anti/DECNET
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
09f598ce4764e328093c440bb0dd67cd6ceb56f8
DECNET/threatfox-api.json
anti 09f598ce47 feat(profiler/behave_shell): G.2 operational.opsec_discipline 
* careful — operator hits OPSEC_HISTORY_TOKENS AND tail-K commands
  include _CLEANUP_TOKEN_HASHES (re-imported from temporal.py).
* learning — history hit without cleanup-tail follow-through.
* careless — no history-clearing vocabulary at all.

Confidence 0.45 (small lexicon, soft); 0.30 below
MIN_COMMANDS_FOR_FULL_CONFIDENCE.
2026-05-08 16:29:48 -04:00

70 lines
2.4 KiB
JSON
Raw Blame History

{
"query_status": "ok",
"data": {
"1": {
"ioc_type": "url",
"fk_threat_type": "payload_delivery",
"description": "URL that delivers a malware payload"
},
"2": {
"ioc_type": "domain",
"fk_threat_type": "payload_delivery",
"description": "Domain name that delivers a malware payload"
},
"3": {
"ioc_type": "ip:port",
"fk_threat_type": "payload_delivery",
"description": "ip:port combination that delivery a malware payload"
},
"4": {
"ioc_type": "url",
"fk_threat_type": "botnet_cc",
"description": "URL that is used for botnet Command&control (C&C)"
},
"5": {
"ioc_type": "domain",
"fk_threat_type": "botnet_cc",
"description": "Domain that is used for botnet Command&control (C&C)"
},
"6": {
"ioc_type": "ip:port",
"fk_threat_type": "botnet_cc",
"description": "ip:port combination that is used for botnet Command&control (C&C)"
},
"7": {
"ioc_type": "envelope_from",
"fk_threat_type": "payload_delivery",
"description": "Sender email address (envelope from) that is used for payload delivery"
},
"8": {
"ioc_type": "body_from",
"fk_threat_type": "payload_delivery",
"description": "Sender email address (body from) that is used for payload delivery"
},
"9": {
"ioc_type": "md5_hash",
"fk_threat_type": "payload",
"description": "MD5 hash of a malware sample (payload)"
},
"10": {
"ioc_type": "sha256_hash",
"fk_threat_type": "payload",
"description": "SHA256 hash of a malware sample (payload)"
},
"11": {
"ioc_type": "sha3_384_hash",
"fk_threat_type": "payload",
"description": "SHA3-384 hash of a malware sample (payload)"
},
"12": {
"ioc_type": "sha1_hash",
"fk_threat_type": "payload",
"description": "SHA1 hash of a malware sample (payload)"
},
"13": {
"ioc_type": "domain",
"fk_threat_type": "cc_skimming",
"description": "Domain used for credit card skimming (usually related to Magecart attacks)"
}
}
}
Reference in New Issue View Git Blame Copy Permalink