Objects

Objects are pieces of metadata that are extracted during Analysis of a top-level object (TLO). Examples might be:

IP address found when running strings on a binary.
Email addresses in an Email.
Filepath of a malicious file dropped on a host.
URL that a process was beaconing to in a PCAP.

The available Object Types are based off of CybOX Object Types so we do not allow for the list to be modified through the UI. If you need more Object Types available, it is best to contact the CybOX project and work with them to get your Object Type supported. If it is mission critical that you add a new Object Type immediately, you can do so by adding it to the database directly, or by modifying the create_object_types management command script in crits/core/management/commands to include your Object Type. NOTE: Unsupported Object Types will never be exportable to CybOX so they cannot be shared. It is still recommended to contact the CybOX project and work with them even if you've already added the Object Type to your system.

You can add Objects to TLOs through their Details page. Some services might also add Objects as part of their results but it is up to the developer whether or not they wish to do so or to provide results in another format/place.

When creating an Object, or after-the-fact you can generate an Indicator from the Object directly.

Objects

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally