.127.90.0/24", "103.152.8.0/24"], "138902": ["103.136.226.0/23"], "139778": ["103.145.26.0/24"], "133137": ["103.242.164.0/22"], "328608": ["156.233.27.0/24"], "1221": ["202.1.240.0/20"], "4637": ["202.52.133.0/24"], "45924": ["202.171.240.0/21"]} -------------------------------------------------------------------------------- /cdas/data/asns/Qatar.json: -------------------------------------------------------------------------------- 1 | {"48728": ["37.186.32.0/19", "185.25.12.0/22", "185.247.88.0/22", "212.70.96.0/19", "213.178.136.0/22"], "49505": ["45.141.186.0/23", "103.152.175.0/24"], "42298": ["89.211.128.0/17", "178.23.16.0/21"], "47901": ["94.125.224.0/21"], "13150": ["140.82.203.0/24"], "29384": ["165.124.236.0/22"], "60185": ["185.2.244.0/22"], "8781": ["185.96.224.0/22", "212.77.192.0/19"], "200612": ["185.100.208.0/22", "185.200.232.0/22"], "204806": ["185.239.92.0/22"], "42415": ["194.6.255.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Rwanda.json: -------------------------------------------------------------------------------- 1 | {"37228": ["41.74.160.0/20"], "37124": ["41.138.80.0/21"], "36890": ["41.186.0.0/16", "196.44.240.0/20"], "36934": ["41.197.0.0/16"], "37006": ["41.215.248.0/22", "41.216.120.0/22", "41.223.224.0/22", "196.12.128.0/23", "196.12.137.0/24", "196.12.138.0/23", "196.12.154.0/23", "196.12.159.0/24"], "30844": ["41.216.124.0/22"], "37010": ["41.222.244.0/22"], "22690": ["41.242.140.0/22", "196.223.240.0/21"], "36924": ["102.22.128.0/18"], "328385": ["102.130.32.0/21"], "328625": ["102.223.244.0/22"], "37654": ["154.68.64.0/18"], "328180": ["156.38.8.0/21"], "13335": ["172.69.254.0/24"], "21174": ["196.12.156.0/23"], "328014": ["196.49.7.0/24"], "327707": ["197.157.128.0/18"], "37547": ["197.234.244.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Saint_Kitts_and_Nevis.json: -------------------------------------------------------------------------------- 1 | {"202425": ["41.216.186.0/24"], "11139": ["65.48.154.0/23", "104.218.176.0/22", "162.222.86.0/23", "196.1.168.0/24", "200.50.76.0/23", "200.50.84.0/23", "205.217.224.0/22"], "16509": ["170.39.88.0/24"], "36290": ["196.53.16.0/22", "196.53.104.0/22", "196.53.216.0/21", "199.21.164.0/22", "204.16.8.0/22", "204.19.200.0/22", "208.70.92.0/22", "208.81.160.0/22", "208.87.144.0/22"], "37560": ["198.167.192.0/19"]} -------------------------------------------------------------------------------- /cdas/data/asns/Saint_Lucia.json: -------------------------------------------------------------------------------- 1 | {"15344": ["24.92.144.0/20", "65.48.170.0/23", "65.48.172.0/23", "65.48.215.0/24", "66.212.62.0/23", "69.57.232.0/24", "69.79.10.0/23", "69.80.2.0/23", "69.80.4.0/22", "69.80.8.0/21", "69.80.16.0/20", "69.80.32.0/22", "104.218.216.0/22", "104.255.252.0/22", "162.212.208.0/23", "162.245.76.0/22", "192.58.142.0/23", "199.192.226.0/23", "205.217.228.0/22", "206.126.120.0/21", "207.191.248.0/21", "208.94.176.0/21"], "33582": ["72.14.98.0/23"], "33576": ["192.147.231.0/24", "204.145.147.0/24", "204.152.80.0/23"]} -------------------------------------------------------------------------------- /cdas/data/asns/Saint_Martin.json: -------------------------------------------------------------------------------- 1 | {"33392": ["64.117.46.0/24", "74.112.232.0/21", "74.116.95.0/24", "208.91.192.0/22"], "36511": ["74.116.92.0/23"], "21351": ["104.250.0.0/19"], "395916": ["148.64.60.0/23"], "394648": ["162.12.217.0/24"], "393894": ["192.139.192.0/24"], "262181": ["204.27.52.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Saint_Vincent_and_the_Grenadines.json: -------------------------------------------------------------------------------- 1 | {"46408": ["65.48.229.0/24", "69.79.12.0/23", "104.219.24.0/22", "104.255.232.0/22", "162.212.210.0/23", "192.58.140.0/23", "199.192.224.0/23", "204.13.240.0/22", "207.191.240.0/21", "208.84.200.0/21"]} -------------------------------------------------------------------------------- /cdas/data/asns/Samoa.json: -------------------------------------------------------------------------------- 1 | {"133747": ["43.241.164.0/22", "103.9.228.0/22"], "134376": ["103.63.27.0/24"], "38800": ["103.131.62.0/23", "103.154.194.0/23", "182.50.168.0/22", "202.87.208.0/22", "203.99.156.0/22"], "139679": ["103.143.149.0/24"], "17993": ["110.5.112.0/22", "203.99.255.0/24"], "38227": ["123.176.72.0/21", "182.50.72.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/San_Marino.json: -------------------------------------------------------------------------------- 1 | {"15433": ["77.242.208.0/20", "109.235.104.0/21", "185.45.68.0/22", "194.183.64.0/19"], "39759": ["89.186.32.0/19"], "199325": ["185.21.116.0/22"], "62171": ["185.45.40.0/22"], "201852": ["185.62.32.0/22"], "196874": ["192.145.48.0/22"], "42": ["194.0.27.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Sao_Tome_and_Principe.json: -------------------------------------------------------------------------------- 1 | {} -------------------------------------------------------------------------------- /cdas/data/asns/Senegal.json: -------------------------------------------------------------------------------- 1 | {"8346": ["41.82.0.0/15", "41.208.128.0/18", "41.214.0.0/17", "154.124.0.0/15", "196.1.92.0/22", "196.1.96.0/22", "196.1.100.0/24", "196.207.192.0/18"], "37196": ["41.219.0.0/18"], "51964": ["57.84.144.0/20"], "328650": ["102.36.136.0/22"], "328558": ["102.36.147.0/24"], "37649": ["102.164.128.0/18", "196.50.8.0/21"], "327809": ["154.73.172.0/22"], "328148": ["160.0.128.0/18"], "328147": ["196.49.42.0/24"], "201935": ["196.223.252.0/24"], "328259": ["196.250.200.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Sierra_Leone.json: -------------------------------------------------------------------------------- 1 | {"37208": ["41.78.84.0/22"], "36928": ["41.205.224.0/19"], "36988": ["41.223.132.0/22"], "37723": ["102.22.104.0/22"], "328581": ["102.23.140.0/22", "102.223.168.0/22"], "328369": ["102.140.108.0/22"], "328297": ["102.143.0.0/17"], "328236": ["160.19.152.0/22"], "328258": ["160.20.112.0/22"], "37449": ["165.73.236.0/22", "197.157.232.0/22"], "327903": ["169.239.196.0/22", "196.216.220.0/23"], "327990": ["169.239.244.0/22"], "37164": ["196.43.229.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Solomon_Islands.json: -------------------------------------------------------------------------------- 1 | {"132468": ["103.9.50.0/24", "103.21.230.0/23", "202.63.254.0/23"], "132462": ["103.21.248.0/22"], "139277": ["103.140.178.0/23"], "139609": ["103.142.98.0/23"]} -------------------------------------------------------------------------------- /cdas/data/asns/Somalia.json: -------------------------------------------------------------------------------- 1 | {"37371": ["41.78.72.0/22"], "37425": ["41.79.196.0/22"], "328590": ["102.38.48.0/22"], "328435": ["102.68.144.0/21"], "328319": ["102.141.196.0/22"], "327742": ["154.72.24.0/22"], "327764": ["154.73.24.0/22"], "327768": ["154.73.44.0/22"], "327747": ["154.73.124.0/22"], "327828": ["154.118.240.0/22"], "37644": ["196.11.62.0/24"], "37473": ["197.157.244.0/22"], "37563": ["197.231.200.