digital-forensics-labs/digital-forensics-lab
1
0
Fork 0
mirror of https://github.com/frankwxu/digital-forensics-lab.git synced 2026-04-10 12:13:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

add xSTIX

Browse Source
This commit is contained in:
Frank Xu
2021-02-01 10:06:43 -05:00
parent 0bfc95a0e5
commit 4d9eeeebc5
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
STIX_for_digital_forensics/readme.md
View File

@@ -705,7 +705,7 @@ Investigation Tools are software that can be used by cyber investigators to perf
| tool_types | list of type open-vocab | The values for this property SHOULD come from the investigation-tool-type-ov open vocabulary. |
| aliases | list of type string | Alternative names used to identify this investigation tool. |
| tool_version | string | The version identifier associated with the investigation tool. |
| software_ref | identifier | Specifier the software that is used as the investigation tool. |
| software_ref | identifier | Specifier the software product (if CPE or SWID is known) used as the investigation tool. |
## Investigation Tool Type Vocabulary
@@ -724,6 +724,10 @@ Investigation Tool Type is an open vocabulary that describes the type of the too
| dump | Tools used to dump information from cache or memory. |
| unknown | There is not enough information available to determine the type of tool. |
### Examples
Use an open-source software to parse and decode $LogFile records
```json
{
"type": "x-investigation-tool",