car
car copied to clipboard
Cyber Analytics Repository
Bumps [tzinfo](https://github.com/tzinfo/tzinfo) from 1.2.5 to 1.2.10. Release notes Sourced from tzinfo's releases. v1.2.10 Fixed a relative path traversal bug that could cause arbitrary files to be loaded with require when...
Update to merge CAR-2021-01-003.yaml in CAR-2016-04-002.yaml. New attack and detection added I tried to have operational yaml file, but seems there is an error I cannot find/fix (with http://www.yamllint.com/)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.13.3 to 1.13.6. Release notes Sourced from nokogiri's releases. 1.13.6 / 2022-05-08 Security [CRuby] Address CVE-2022-29181, improper handling of unexpected data types, related to untrusted inputs to...
We're missing the markdown for the HTTP data model object (the current URL yields a 404).
title: Detect Access Token Manipulation Token Impersonation and Theft submission_date: 2022/04/28 information_domain: Analytic platforms: - Windows subtypes: - Access token analytic_types: - TTP contributors: - Michaela Adams id: CAR-2022-04-001 description:...
Right now it's tricky to understand the full set of fields available in a YAML CAR analytic, so we should create and maintain a template that describes this.
We should create a new top-level page for car.mitre.org that better describes BZAR.
We should map our analytics to existing open datasets (e.g., Splunk BOTS) so that we can give users an easy way to find example data of true positives.
We should add a search feature to the website to make it easier to find specific analytics etc.
Right now our ATT&CK Coverage is purely based on how well an analytic covers an entire Tactic/Technique pair. This is useful to get a general sense of how applicable an...