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/South_Sudan.json: -------------------------------------------------------------------------------- 1 | {"37406": ["41.79.24.0/22", "154.73.88.0/22"], "37376": ["41.79.120.0/22"], "37584": ["41.222.72.0/22"], "328546": ["102.64.0.0/22"], "37594": ["102.64.72.0/22", "197.231.236.0/22"], "328610": ["196.192.116.0/22"], "198504": ["196.195.112.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Sri_Lanka.json: -------------------------------------------------------------------------------- 1 | {"132124": ["43.224.124.0/22", "103.11.32.0/22"], "132045": ["43.228.108.0/22", "101.2.176.0/20", "103.227.244.0/22", "203.153.220.0/22"], "45356": ["43.250.240.0/22", "61.245.160.0/20", "103.2.152.0/22", "124.6.240.0/20", "202.129.232.0/22", "212.104.224.0/20"], "17470": ["43.252.12.0/22", "103.247.48.0/22"], "132447": ["45.121.88.0/22", "103.21.164.0/22"], "4755": ["59.163.240.0/20", "103.84.160.0/22"], "5087": ["103.1.176.0/22", "116.12.64.0/18", "116.206.20.0/22", "203.143.0.0/18"], "18001": ["103.2.148.0/22", "111.223.128.0/18", "116.206.244.0/22", "122.255.0.0/18", "123.231.0.0/17", "125.214.160.0/19", "175.157.0.0/16", "182.161.0.0/19", "202.69.192.0/20", "203.189.64.0/20"], "38229": ["103.77.64.0/22", "192.248.0.0/17"], "136934": ["103.99.100.0/24"], "138169": ["103.121.206.0/24"], "139032": ["103.138.180.0/24", "103.142.50.0/24"], "139731": ["103.144.60.0/24"], "133051": ["103.241.27.0/24"], "9329": ["112.134.0.0/15", "124.43.0.0/16", "220.247.192.0/18", "222.165.128.0/18"], "45224": ["113.59.192.0/19", "119.235.0.0/20", "203.81.96.0/20"], "15024": ["192.197.189.0/24"], "24222": ["203.34.116.0/24"], "45489": ["203.96.160.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Sudan.json: -------------------------------------------------------------------------------- 1 | {"37197": ["41.67.0.0/18", "155.196.0.0/16", "197.251.0.0/17"], "37211": ["41.78.108.0/22", "196.223.152.0/21"], "33788": ["41.202.160.0/19", "102.143.128.0/17", "197.254.192.0/18"], "15706": ["41.209.64.0/18", "41.218.8.0/21", "41.218.16.0/20", "41.218.32.0/19", "196.1.192.0/18", "197.252.0.0/16", "212.0.128.0/19"], "36972": ["41.223.160.0/22", "102.120.0.0/13", "102.181.0.0/17", "102.181.128.0/18", "102.181.192.0/19"], "36998": ["41.223.200.0/22", "41.240.0.0/15", "105.238.0.0/15", "154.96.0.0/13", "197.208.0.0/15"], "327881": ["62.12.96.0/20"], "328614": ["102.23.80.0/22"], "328605": ["192.145.180.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Suriname.json: -------------------------------------------------------------------------------- 1 | {"52398": ["168.121.84.0/22", "200.7.148.0/22"], "263799": ["168.195.216.0/22"], "27775": ["186.179.128.0/17", "190.98.0.0/17", "200.1.156.0/22", "200.1.208.0/21", "200.2.160.0/19"]} -------------------------------------------------------------------------------- /cdas/data/asns/Tajikistan.json: -------------------------------------------------------------------------------- 1 | {"24722": ["37.98.152.0/21", "46.20.192.0/20", "79.170.184.0/21", "94.199.16.0/21", "109.74.64.0/20", "185.191.52.0/22", "193.111.10.0/23", "217.11.176.0/20"], "49472": ["62.122.136.0/21"], "43030": ["77.95.0.0/21", "185.194.196.0/22"], "34557": ["85.9.128.0/18"], "44027": ["91.218.168.0/22", "91.235.36.0/22"], "43197": ["109.68.232.0/21", "185.105.228.0/22"], "15881": ["141.101.136.0/24"], "47139": ["185.42.96.0/22", "195.246.102.0/23"], "196854": ["185.121.0.0/22"], "51346": ["185.177.0.0/22"], "48001": ["185.208.96.0/22"], "49945": ["193.33.130.0/23", "193.33.136.0/23"], "48887": ["217.8.32.0/20"]} -------------------------------------------------------------------------------- /cdas/data/asns/Timor-Leste.json: -------------------------------------------------------------------------------- 1 | {"133606": ["43.254.56.0/22", "103.238.116.0/22", "125.234.160.0/20"], "58731": ["103.26.95.0/24", "103.30.112.0/22", "103.55.48.0/22", "150.242.108.0/22"], "136920": ["103.99.26.0/24"], "136942": ["103.99.164.0/22"], "38077": ["103.112.36.0/22", "180.189.160.0/20"], "140223": ["103.148.184.0/23"], "135065": ["103.208.36.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Togo.json: -------------------------------------------------------------------------------- 1 | {"37229": ["41.78.136.0/22"], "24691": ["41.207.160.0/19", "196.168.0.0/14", "197.148.96.0/19"], "30982": ["80.248.64.0/20", "154.70.80.0/20"], "36924": ["102.64.128.0/17", "156.38.64.0/19"], "328282": ["102.164.224.0/20"], "328293": ["102.176.252.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Tonga.json: -------------------------------------------------------------------------------- 1 | {"38201": ["43.255.148.0/22", "202.134.24.0/21"], "132831": ["103.124.187.0/24", "103.134.118.0/23"]} -------------------------------------------------------------------------------- /cdas/data/asns/Trinidad_and_Tobago.json: -------------------------------------------------------------------------------- 1 | {"263222": ["45.185.20.0/22", "138.94.240.0/22", "143.137.192.0/22", "161.0.112.0/21", "170.0.244.0/22", "170.82.216.0/22"], "266792": ["45.234.164.0/22"], "61478": ["45.237.88.0/22", "168.195.120.0/22", "170.246.160.0/22"], "264811": ["131.72.76.0/22"], "27800": ["131.100.36.0/22", "161.0.152.0/21", "170.82.208.0/22", "170.84.8.0/22", "179.60.212.0/22", "181.118.32.0/19", "200.7.88.0/21"], "27665": ["131.100.160.0/22", "138.59.24.0/22", "143.0.172.0/22", "161.0.224.0/19", "179.0.28.0/24", "181.188.0.0/17", "190.6.224.0/20", "190.83.128.0/17", "190.213.0.0/16", "200.1.104.0/21"], "264793": ["131.221.28.0/22"], "5639": ["186.44.0.0/15", "190.58.0.0/15", "196.3.132.0/22", "196.3.136.0/21", "196.3.144.0/22", "200.108.0.0/19", "201.238.64.0/18", "209.94.192.0/19"], "27924": ["186.96.208.0/20", "200.125.160.0/21"], "27789": ["190.93.0.0/19", "190.93.64.0/18", "200.12.240.0/21", "201.221.64.0/20", "201.221.80.0/21", "201.221.92.0/22"], "11947": ["196.29.64.0/19", "196.32.32.0/19"], "26317": ["200.3.176.0/21"]} -------------------------------------------------------------------------------- /cdas/data/asns/Tunisia.json: -------------------------------------------------------------------------------- 1 | {"37705": ["41.62.0.0/16", "197.238.0.0/16", "197.240.0.0/16", "197.244.0.0/16"], "57129": ["92.240.201.0/24"], "37693": ["102.104.0.0/13", "154.72.224.0/20", "154.104.0.0/13"], "328414": ["102.128.0.0/18"], "328394": ["102.141.204.0/22"], "5438": ["102.152.0.0/14", "196.184.0.0/14"], "328307": ["102.164.112.0/23"], "37492": ["160.156.0.0/14", "165.50.0.0/15"], "37717": ["164.160.0.0/22"], "37709": ["169.255.68.0/22"], "2609": ["196.41.95.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Turkmenistan.json: -------------------------------------------------------------------------------- 1 | {"51495": ["95.47.57.0/24"], "20661": ["95.85.96.0/19", "217.174.224.0/20"], "204579": ["185.246.72.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Turks_and_Caicos_Islands.json: -------------------------------------------------------------------------------- 1 | {"22933": ["65.255.48.0/20", "200.50.89.0/24", "200.50.90.0/24", "204.13.104.0/22", "205.214.195.0/24", "209.236.48.0/22"], "33576": ["142.54.204.0/22", "192.203.37.0/24", "204.110.56.0/21"]} -------------------------------------------------------------------------------- /cdas/data/asns/Tuvalu.json: -------------------------------------------------------------------------------- 1 | {} -------------------------------------------------------------------------------- /cdas/data/asns/Uruguay.json: -------------------------------------------------------------------------------- 1 | {"22363": ["128.90.119.0/24"], "11664": ["131.0.212.0/22", "170.51.56.0/22"], "27750": ["138.59.12.0/22", "200.0.204.0/22"], "19037": ["138.99.44.0/22", "170.51.64.0/21"], "19422": ["152.156.0.0/16", "186.8.0.0/16", "200.58.128.0/19"], "61442": ["161.0.120.0/21"], "1797": ["164.73.0.0/16"], "6057": ["167.56.0.0/13", "167.108.0.0/16", "167.116.0.0/16", "179.24.0.0/13", "186.48.0.0/13", "190.0.128.0/19", "190.64.0.0/16", "190.132.0.0/14", "200.2.32.0/19", "200.40.0.0/16", "200.125.0.0/18", "201.217.128.0/18"], "28000": ["168.121.184.0/22", "179.0.156.0/22", "190.112.52.0/22", "200.10.62.0/23"], "9009": ["178.170.140.0/24"], "20255": ["190.108.0.0/19", "200.108.192.0/18"], "20473": ["190.112.202.0/24", "200.35.153.0/24"], "27843": ["200.0.86.0/23"], "52224": ["200.0.88.0/24"], "18747": ["200.61.144.0/24"], "18667": ["200.115.72.0/21"]} -------------------------------------------------------------------------------- /cdas/data/asns/Vanuatu.json: -------------------------------------------------------------------------------- 1 | {"132228": ["103.7.197.0/24"], "9249": ["103.16.15.0/24", "103.38.218.0/23", "103.100.10.0/24", "113.11.240.0/21", "202.80.32.0/20"], "132429": ["103.20.232.0/23", "202.61.106.0/23"], "132254": ["103.72.90.0/23"], "45935": ["180.222.208.0/22", "203.191.128.0/22", "223.25.120.0/21"], "45495": ["202.4.251.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Virgin_Islands.json: -------------------------------------------------------------------------------- 1 | {"22581": ["64.208.21.0/24", "192.65.170.0/24", "204.8.64.0/22", "204.11.152.0/21", "208.49.176.0/24", "208.49.194.0/24", "208.50.124.0/24", "208.84.192.0/21"], "11139": ["65.48.218.0/23"], "14434": ["65.112.145.0/24", "65.112.146.0/23", "65.113.88.0/21", "65.113.104.0/21", "66.185.32.0/20", "66.248.160.0/19", "104.192.184.0/21", "136.143.195.0/24", "142.147.102.0/23", "162.247.24.0/21", "172.84.192.0/18", "172.102.224.0/22", "198.36.28.0/22", "208.27.182.0/23", "208.27.184.0/22", "208.30.96.0/19"], "393275": ["67.211.240.0/20", "192.81.72.0/23", "199.76.12.0/22", "199.76.38.0/23", "199.77.132.0/22", "199.77.204.0/22", "208.50.78.0/23"], "396357": ["68.65.216.0/23"], "20243": ["146.226.0.0/16"], "3549": ["208.50.125.0/24"]} -------------------------------------------------------------------------------- /cdas/data/asns/Wallis_and_Futuna.json: -------------------------------------------------------------------------------- 1 | {"45879": ["27.125.192.0/22", "103.235.110.0/23", "117.20.32.0/21"]} -------------------------------------------------------------------------------- /cdas/data/asns/Yemen.json: -------------------------------------------------------------------------------- 1 | {"30873": ["5.100.160.0/21", "5.255.0.0/19", "31.31.176.0/20", "46.35.64.0/19", "46.161.224.0/19", "63.168.168.0/23", "63.171.18.0/23", "78.137.64.0/19", "80.253.176.0/20", "81.91.24.0/21", "82.114.160.0/19", "89.189.64.0/19", "109.74.32.0/20", "109.200.160.0/19", "131.117.160.0/21", "134.35.0.0/16", "175.110.0.0/18", "178.130.64.0/18", "185.11.8.0/22", "185.80.140.0/22", "188.209.224.0/19", "188.240.96.0/19", "205.160.110.0/23", "213.246.0.0/19"]} -------------------------------------------------------------------------------- /cdas/data/asns/Zambia.json: -------------------------------------------------------------------------------- 1 | {"37146": ["41.60.128.0/22", "41.60.132.0/24", "41.60.192.0/22", "41.60.196.0/23", "41.60.230.0/24"], "30844": ["41.60.144.0/20", "41.60.160.0/19", "41.77.144.0/21"], "37532": ["41.63.0.0/18", "155.0.0.0/16"], "37154": ["41.72.96.0/19", "165.56.0.0/13"], "37287": ["41.77.0.0/21", "45.212.0.0/14", "102.144.0.0/13", "197.212.0.0/15"], "37214": ["41.78.112.0/22", "197.220.192.0/18"], "37185": ["41.191.116.0/22", "154.73.232.0/22"], "36959": ["41.215.176.0/20", "41.222.16.0/21", "196.12.12.0/22", "197.220.0.0/19"], "28698": ["41.216.64.0/19"], "36962": ["41.223.116.0/22"], "328194": ["80.88.3.0/24"], "328570": ["102.67.160.0/22"], "328427": ["102.68.136.0/22"], "328488": ["102.69.160.0/22"], "328420": ["102.130.100.0/24"], "328328": ["102.140.120.0/21"], "327904": ["196.13.104.0/24"], "328007": ["196.41.74.0/24"], "7420": ["196.46.192.0/19"], "328665": ["196.223.29.0/24"], "37569": ["197.231.244.0/22"]} -------------------------------------------------------------------------------- /cdas/data/asns/Zimbabwe.json: -------------------------------------------------------------------------------- 1 | {"37442": ["41.57.124.0/22"], "30969": ["41.60.32.0/19", "41.60.64.0/18", "41.79.28.0/22", "41.79.132.0/22", "41.175.64.0/20", "169.239.24.0/22", "196.27.96.0/19", "196.201.1.0/24", "196.201.16.0/21", "197.211.192.0/18"], "30844": ["41.60.200.0/21", "41.175.96.0/19", "46.17.232.0/21"], "37184": ["41.78.76.0/22", "41.79.188.0/22", "154.73.80.0/22"], "327770": ["41.79.56.0/22"], "37183": ["41.85.192.0/19", "196.29.32.0/21", "196.43.96.0/19"], "37123": ["41.191.232.0/21"], "37204": ["41.220.16.0/20", "194.133.122.0/24", "197.221.224.0/19", "209.88.88.0/21"], "36986": ["41.221.144.0/20"], "328088": ["102.128.76.0/22", "196.41.88.0/24"], "328269": ["102.177.72.0/22"], "328230": ["102.177.192.0/18"], "327863": ["196.4.80.0/24"], "37344": ["196.43.199.0/24"], "328235": ["196.49.46.0/24"], "327971": ["196.216.224.0/23"]} -------------------------------------------------------------------------------- /docs/_config.yml: -------------------------------------------------------------------------------- 1 | theme: jekyll-theme-dinky -------------------------------------------------------------------------------- /docs/images/input_folder.