diff --git a/includes/lookups/_generate_lookups.py b/includes/lookups/_generate_lookups.py index 1bf5de8..d900fac 100644 --- a/includes/lookups/_generate_lookups.py +++ b/includes/lookups/_generate_lookups.py @@ -10,46 +10,61 @@ # Define queries and output files queries = { - "mitre_cwe_id_v4_15.txt": """ + "mitre_cwe_id_v4_15.txt": + """ FOR doc IN mitre_cwe_vertex_collection FILTER doc._stix2arango_note == "version=4_15" AND IS_ARRAY(doc.external_references) AND doc.x_mitre_deprecated != true AND doc.revoked != true + AND doc.type == "weakness" + AND doc.name != null + AND !CONTAINS(doc.name, "DEPRECATED:") FOR reference IN doc.external_references FILTER reference.source_name == "cwe" SORT reference.external_id ASC RETURN reference.external_id - """, - "mitre_cwe_name_v4_15.txt": """ + """, + "mitre_cwe_name_v4_15.txt": + """ FOR doc IN mitre_cwe_vertex_collection FILTER doc._stix2arango_note == "version=4_15" AND IS_ARRAY(doc.external_references) AND doc.x_mitre_deprecated != true AND doc.revoked != true AND doc.type == "weakness" + AND doc.name != null + AND !CONTAINS(doc.name, "DEPRECATED:") RETURN doc.name - """, - "mitre_capec_id_v3_9.txt": """ + """, + "mitre_capec_id_v3_9.txt": + """ FOR doc IN mitre_capec_vertex_collection FILTER doc._stix2arango_note == "version=3_9" AND doc.x_mitre_deprecated != true AND doc.revoked != true + AND doc.type != "course-of-action" + AND doc.name != null + AND !CONTAINS(doc.name, "DEPRECATED:") AND IS_ARRAY(doc.external_references) FOR reference IN doc.external_references FILTER reference.source_name == "capec" SORT reference.external_id ASC RETURN reference.external_id - """, - "mitre_capec_name_v3_9.txt": """ + """, + "mitre_capec_name_v3_9.txt": + """ FOR doc IN mitre_capec_vertex_collection FILTER doc._stix2arango_note == "version=3_9" AND doc.x_mitre_deprecated != true AND doc.revoked != true AND doc.type != "course-of-action" + AND doc.name != null + AND !CONTAINS(doc.name, "DEPRECATED:") RETURN doc.name - """, - "mitre_attack_enterprise_id_v16_0.txt": """ + """, + "mitre_attack_enterprise_id_v16_0.txt": + """ FOR doc IN mitre_attack_enterprise_vertex_collection FILTER doc._stix2arango_note == "version=16_0" AND doc.type != "x-mitre-matrix" @@ -60,16 +75,18 @@ FILTER reference.source_name == "mitre-attack" SORT reference.external_id ASC RETURN reference.external_id - """, - "mitre_attack_enterprise_name_v16_0.txt": """ + """, + "mitre_attack_enterprise_name_v16_0.txt": + """ FOR doc IN mitre_attack_enterprise_vertex_collection FILTER doc._stix2arango_note == "version=16_0" AND doc.type != "x-mitre-matrix" AND doc.x_mitre_deprecated != true AND doc.revoked != true RETURN doc.name - """, - "mitre_attack_enterprise_aliases_v16_0.txt": """ + """, + "mitre_attack_enterprise_aliases_v16_0.txt": + """ FOR alias IN UNIQUE( FLATTEN( FOR doc IN mitre_attack_enterprise_vertex_collection @@ -77,13 +94,18 @@ AND doc.type != "x-mitre-matrix" AND doc.x_mitre_deprecated != true AND doc.revoked != true - AND IS_ARRAY(doc.x_mitre_aliases) - RETURN doc.x_mitre_aliases + LET combined_aliases = APPEND( + doc.aliases ? doc.aliases : [], + doc.x_mitre_aliases ? doc.x_mitre_aliases : [] + ) + FILTER LENGTH(combined_aliases) > 0 + RETURN combined_aliases ) ) RETURN alias - """, - "mitre_attack_ics_id_v16_0.txt": """ + """, + "mitre_attack_ics_id_v16_0.txt": + """ FOR doc IN mitre_attack_ics_vertex_collection FILTER doc._stix2arango_note == "version=16_0" AND doc.type != "x-mitre-matrix" @@ -94,8 +116,18 @@ FILTER reference.source_name == "mitre-attack" SORT reference.external_id ASC RETURN reference.external_id - """, - "mitre_attack_ics_aliases_v16_0.txt": """ + """, + "mitre_attack_ics_name_v16_0.txt": + """ + FOR doc IN mitre_attack_ics_vertex_collection + FILTER doc._stix2arango_note == "version=16_0" + AND doc.type != "x-mitre-matrix" + AND doc.x_mitre_deprecated != true + AND doc.revoked != true + RETURN doc.name + """, + "mitre_attack_ics_aliases_v16_0.txt": + """ FOR alias IN UNIQUE( FLATTEN( FOR doc IN mitre_attack_ics_vertex_collection @@ -103,21 +135,18 @@ AND doc.type != "x-mitre-matrix" AND doc.x_mitre_deprecated != true AND doc.revoked != true - AND IS_ARRAY(doc.x_mitre_aliases) - RETURN doc.x_mitre_aliases + LET combined_aliases = APPEND( + doc.aliases ? doc.aliases : [], + doc.x_mitre_aliases ? doc.x_mitre_aliases : [] + ) + FILTER LENGTH(combined_aliases) > 0 + RETURN combined_aliases ) ) RETURN alias - """, - "mitre_attack_ics_name_v16_0.txt": """ - FOR doc IN mitre_attack_ics_vertex_collection - FILTER doc._stix2arango_note == "version=16_0" - AND doc.type != "x-mitre-matrix" - AND doc.x_mitre_deprecated != true - AND doc.revoked != true - RETURN doc.name - """, - "mitre_attack_mobile_id_v16_0.txt": """ + """, + "mitre_attack_mobile_id_v16_0.txt": + """ FOR doc IN mitre_attack_mobile_vertex_collection FILTER doc._stix2arango_note == "version=16_0" AND doc.type != "x-mitre-matrix" @@ -128,16 +157,37 @@ FILTER reference.source_name == "mitre-attack" SORT reference.external_id ASC RETURN reference.external_id - """, - "mitre_attack_mobile_name_v16_0.txt": """ + """, + "mitre_attack_mobile_name_v16_0.txt": + """ FOR doc IN