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/cmu-sei/CDAS/7ee019eaa0d639c296df065444ac180450babe12/docs/images/input_folder.png -------------------------------------------------------------------------------- /sample_configs/randomize_actors_large_pdfjson.json: -------------------------------------------------------------------------------- 1 | { 2 | "agents": { 3 | "randomize_threat_actors": true, 4 | "random_variables": { 5 | "actor_name_1": "data/personality_traits.txt", 6 | "actor_name_2": "data/disney_names.txt", 7 | "num_agents": 25 8 | } 9 | }, 10 | "countries": { 11 | "randomize": false, 12 | "random_vars": { 13 | "num_countries": 200 14 | } 15 | }, 16 | "defenders": { 17 | "number_per_country": 1, 18 | "org_names": "data/organization_names.txt", 19 | "sectors": "ANY", 20 | "countries": "ANY", 21 | "allow_defense": false 22 | }, 23 | "simulation": { 24 | "rounds": 25, 25 | "time_range": [ 26 | "2017-08-01", 27 | "2020-08-01" 28 | ] 29 | }, 30 | "output": { 31 | "input_directory": "", 32 | "output_directory": "cdas-output", 33 | "output_type_opts": ["json", "pdf", "html", "misp"], 34 | "output_types": ["pdf","json"], 35 | "temp_directory": "cdas-temp" 36 | } 37 | } -------------------------------------------------------------------------------- /sample_configs/randomize_actors_small_pdf.json: -------------------------------------------------------------------------------- 1 | { 2 | "agents": { 3 | "randomize_threat_actors": true, 4 | "random_variables": { 5 | "actor_name_1": "data/personality_traits.txt", 6 | "actor_name_2": "data/disney_names.txt", 7 | "num_agents": 5 8 | } 9 | }, 10 | "countries": { 11 | "randomize": false, 12 | "random_vars": { 13 | "num_countries": 5 14 | } 15 | }, 16 | "defenders": { 17 | "number_per_country": 1, 18 | "org_names": "data/organization_names.txt", 19 | "sectors": "ANY", 20 | "countries": "ANY", 21 | "allow_defense": false 22 | }, 23 | "simulation": { 24 | "rounds": 25, 25 | "time_range": [ 26 | "2019-08-01", 27 | "2020-08-01" 28 | ] 29 | }, 30 | "output": { 31 | "input_directory": "", 32 | "output_directory": "cdas-output", 33 | "output_type_opts": ["json", "pdf", "html", "misp"], 34 | "output_types": ["pdf"], 35 | "temp_directory": "cdas-temp" 36 | } 37 | } -------------------------------------------------------------------------------- /sample_configs/randomize_all_large_pdfjson.json: -------------------------------------------------------------------------------- 1 | { 2 | "agents": { 3 | "randomize_threat_actors": true, 4 | "random_variables": { 5 | "actor_name_1": "data/personality_traits.txt", 6 | "actor_name_2": "data/disney_names.txt", 7 | "num_agents": 25 8 | } 9 | }, 10 | "countries": { 11 | "randomize": true, 12 | "random_vars": { 13 | "num_countries": 200 14 | } 15 | }, 16 | "defenders": { 17 | "number_per_country": 1, 18 | "org_names": "data/organization_names.txt", 19 | "sectors": "ANY", 20 | "countries": "ANY", 21 | "allow_defense": false 22 | }, 23 | "simulation": { 24 | "rounds": 100, 25 | "time_range": [ 26 | "2017-08-01", 27 | "2020-08-01" 28 | ] 29 | }, 30 | "output": { 31 | "input_directory": "", 32 | "output_directory": "cdas-output", 33 | "output_type_opts": ["json", "pdf", "html", "misp"], 34 | "output_types": ["pdf","json"], 35 | "temp_directory": "cdas-temp" 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /sample_configs/randomize_all_small_pdf.json: -------------------------------------------------------------------------------- 1 | { 2 | "agents": { 3 | "randomize_threat_actors": true, 4 | "random_variables": { 5 | "actor_name_1": "data/personality_traits.txt", 6 | "actor_name_2": "data/disney_names.txt", 7 | "num_agents": 5 8 | } 9 | }, 10 | "countries": { 11 | "randomize": true, 12 | "random_vars": { 13 | "num_countries": 5 14 | } 15 | }, 16 | "defenders": { 17 | "number_per_country": 1, 18 | "org_names": "data/organization_names.txt", 19 | "sectors": "ANY", 20 | "countries": "ANY", 21 | "allow_defense": false, 22 | "increment_budget": 4 23 | }, 24 | "simulation": { 25 | "rounds": 25, 26 | "time_range": [ 27 | "2019-08-01", 28 | "2020-08-01" 29 | ] 30 | }, 31 | "output": { 32 | "input_directory": "", 33 | "output_directory": "cdas-output", 34 | "output_type_opts": ["json", "pdf", "html", "misp"], 35 | "output_types": ["pdf"], 36 | "temp_directory": "cdas-temp" 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /sample_configs/randomize_countries_large_pdf.json: -------------------------------------------------------------------------------- 1 | { 2 | "agents": { 3 | "randomize_threat_actors": false, 4 | "random_variables": { 5 | "actor_name_1": "data/personality_traits.txt", 6 | "actor_name_2": "data/disney_names.txt", 7 | "num_agents": 5 8 | } 9 | }, 10 | "countries": { 11 | "randomize": true, 12 | "random_vars": { 13 | "num_countries": 200 14 | } 15 | }, 16 | "defenders": { 17 | "number_per_country": 1, 18 | "org_names": "data/organization_names.txt", 19 | "sectors": "ANY", 20 | "countries": "ANY", 21 | "allow_defense": false 22 | }, 23 | "simulation": { 24 | "rounds": 100, 25 | "time_range": [ 26 | "2017-08-01", 27 | "2020-08-01" 28 | ] 29 | }, 30 | "output": { 31 | "input_directory": "", 32 | "output_directory": "cdas-output", 33 | "output_type_opts": ["json", "pdf", "html", "misp"], 34 | "output_types": ["pdf"], 35 | "temp_directory": "cdas-temp" 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /sample_configs/randomize_countries_small_json.json: -------------------------------------------------------------------------------- 1 | { 2 | "agents": { 3 | "randomize_threat_actors": false, 4 | "random_variables": { 5 | "actor_name_1": "data/personality_traits.txt", 6 | "actor_name_2": "data/disney_names.txt", 7 | "num_agents": 5 8 | } 9 | }, 10 | "countries": { 11 | "randomize": true, 12 | "random_vars": { 13 | "num_countries": 5 14 | } 15 | }, 16 | "defenders": { 17 | "number_per_country": 1, 18 | "org_names": "data/organization_names.txt", 19 | "sectors": "ANY", 20 | "countries": "ANY", 21 | "allow_defense": false 22 | }, 23 | "simulation": { 24 | "rounds": 25, 25 | "time_range": [ 26 | "2019-08-01", 27 | "2020-08-01" 28 | ] 29 | }, 30 | "output": { 31 | "input_directory": "", 32 | "output_directory": "cdas-output", 33 | "output_type_opts": ["json", "pdf", "html", "misp"], 34 | "output_types": ["json"], 35 | "temp_directory": "cdas-temp" 36 | } 37 | } 38 | --------------------------------------------------------------------------------