mitre_attack_mobile_vertex_collection FILTER doc._stix2arango_note == "version=16_0" AND doc.type != "x-mitre-matrix" AND doc.x_mitre_deprecated != true AND doc.revoked != true RETURN doc.name - """, - "mitre_atlas_id_v4_5_2.txt": """ + """, + "mitre_attack_mobile_aliases_v16_0.txt": + """ + FOR alias IN UNIQUE( + FLATTEN( + FOR doc IN mitre_attack_mobile_vertex_collection + FILTER doc._stix2arango_note == "version=16_0" + AND doc.type != "x-mitre-matrix" + AND doc.x_mitre_deprecated != true + AND doc.revoked != true + LET combined_aliases = APPEND( + doc.aliases ? doc.aliases : [], + doc.x_mitre_aliases ? doc.x_mitre_aliases : [] + ) + FILTER LENGTH(combined_aliases) > 0 + RETURN combined_aliases + ) + ) + RETURN alias + """, + "mitre_atlas_id_v4_5_2.txt": + """ FOR doc IN mitre_atlas_vertex_collection FILTER doc._stix2arango_note == "version=4_5_2" AND doc.type != "x-mitre-matrix" @@ -148,16 +198,18 @@ FILTER reference.source_name == "mitre-atlas" SORT reference.external_id ASC RETURN reference.external_id - """, - "mitre_atlas_name_v4_5_2.txt": """ + """, + "mitre_atlas_name_v4_5_2.txt": + """ FOR doc IN mitre_atlas_vertex_collection FILTER doc._stix2arango_note == "version=4_5_2" AND doc.type != "x-mitre-matrix" AND doc.x_mitre_deprecated != true AND doc.revoked != true RETURN doc.name - """, - "disarm_id_v1_5.txt": """ + """, + "disarm_id_v1_5.txt": + """ FOR doc IN disarm_vertex_collection FILTER doc._stix2arango_note == "version=1_5" AND doc.type != "x-mitre-matrix" @@ -169,14 +221,15 @@ SORT reference.external_id ASC RETURN reference.external_id """, - "disarm_name_v1_5.txt": """ + "disarm_name_v1_5.txt": + """ FOR doc IN disarm_vertex_collection FILTER doc._stix2arango_note == "version=1_5" AND doc.type != "x-mitre-matrix" AND doc.x_mitre_deprecated != true AND doc.revoked != true RETURN doc.name - """ + """ } # Execute each query and save the results in the script's directory diff --git a/includes/lookups/mitre_attack_enterprise_aliases_v16_0.txt b/includes/lookups/mitre_attack_enterprise_aliases_v16_0.txt index f63e669..370d5d6 100644 --- a/includes/lookups/mitre_attack_enterprise_aliases_v16_0.txt +++ b/includes/lookups/mitre_attack_enterprise_aliases_v16_0.txt @@ -1,3 +1,558 @@ +Operation Dream Job +Operation North Star +Operation Interception +KV Botnet Activity +Frankenstein +Operation Sharpshooter +Operation Honeybee +Triton Safety Instrumented System Attack +Operation Dust Storm +2015 Ukraine Electric Power Attack +Operation Spalax +Cutting Edge +C0018 +Water Curupira Pikabot Distribution +C0021 +C0015 +Operation Ghost +HomeLand Justice +C0032 +SolarWinds Compromise +Pikabot Distribution February 2024 +FunnyDream +Operation CuckooBees +C0033 +2016 Ukraine Electric Power Attack +C0010 +APT41 DUST +Night Dragon +Versa Director Zero Day Exploitation +Operation Wocao +C0011 +C0017 +C0026 +C0027 +2022 Ukraine Electric Power Attack +CostaRicto +APT38 +NICKEL GLADSTONE +BeagleBoyz +Bluenoroff +Stardust Chollima +Sapphire Sleet +COPERNICIUM +Indrik Spider +Evil Corp +Manatee Tempest +DEV-0243 +UNC2165 +NEODYMIUM +Elderwood +Elderwood Gang +Beijing Group +Sneaky Panda +SideCopy +GALLIUM +Granite Typhoon +APT17 +Deputy Dog +APT3 +Gothic Panda +Pirpi +UPS Team +Buckeye +Threat Group-0110 +TG-0110 +Mustard Tempest +DEV-0206 +TA569 +GOLD PRELUDE +UNC1543 +GCMAN +Kimsuky +Black Banshee +Velvet Chollima +Emerald Sleet +THALLIUM +APT43 +TA427 +EXOTIC LILY +TA577 +admin@338 +Volt Typhoon +BRONZE SILHOUETTE +Vanguard Panda +DEV-0391 +UNC3236 +Voltzite +Insidious Taurus +Patchwork +Hangover Group +Dropping Elephant +Chinastrats +MONSOON +Operation Hangover +APT41 +Wicked Panda +Brass Typhoon +BARIUM +Dragonfly +TEMP.Isotope +DYMALLOY +Berserk Bear +TG-4192 +Crouching Yeti +IRON LIBERTY +Energetic Bear +Ghost Blizzard +BROMINE +Evilnum +Gorgon Group +menuPass +Cicada +POTASSIUM +Stone Panda +APT10 +Red Apollo +CVNX +HOGFISH +BRONZE RIVERSIDE +APT32 +SeaLotus +OceanLotus +APT-C-00 +Canvas Cyclone +BISMUTH +HAFNIUM +Operation Exchange Marauder +Silk Typhoon +MuddyWater +Earth Vetala +MERCURY +Static Kitten +Seedworm +TEMP.Zagros +Mango Sandstorm +TA450 +Strider +ProjectSauron +Naikon +FIN6 +Magecart Group 6 +ITG08 +Skeleton Spider +TAAL +Camouflage Tempest +Gamaredon Group +IRON TILDEN +Primitive Bear +ACTINIUM +Armageddon +Shuckworm +DEV-0157 +Aqua Blizzard +Moafee +Gallmaker +Leafminer +Raspite +TeamTNT +FIN7 +GOLD NIAGARA +ITG14 +Carbon Spider +ELBRUS +Sangria Tempest +Sandworm Team +ELECTRUM +Telebots +IRON VIKING +BlackEnergy (Group) +Quedagh +Voodoo Bear +IRIDIUM +Seashell Blizzard +FROZENBARENTS +APT44 +Machete +APT-C-43 +El Machete +APT18 +TG-0416 +Dynamite Panda +Threat Group-0416 +Andariel +Silent Chollima +PLUTONIUM +Onyx Sleet +CURIUM +Crimson Sandstorm +TA456 +Tortoise Shell +Yellow Liderc +Sidewinder +T-APT-04 +Rattlesnake +Mustang Panda +TA416 +RedDelta +BRONZE PRESIDENT +ZIRCONIUM +APT31 +Violet Typhoon +Rocke +Scattered Spider +Roasted 0ktapus +Octo Tempest +Storm-0875 +APT39 +ITG07 +Chafer +Remix Kitten +TA2541 +Akira +GOLD SAHARA +PUNK SPIDER +APT37 +InkySquid +ScarCruft +Reaper +Group123 +TEMP.Reaper +Ricochet Chollima +Moses Staff +DEV-0500 +Marigold Sandstorm +OilRig +COBALT GYPSY +IRN2 +APT34 +Helix Kitten +Evasive Serpens +Hazel Sandstorm +EUROPIUM +ITG13 +Windigo +Higaisa +Carbanak +Anunak +Tropic Trooper +Pirate Panda +KeyBoy +Orangeworm +Suckfly +Putter Panda +APT2 +MSUpdater +POLONIUM +Plaid Rain +TA459 +Aquatic Panda +Aoqin Dragon +Ferocious Kitten +The White Company +Ke3chang +APT15 +Mirage +Vixen Panda +GREF +Playful Dragon +RoyalAPT +NICKEL +Nylon Typhoon +Saint Bear +Storm-0587 +TA471 +UAC-0056 +Lorec53 +APT1 +Comment Crew +Comment Group +Comment Panda +DarkHydrus +Confucius +Confucius APT +BlackTech +Palmerworm +Leviathan +MUDCARP +Kryptonite Panda +Gadolinium +BRONZE MOHAWK +TEMP.Jumper +APT40 +TEMP.Periscope +Gingham Typhoon +MoustachedBouncer +Group5 +Blue Mockingbird +Winter Vivern +TA473 +UAC-0114 +SilverTerrier +Turla +IRON HUNTER +Group 88 +Waterbug +WhiteBear +Snake +Krypton +Venomous Bear +Secret Blizzard +BELUGASTURGEON +Poseidon Group +TA505 +Hive0065 +Spandex Tempest +CHIMBORAZO +BITTER +T-APT-17 +DarkVishnya +RedCurl +APT-C-23 +Mantis +Arid Viper +Desert Falcon +TAG-63 +Grey Karkadann +Big Bang APT +Two-tailed Scorpion +FIN5 +Mofang +Lotus Blossom +DRAGONFISH +Spring Dragon +RADIUM +Raspberry Typhoon +Stealth Falcon +APT29 +IRON RITUAL +IRON HEMLOCK +NobleBaron +Dark Halo +NOBELIUM +UNC2452 +YTTRIUM +The Dukes +Cozy Bear +CozyDuke +SolarStorm +Blue Kitsune +UNC3524 +Midnight Blizzard +Dark Caracal +Cinnamon Tempest +DEV-0401 +Emperor Dragonfly +BRONZE STARLIGHT +Chimera +Cleaver +Threat Group 2889 +TG-2889 +Silent Librarian +TA407 +COBALT DICKENS +BRONZE BUTLER +REDBALDKNIGHT +Tick +TA551 +GOLD CABIN +Shathak +TEMP.Veles +XENOTIME +Equation +BackdoorDiplomacy +Star Blizzard +SEABORGIUM +Callisto Group +TA446 +COLDRIVER +Darkhotel +DUBNIUM +Zigzag Hail +Axiom +Group 72 +TA578 +Deep Panda +Shell Crew +WebMasters +KungFu Kittens +PinkPanther +Black Vine +Ember Bear +UNC2589 +Bleeding Bear +DEV-0586 +Cadet Blizzard +Frozenvista +LazyScripter +Windshift +Bahamut +Volatile Cedar +Lebanese Cedar +ToddyCat +Whitefly +LuminousMoth +Agrius +Pink Sandstorm +AMERICIUM +Agonizing Serpens +BlackShadow +APT28 +IRON TWILIGHT +SNAKEMACKEREL +Swallowtail +Group 74 +Sednit +Sofacy +Pawn Storm +Fancy Bear +STRONTIUM +Tsar Team +Threat Group-4127 +TG-4127 +Forest Blizzard +FROZENLAKE +Malteiro +Metador +APT5 +Mulberry Typhoon +MANGANESE +BRONZE FLEETWOOD +Keyhole Panda +UNC2630 +Fox Kitten +UNC757 +Parisite +Pioneer Kitten +RUBIDIUM +Lemon Sandstorm +RTM +APT12 +IXESHE +DynCalc +Numbered Panda +DNSCALC +APT-C-36 +Blind Eagle +Scarlet Mimic +Winnti Group +Blackfly +Tonto Team +Earth Akhlut +BRONZE HUNTLEY +CactusPete +Karma Panda +GOLD SOUTHFIELD +Pinchy Spider +Lazarus Group +Labyrinth Chollima +HIDDEN COBRA +Guardians of Peace +ZINC +NICKEL ACADEMY +Diamond Sleet +INC Ransom +GOLD IONIC +Earth Lusca +TAG-22 +Charcoal Typhoon +CHROMIUM +ControlX +FIN4 +Silence +Whisper Spider +Sowbug +Threat Group-1314 +TG-1314 +Thrip +APT16 +LAPSUS$ +DEV-0537 +Strawberry Tempest +BlackOasis +Cobalt Group +GOLD KINGSWOOD +Cobalt Gang +Cobalt Spider +CopyKittens +Wizard Spider +UNC1878 +TEMP.MixMaster +Grim Spider +FIN12 +GOLD BLACKBURN +ITG23 +Periwinkle Tempest +DEV-0193 +Molerats +Operation Molerats +Gaza Cybergang +Transparent Tribe +COPPER FIELDSTONE +APT36 +Mythic Leopard +ProjectM +IndigoZebra +Moonstone Sleet +Storm-1789 +Inception +Inception Framework +Cloud Atlas +Play +PROMETHIUM +StrongPity +APT30 +HEXANE +Lyceum +Siamesekitten +Spirlin +DragonOK +Daggerfly +Evasive Panda +BRONZE HIGHLAND +Rancor +WIRTE +PLATINUM +Magic Hound +TA453 +COBALT ILLUSION +Charming Kitten +ITG18 +Phosphorus +Newscaster +APT35 +Mint Sandstorm +Ajax Security Team +Operation Woolen-Goldfish +AjaxTM +Rocket Kitten +Flying Kitten +Operation Saffron Rose +Threat Group-3390 +Earth Smilodon +TG-3390 +Emissary Panda +BRONZE UNION +APT27 +Iron Tiger +LuckyMouse +APT33 +HOLMIUM +Elfin +Peach Sandstorm +FIN10 +FIN8 +Syssphinx +FIN13 +Elephant Beetle +APT19 +Codoso +C0d0so0 +Codoso Team +Sunshop Group +PittyTiger +Nomadic Octopus +DustSquad HDoor Custom HDoor TrickBot @@ -86,7 +641,6 @@ Prestige Bankshot Trojan Manuscript SharpDisco -StrongPity HAPPYWORK xCaon PLAINTEE @@ -101,7 +655,6 @@ Enfal Kasidet OceanSalt Playcrypt -Play Brave Prince RainyDay Ecipekac @@ -146,7 +699,6 @@ TEARDROP DUSTTRAP Turian BADHATCH -Machete Pyark PowerLess Action RAT @@ -264,7 +816,6 @@ BADFLICK ObliqueRAT SHOTPUT Backdoor.APT.CookieCutter -Pirpi Avaddon Conficker Kido @@ -290,7 +841,6 @@ HELLOKITTY CostaBricks Cheerscrypt LIGHTWIRE -KeyBoy POSHSPY MiniDuke HyperBro @@ -301,7 +851,6 @@ Pterodo DarkTortilla ROKRAT CORESHELL -Sofacy SOURFACE RunningRAT VPNFilter @@ -338,7 +887,6 @@ Duqu Truvasys Remsec Backdoor.Remsec -ProjectSauron Industroyer2 Sykipot Explosive @@ -356,7 +904,6 @@ KEYPLUG.LINUX Cuba DEATHRANSOM Clambling -Akira DarkGate Mongall NanHaiShu @@ -366,8 +913,6 @@ MacRansom.K EvilQuest FoggyWeb NGLite -Carbanak -Anunak XTunnel Trojan.Shunnael X-Tunnel @@ -398,7 +943,6 @@ WanaCrypt WanaCrypt0r WCry Gazer -WhiteBear TSCookie Latrodectus IceNova @@ -426,7 +970,6 @@ pngdowner Royal BendyBear Uroburos -Snake Metamorfo Casbaneiro Spica @@ -454,7 +997,6 @@ JHUHUGIT Trojan.Sofacy Seduploader JKEYSKW -Sednit GAMEFISH SofacyCarberp SPACESHIP @@ -490,7 +1032,6 @@ NightClub Crutch SDBbot Mosquito -RTM Redaman QUIETCANARY Tunnus @@ -628,7 +1169,6 @@ Revenge RAT MacMa OSX.CDDS DazzleSpy -FunnyDream ROADSWEEP SUNSPOT More_eggs @@ -754,7 +1294,6 @@ Socksbot Pcexter HIDEDRV CozyCar -CozyDuke CozyBear Cozer EuroAPT @@ -959,4 +1498,5 @@ Tor AdFind Wevtutil PsExec -Twitoor \ No newline at end of file +Twitoor +Bouncing Golf \ No newline at end of file diff --git a/includes/lookups/mitre_attack_ics_aliases_v16_0.txt b/includes/lookups/mitre_attack_ics_aliases_v16_0.txt index 614a581..008855c 100644 --- a/includes/lookups/mitre_attack_ics_aliases_v16_0.txt +++ b/includes/lookups/mitre_attack_ics_aliases_v16_0.txt @@ -1,3 +1,90 @@ +Triton Safety Instrumented System Attack +2015 Ukraine Electric Power Attack +Maroochy Water Breach +Unitronics Defacement Campaign +2016 Ukraine Electric Power Attack +2022 Ukraine Electric Power Attack +APT38 +NICKEL GLADSTONE +BeagleBoyz +Bluenoroff +Stardust Chollima +Sapphire Sleet +COPERNICIUM +ALLANITE +Palmetto Fusion +Dragonfly +TEMP.Isotope +DYMALLOY +Berserk Bear +TG-4192 +Crouching Yeti +IRON LIBERTY +Energetic Bear +Ghost Blizzard +BROMINE +FIN6 +Magecart Group 6 +ITG08 +Skeleton Spider +TAAL +Camouflage Tempest +FIN7 +GOLD NIAGARA +ITG14 +Carbon Spider +ELBRUS +Sangria Tempest +Sandworm Team +ELECTRUM +Telebots +IRON VIKING +BlackEnergy (Group) +Quedagh +Voodoo Bear +IRIDIUM +Seashell Blizzard +FROZENBARENTS +APT44 +OilRig +COBALT GYPSY +IRN2 +APT34 +Helix Kitten +Evasive Serpens +Hazel Sandstorm +EUROPIUM +ITG13 +TEMP.Veles +XENOTIME +CyberAv3ngers +Soldiers of Soloman +GOLD SOUTHFIELD +Pinchy Spider +Lazarus Group +Labyrinth Chollima +HIDDEN COBRA +Guardians of Peace +ZINC +NICKEL ACADEMY +Diamond Sleet +Wizard Spider +UNC1878 +TEMP.MixMaster +Grim Spider +FIN12 +GOLD BLACKBURN +ITG23 +Periwinkle Tempest +DEV-0193 +HEXANE +Lyceum +Siamesekitten +Spirlin +APT33 +HOLMIUM +Elfin +Peach Sandstorm EKANS SNAKEHOSE Backdoor.Oldrea @@ -49,4 +136,6 @@ CRASHOVERRIDE Win32/Industroyer Flame Flamer -sKyWIper \ No newline at end of file +sKyWIper +Leafminer +Raspite \ No newline at end of file diff --git a/includes/lookups/mitre_attack_mobile_aliases_v16_0.txt b/includes/lookups/mitre_attack_mobile_aliases_v16_0.txt new file mode 100644 index 0000000..985ab90 --- /dev/null +++ b/includes/lookups/mitre_attack_mobile_aliases_v16_0.txt @@ -0,0 +1,159 @@ +Operation Dust Storm +C0033 +Bouncing Golf +UNC788 +Sandworm Team +ELECTRUM +Telebots +IRON VIKING +BlackEnergy (Group) +Quedagh +Voodoo Bear +IRIDIUM +Seashell Blizzard +FROZENBARENTS +APT44 +Scattered Spider +Roasted 0ktapus +Octo Tempest +Storm-0875 +Confucius +Confucius APT +MoustachedBouncer +BITTER +T-APT-17 +APT-C-23 +Mantis +Arid Viper +Desert Falcon +TAG-63 +Grey Karkadann +Big Bang APT +Two-tailed Scorpion +Dark Caracal +Windshift +Bahamut +APT28 +IRON TWILIGHT +SNAKEMACKEREL +Swallowtail +Group 74 +Sednit +Sofacy +Pawn Storm +Fancy Bear +STRONTIUM +Tsar Team +Threat Group-4127 +TG-4127 +Forest Blizzard +FROZENLAKE +Earth Lusca +TAG-22 +Charcoal Typhoon +CHROMIUM +ControlX +PROMETHIUM +StrongPity +CarbonSteal +Cerberus +DroidJack +Rotexy +Stealth Mango +GoldenEagle +FlixOnline +Bread +Joker +Hornbill +Gooligan +Ghost Push +SpyNote RAT +TrickMo +INSOMNIA +Dvmap +Zen +AhRat +XLoader for Android +XLoader for iOS +AbstractEmu +Chameleon +Exodus +Exodus One +Exodus Two +Dendroid +Desert Scorpion +Pegasus for iOS +Tangelo +RCSAndroid +Corona Updates +Wabi Music +Concipit1248 +Skygofree +DoubleAgent +Twitoor +Fakecalls +S.O.V.A. +ANDROIDOS_ANSERVER.A +Mandrake +oxide +briar +ricinus +darkmatter +HilalRAT +DEFENSOR ID +BRATA +Ginp +eSurv +TangleBot +Monokle +Red Alert 2.0 +ViceLeaker +Triout +FlyTrap +FakeSpy +SpyDealer +Pegasus for Android +Chrysaor +FrozenCell +AndroidOS/MalLocker.B +SharkBot +RedDrop +CHEMISTGAMES +YiSpecter +BOULDSPY +Anubis +AndroRAT +FinFisher +FinSpy +Agent Smith +Asacub +Trojan-SMS.AndroidOS.Smaps +GPlayed +EventBot +HenBox +Riltok +GolfSpy +Pallas +Circles +Tiktok Pro +HummingBad +Exobot +Android/Chuli.A +Charger +Drinik +SilkBean +WolfRAT +BusyGasper +TERRACOTTA +Escobar +Triada +Golden Cup +FluBot +ViperRAT +SimBad +Android/AdDisplay.Ashas +Phenakite +TianySpy +Sunbird +Gustuff +FlexiSpy \ No newline at end of file diff --git a/includes/lookups/mitre_capec_id_v3_9.txt b/includes/lookups/mitre_capec_id_v3_9.txt index 3532dbc..7fd4f06 100644 --- a/includes/lookups/mitre_capec_id_v3_9.txt +++ b/includes/lookups/mitre_capec_id_v3_9.txt @@ -6,7 +6,6 @@ CAPEC-102 CAPEC-103 CAPEC-104 CAPEC-105 -CAPEC-106 CAPEC-107 CAPEC-108 CAPEC-109 @@ -74,7 +73,6 @@ CAPEC-168 CAPEC-169 CAPEC-17 CAPEC-170 -CAPEC-171 CAPEC-173 CAPEC-174 CAPEC-175 @@ -111,16 +109,12 @@ CAPEC-201 CAPEC-202 CAPEC-203 CAPEC-204 -CAPEC-205 CAPEC-206 CAPEC-207 CAPEC-208 CAPEC-209 CAPEC-21 -CAPEC-211 CAPEC-212 -CAPEC-213 -CAPEC-214 CAPEC-215 CAPEC-216 CAPEC-217 @@ -140,42 +134,26 @@ CAPEC-230 CAPEC-231 CAPEC-233 CAPEC-234 -CAPEC-235 -CAPEC-236 CAPEC-237 -CAPEC-238 -CAPEC-239 CAPEC-24 CAPEC-240 -CAPEC-241 CAPEC-242 CAPEC-243 CAPEC-244 CAPEC-245 -CAPEC-246 CAPEC-247 CAPEC-248 -CAPEC-249 CAPEC-25 CAPEC-250 CAPEC-251 CAPEC-252 CAPEC-253 -CAPEC-254 CAPEC-256 -CAPEC-257 -CAPEC-258 -CAPEC-259 CAPEC-26 -CAPEC-260 CAPEC-261 CAPEC-263 -CAPEC-264 -CAPEC-265 -CAPEC-266 CAPEC-267 CAPEC-268 -CAPEC-269 CAPEC-27 CAPEC-270 CAPEC-271 @@ -188,11 +166,8 @@ CAPEC-277 CAPEC-278 CAPEC-279 CAPEC-28 -CAPEC-280 CAPEC-285 CAPEC-287 -CAPEC-288 -CAPEC-289 CAPEC-29 CAPEC-290 CAPEC-291 @@ -218,12 +193,8 @@ CAPEC-308 CAPEC-309 CAPEC-31 CAPEC-310 -CAPEC-311 CAPEC-312 CAPEC-313 -CAPEC-314 -CAPEC-315 -CAPEC-316 CAPEC-317 CAPEC-318 CAPEC-319 @@ -261,7 +232,6 @@ CAPEC-392 CAPEC-393 CAPEC-394 CAPEC-395 -CAPEC-396 CAPEC-397 CAPEC-398 CAPEC-399 @@ -270,15 +240,10 @@ CAPEC-40 CAPEC-400 CAPEC-401 CAPEC-402 -CAPEC-404 -CAPEC-405 CAPEC-406 CAPEC-407 -CAPEC-408 -CAPEC-409 CAPEC-41 CAPEC-410 -CAPEC-411 CAPEC-412 CAPEC-413 CAPEC-414 @@ -286,7 +251,6 @@ CAPEC-415 CAPEC-416 CAPEC-417 CAPEC-418 -CAPEC-419 CAPEC-42 CAPEC-420 CAPEC-421 @@ -299,9 +263,6 @@ CAPEC-427 CAPEC-428 CAPEC-429 CAPEC-43 -CAPEC-430 -CAPEC-431 -CAPEC-432 CAPEC-433 CAPEC-434 CAPEC-435 @@ -317,14 +278,8 @@ CAPEC-445 CAPEC-446 CAPEC-447 CAPEC-448 -CAPEC-449 CAPEC-45 -CAPEC-450 -CAPEC-451 CAPEC-452 -CAPEC-453 -CAPEC-454 -CAPEC-455 CAPEC-456 CAPEC-457 CAPEC-458 @@ -355,7 +310,6 @@ CAPEC-48 CAPEC-480 CAPEC-481 CAPEC-482 -CAPEC-484 CAPEC-485 CAPEC-486 CAPEC-487 @@ -428,22 +382,17 @@ CAPEC-552 CAPEC-554 CAPEC-555 CAPEC-556 -CAPEC-557 CAPEC-558 CAPEC-559 -CAPEC-56 CAPEC-560 CAPEC-561 CAPEC-562 CAPEC-563 CAPEC-564 CAPEC-565 -CAPEC-566 -CAPEC-567 CAPEC-568 CAPEC-569 CAPEC-57 -CAPEC-570 CAPEC-571 CAPEC-572 CAPEC-573 @@ -479,7 +428,6 @@ CAPEC-6 CAPEC-60 CAPEC-600 CAPEC-601 -CAPEC-602 CAPEC-603 CAPEC-604 CAPEC-605 @@ -508,7 +456,6 @@ CAPEC-625 CAPEC-626 CAPEC-627 CAPEC-628 -CAPEC-629 CAPEC-63 CAPEC-630 CAPEC-631 @@ -594,7 +541,6 @@ CAPEC-79 CAPEC-8 CAPEC-80 CAPEC-81 -CAPEC-82 CAPEC-83 CAPEC-84 CAPEC-85 @@ -604,12 +550,10 @@ CAPEC-88 CAPEC-89 CAPEC-9 CAPEC-90 -CAPEC-91 CAPEC-92 CAPEC-93 CAPEC-94 CAPEC-95 CAPEC-96 CAPEC-97 -CAPEC-98 -CAPEC-99 \ No newline at end of file +CAPEC-98 \ No newline at end of file diff --git a/includes/lookups/mitre_capec_name_v3_9.txt b/includes/lookups/mitre_capec_name_v3_9.txt index f2a4f50..86791b9 100644 --- a/includes/lookups/mitre_capec_name_v3_9.txt +++ b/includes/lookups/mitre_capec_name_v3_9.txt @@ -1,4 +1,3 @@ -None The MITRE Corporation Accessing Functionality Not Properly Constrained by ACLs Buffer Overflow via Environment Variables @@ -8,7 +7,6 @@ Session Sidejacking Clickjacking Cross Zone Scripting HTTP Request Splitting -DEPRECATED: XSS through Log Files Cross Site Tracing Command Line Execution through SQL Injection Object Relational Mapping Injection @@ -76,7 +74,6 @@ Windows ::DATA Alternate Data Stream Footprinting Using Malicious Files Web Application Fingerprinting -DEPRECATED: Variable Manipulation Action Spoofing Flash Parameter Injection Code Inclusion @@ -113,16 +110,12 @@ Serialized Data External Linking Create Malicious Client Manipulate Registry Information Lifting Sensitive Data Embedded in Cache -DEPRECATED: Lifting credential(s)/key material embedded in client distributions (thick or thin) Signing Malicious Code Removing Important Client Functionality Removing/short-circuiting 'Purse' logic: removing/mutating 'cash' decrements XSS Using MIME Type Mismatch Exploitation of Trusted Identifiers -DEPRECATED: Leveraging web tools (e.g. Mozilla's GreaseMonkey, Firebug) to change application behavior Functionality Misuse -DEPRECATED: Directory Traversal -DEPRECATED: Fuzzing for garnering J2EE/.NET-based stack traces, for application mapping Fuzzing for application mapping Communication Channel Manipulation Exploiting Incorrectly Configured SSL/TLS @@ -142,42 +135,26 @@ Serialized Data with Nested Payloads Oversized Serialized Data Payloads Privilege Escalation Hijacking a privileged process -DEPRECATED: Implementing a callback to system routine (old AWT Queue) -DEPRECATED: Catching exception throw/signal from privileged block Escaping a Sandbox by Calling Code in Another Language -DEPRECATED: Using URL/codebase / G.A.C. (code source) to convince sandbox of privilege -DEPRECATED: Subversion of Authorization Checks: Cache Filtering, Programmatic Security, etc. Filter Failure through Buffer Overflow Resource Injection -DEPRECATED: Code Injection Code Injection XSS Targeting HTML Attributes XSS Targeting URI Placeholders XSS Using Doubled Characters -DEPRECATED: XSS Using Flash XSS Using Invalid Characters Command Injection -DEPRECATED: Linux Terminal Injection Forced Deadlock XML Injection Local Code Inclusion PHP Local File Inclusion Remote Code Inclusion -DEPRECATED: DTD Injection in a SOAP Message SOAP Array Overflow -DEPRECATED: Abuse of Transaction Data Structure -DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Dynamic Update -DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Patching Leveraging Race Conditions -DEPRECATED: Passively Sniffing and Capturing Application Code Bound for an Authorized Client During Initial Distribution Fuzzing for garnering other adjacent user/sensitive data Force Use of Corrupted Files -DEPRECATED: Environment Variable Manipulation -DEPRECATED: Global variable manipulation -DEPRECATED: Manipulate Canonicalization Leverage Alternate Encoding Audit Log Manipulation -DEPRECATED: Registry Manipulation Leveraging Race Conditions via Symbolic Links Modification of Registry Run Keys Schema Poisoning @@ -190,11 +167,8 @@ Data Interchange Protocol Manipulation Web Services Protocol Manipulation SOAP Manipulation Fuzzing -DEPRECATED: SOAP Parameter Tampering ICMP Echo Request Ping TCP SYN Scan -DEPRECATED: ICMP Echo Request Ping -DEPRECATED: Infrastructure-based footprinting Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions Enumerate Mail Exchange (MX) Records DNS Zone Transfers @@ -220,12 +194,8 @@ UDP Scan Network Topology Mapping Accessing/Intercepting/Modifying HTTP Cookies Scanning for Vulnerable Software -DEPRECATED: OS Fingerprinting Active OS Fingerprinting Passive OS Fingerprinting -DEPRECATED: IP Fingerprinting Probes -DEPRECATED: TCP/IP Fingerprinting Probes -DEPRECATED: ICMP Fingerprinting Probes IP ID Sequencing Probe IP 'ID' Echoed Byte-Order Probe IP (DF) 'Don't Fragment Bit' Echoing Probe @@ -263,7 +233,6 @@ Lock Bumping Lock Picking Using a Snap Gun Lock to Force a Lock Bypassing Electronic Locks and Access Controls -DEPRECATED: Bypassing Card or Badge-Based Systems Cloning Magnetic Strip Cards Magnetic Strip Card Brute Force Attacks Cloning RFID Cards or Chips @@ -272,15 +241,10 @@ Manipulating Writeable Terminal Devices RFID Chip Deactivation or Destruction Physically Hacking Hardware Bypassing ATA Password Security -DEPRECATED: Social Information Gathering Attacks -DEPRECATED: Social Information Gathering via Research Dumpster Diving Pretexting -DEPRECATED: Information Gathering from Traditional Sources -DEPRECATED: Information Gathering from Non-Traditional Sources Using Meta-characters in E-mail Headers to Inject Malicious Payloads Information Elicitation -DEPRECATED: Pretexting Pretexting via Customer Service Pretexting via Tech Support Pretexting via Delivery Person @@ -288,7 +252,6 @@ Pretexting via Phone Manipulate Human Behavior Influence Perception Influence Perception of Reciprocation -DEPRECATED: Target Influence via Perception of Concession MIME Conversion Influence Perception of Scarcity Influence Perception of Authority @@ -301,9 +264,6 @@ Influence via Psychological Principles Influence via Modes of Thinking Target Influence via Eye Cues Exploiting Multiple Input Interpretation Layers -DEPRECATED: Target Influence via Micro-Expressions -DEPRECATED: Target Influence via Neuro-Linguistic Programming (NLP) -DEPRECATED: Target Influence via Voice in NLP Target Influence via The Human Buffer Overflow Target Influence via Interview and Interrogation Target Influence via Instant Rapport @@ -319,14 +279,8 @@ Malicious Logic Insertion into Product Software via Configuration Management Man Malicious Logic Insertion into Product via Inclusion of Third-Party Component Design Alteration Embed Virus into DLL -DEPRECATED: Malware Propagation via USB Stick Buffer Overflow via Symbolic Links -DEPRECATED: Malware Propagation via USB U3 Autorun -DEPRECATED: Malware Propagation via Infected Peripheral Device Infected Hardware -DEPRECATED: Malicious Logic Insertion via Counterfeit Hardware -DEPRECATED: Modification of Existing Components with Counterfeit Hardware -DEPRECATED: Malicious Logic Insertion via Inclusion of Counterfeit Hardware Components Infected Memory USB Memory Attacks Flash Memory Attacks @@ -357,7 +311,6 @@ Passing Local Filenames to Functions That Expect a URL Escaping Virtualization Contradictory Destinations in Traffic Routing Schemes TCP Flood -DEPRECATED: XML Client-Side Attack Signature Spoofing by Key Recreation UDP Flood ICMP Flood @@ -430,22 +383,17 @@ Install Rootkit Functionality Bypass Remote Services with Stolen Credentials Replace File Extension Handlers -DEPRECATED: Schedule Software To Run Replace Trusted Executable Orbital Jamming -DEPRECATED: Removing/short-circuiting 'guard logic' Use of Known Domain Credentials Windows Admin Shares with Stolen Credentials Modify Shared File Add Malicious File to Shared Webroot Run Software at Logon Password Spraying -DEPRECATED: Dump Password Hashes -DEPRECATED: Obtain Data via Utilities Capture Credentials via Keylogger Collect Data as Provided by Users Utilizing REST's Trust in the System Resource to Obtain Sensitive Data -DEPRECATED: Signature-Based Avoidance Block Logging to Central Repository Artificially Inflate File Sizes Process Footprinting @@ -481,7 +429,6 @@ Argument Injection Reusing Session IDs (aka Session Replay) Credential Stuffing Jamming -DEPRECATED: Degradation Blockage Wi-Fi Jamming Cellular Jamming @@ -510,7 +457,6 @@ Mobile Device Fault Injection Smudge Attack Counterfeit GPS Signals Carry-Off GPS Attack -DEPRECATED: Unauthorized Use of Device Resources Cross-Site Scripting (XSS) TypoSquatting SoundSquatting @@ -596,7 +542,6 @@ Using Slashes in Alternate Encoding Buffer Overflow in an API Call Using UTF-8 Encoding to Bypass Validation Logic Web Server Logs Tampering -DEPRECATED: Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Service (XDoS)) XPath Injection XQuery Injection AJAX Footprinting @@ -606,12 +551,10 @@ OS Command Injection Pharming Buffer Overflow in Local Command-Line Utilities Reflection Attack in Authentication Protocol -DEPRECATED: XSS in IMG Tags Forced Integer Overflow Log Injection-Tampering-Forging Adversary in the Middle (AiTM) WSDL Scanning Block Access to Libraries Cryptanalysis -Phishing -DEPRECATED: XML Parser Attack \ No newline at end of file +Phishing \ No newline at end of file diff --git a/includes/lookups/mitre_cwe_id_v4_15.txt b/includes/lookups/mitre_cwe_id_v4_15.txt index 7a66967..82c7811 100644 --- a/includes/lookups/mitre_cwe_id_v4_15.txt +++ b/includes/lookups/mitre_cwe_id_v4_15.txt @@ -117,7 +117,6 @@ CWE-1174 CWE-1176 CWE-1177 CWE-118 -CWE-1187 CWE-1188 CWE-1189 CWE-119 @@ -230,12 +229,10 @@ CWE-1316 CWE-1317 CWE-1318 CWE-1319 -CWE-132 CWE-1320 CWE-1321 CWE-1322 CWE-1323 -CWE-1324 CWE-1325 CWE-1326 CWE-1327 @@ -348,9 +345,6 @@ CWE-212 CWE-213 CWE-214 CWE-215 -CWE-216 -CWE-217 -CWE-218 CWE-219 CWE-22 CWE-220 @@ -358,7 +352,6 @@ CWE-221 CWE-222 CWE-223 CWE-224 -CWE-225 CWE-226 CWE-228 CWE-229 @@ -381,9 +374,7 @@ CWE-243 CWE-244 CWE-245 CWE-246 -CWE-247 CWE-248 -CWE-249 CWE-25 CWE-250 CWE-252 @@ -425,7 +416,6 @@ CWE-289 CWE-29 CWE-290 CWE-291 -CWE-292 CWE-293 CWE-294 CWE-295 @@ -501,7 +491,6 @@ CWE-360 CWE-362 CWE-363 CWE-364 -CWE-365 CWE-366 CWE-367 CWE-368 @@ -509,7 +498,6 @@ CWE-369 CWE-37 CWE-370 CWE-372 -CWE-373 CWE-374 CWE-375 CWE-377 @@ -553,7 +541,6 @@ CWE-42 CWE-420 CWE-421 CWE-422 -CWE-423 CWE-424 CWE-425 CWE-426 @@ -572,7 +559,6 @@ CWE-439 CWE-44 CWE-440 CWE-441 -CWE-443 CWE-444 CWE-446 CWE-447 @@ -586,7 +572,6 @@ CWE-454 CWE-455 CWE-456 CWE-457 -CWE-458 CWE-459 CWE-46 CWE-460 @@ -643,7 +628,6 @@ CWE-511 CWE-512 CWE-514 CWE-515 -CWE-516 CWE-52 CWE-520 CWE-521 @@ -659,8 +643,6 @@ CWE-53 CWE-530 CWE-531 CWE-532 -CWE-533 -CWE-534 CWE-535 CWE-536 CWE-537 @@ -669,10 +651,8 @@ CWE-539 CWE-54 CWE-540 CWE-541 -CWE-542 CWE-543 CWE-544 -CWE-545 CWE-546 CWE-547 CWE-548 @@ -721,11 +701,9 @@ CWE-589 CWE-59 CWE-590 CWE-591 -CWE-592 CWE-593 CWE-594 CWE-595 -CWE-596 CWE-597 CWE-598 CWE-599 @@ -828,7 +806,6 @@ CWE-705 CWE-706 CWE-707 CWE-708 -CWE-71 CWE-710 CWE-72 CWE-73 @@ -853,7 +830,6 @@ CWE-765 CWE-766 CWE-767 CWE-768 -CWE-769 CWE-77 CWE-770 CWE-771 @@ -941,7 +917,6 @@ CWE-915 CWE-916 CWE-917 CWE-918 -CWE-92 CWE-920 CWE-921 CWE-922 diff --git a/includes/lookups/mitre_cwe_name_v4_15.txt b/includes/lookups/mitre_cwe_name_v4_15.txt index 16b1b4f..e68f9d0 100644 --- a/includes/lookups/mitre_cwe_name_v4_15.txt +++ b/includes/lookups/mitre_cwe_name_v4_15.txt @@ -117,7 +117,6 @@ ASP.NET Misconfiguration: Improper Model Validation Inefficient CPU Computation Use of Prohibited Code Incorrect Access of Indexable Resource ('Range Error') -DEPRECATED: Use of Uninitialized Resource Initialization of a Resource with an Insecure Default Improper Isolation of Shared Resources on System-on-a-Chip (SoC) Improper Restriction of Operations within the Bounds of a Memory Buffer @@ -230,12 +229,10 @@ Fabric-Address Map Allows Programming of Unwarranted Overlaps of Protected and U Improper Access Control in Fabric Bridge Missing Support for Security Features in On-chip Fabrics or Buses Improper Protection against Electromagnetic Fault Injection (EM-FI) -DEPRECATED: Miscalculated Null Termination Improper Protection for Outbound Error Messages and Alert Signals Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Use of Blocking Code in Single-threaded, Non-blocking Context Improper Management of Sensitive Trace Data -DEPRECATED: Sensitive Information Accessible by Physical Probing of JTAG Interface Improperly Controlled Sequential Memory Allocation Missing Immutable Root of Trust in Hardware Binding to an Unrestricted IP Address @@ -348,9 +345,6 @@ Improper Removal of Sensitive Information Before Storage or Transfer Exposure of Sensitive Information Due to Incompatible Policies Invocation of Process Using Visible Sensitive Information Insertion of Sensitive Information Into Debugging Code -DEPRECATED: Containment Errors (Container Errors) -DEPRECATED: Failure to Protect Stored Data from Modification -DEPRECATED: Failure to provide confidentiality for stored data Storage of File with Sensitive Data Under Web Root Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Storage of File With Sensitive Data Under FTP Root @@ -358,7 +352,6 @@ Information Loss or Omission Truncation of Security-relevant Information Omission of Security-relevant Information Obscured Security-relevant Information by Alternate Name -DEPRECATED: General Information Management Problems Sensitive Information in Resource Not Removed Before Reuse Improper Handling of Syntactically Invalid Structure Improper Handling of Values @@ -381,9 +374,7 @@ Creation of chroot Jail Without Changing Working Directory Improper Clearing of Heap Memory Before Release ('Heap Inspection') J2EE Bad Practices: Direct Management of Connections J2EE Bad Practices: Direct Use of Sockets -DEPRECATED: Reliance on DNS Lookups in a Security Decision Uncaught Exception -DEPRECATED: Often Misused: Path Manipulation Path Traversal: '/../filedir' Execution with Unnecessary Privileges Unchecked Return Value @@ -425,7 +416,6 @@ Authentication Bypass by Alternate Name Path Traversal: '\..\filename' Authentication Bypass by Spoofing Reliance on IP Address for Authentication -DEPRECATED: Trusting Self-reported DNS Name Using Referer Field for Authentication Authentication Bypass by Capture-replay Improper Certificate Validation @@ -501,7 +491,6 @@ Trust of System Event Data Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Race Condition Enabling Link Following Signal Handler Race Condition -DEPRECATED: Race Condition in Switch Race Condition within a Thread Time-of-check Time-of-use (TOCTOU) Race Condition Context Switching Race Condition @@ -509,7 +498,6 @@ Divide By Zero Path Traversal: '/absolute/pathname/here' Missing Check for Certificate Revocation after Initial Check Incomplete Internal State Distinction -DEPRECATED: State Synchronization Error Passing Mutable Objects to an Untrusted Method Returning a Mutable Object to an Untrusted Caller Insecure Temporary File @@ -553,7 +541,6 @@ Path Equivalence: 'filename.' (Trailing Dot) Unprotected Alternate Channel Race Condition During Access to Alternate Channel Unprotected Windows Messaging Channel ('Shatter') -DEPRECATED: Proxied Trusted Channel Improper Protection of Alternate Path Direct Request ('Forced Browsing') Untrusted Search Path @@ -572,7 +559,6 @@ Behavioral Change in New Version or Environment Path Equivalence: 'file.name' (Internal Dot) Expected Behavior Violation Unintended Proxy or Intermediary ('Confused Deputy') -DEPRECATED: HTTP response splitting Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') UI Discrepancy for Security Feature Unimplemented or Unsupported Feature in UI @@ -586,7 +572,6 @@ External Initialization of Trusted Variables or Data Stores Non-exit on Failed Initialization Missing Initialization of a Variable Use of Uninitialized Variable -DEPRECATED: Incorrect Initialization Incomplete Cleanup Path Equivalence: 'filename ' (Trailing Space) Improper Cleanup on Thrown Exception @@ -643,7 +628,6 @@ Logic/Time Bomb Spyware Covert Channel Covert Storage Channel -DEPRECATED: Covert Timing Channel Path Equivalence: '/multiple/trailing/slash//' .NET Misconfiguration: Use of Impersonation Weak Password Requirements @@ -659,8 +643,6 @@ Path Equivalence: '\multiple\\internal\backslash' Exposure of Backup File to an Unauthorized Control Sphere Inclusion of Sensitive Information in Test Code Insertion of Sensitive Information into Log File -DEPRECATED: Information Exposure Through Server Log Files -DEPRECATED: Information Exposure Through Debug Log Files Exposure of Information Through Shell Error Message Servlet Runtime Error Message Containing Sensitive Information Java Runtime Error Message Containing Sensitive Information @@ -669,10 +651,8 @@ Use of Persistent Cookies Containing Sensitive Information Path Equivalence: 'filedir\' (Trailing Backslash) Inclusion of Sensitive Information in Source Code Inclusion of Sensitive Information in an Include File -DEPRECATED: Information Exposure Through Cleanup Log Files Use of Singleton Pattern Without Synchronization in a Multithreaded Context Missing Standardized Error Handling Mechanism -DEPRECATED: Use of Dynamic Class Loading Suspicious Comment Use of Hard-coded, Security-relevant Constants Exposure of Information Through Directory Listing @@ -721,11 +701,9 @@ Call to Non-ubiquitous API Improper Link Resolution Before File Access ('Link Following') Free of Memory not on the Heap Sensitive Data Storage in Improperly Locked Memory -DEPRECATED: Authentication Bypass Issues Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created J2EE Framework: Saving Unserializable Objects to Disk Comparison of Object References Instead of Object Contents -DEPRECATED: Incorrect Semantic Object Comparison Use of Wrong Operator in String Comparison Use of GET Request Method With Sensitive Query Strings Missing Validation of OpenSSL Certificate @@ -828,7 +806,6 @@ Incorrect Control Flow Scoping Use of Incorrectly-Resolved Name or Reference Improper Neutralization Incorrect Ownership Assignment -DEPRECATED: Apple '.DS_Store' Improper Adherence to Coding Standards Improper Handling of Apple HFS+ Alternate Data Stream Path External Control of File Name or Path @@ -853,7 +830,6 @@ Multiple Unlocks of a Critical Resource Critical Data Element Declared Public Access to Critical Private Variable via Public Method Incorrect Short Circuit Evaluation -DEPRECATED: Uncontrolled File Descriptor Consumption Improper Neutralization of Special Elements used in a Command ('Command Injection') Allocation of Resources Without Limits or Throttling Missing Reference to Active Allocated Resource @@ -941,7 +917,6 @@ Improperly Controlled Modification of Dynamically-Determined Object Attributes Use of Password Hash With Insufficient Computational Effort Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') Server-Side Request Forgery (SSRF) -DEPRECATED: Improper Sanitization of Custom Special Characters Improper Restriction of Power Consumption Storage of Sensitive Data in a Mechanism without Access Control Insecure Storage of Sensitive Information