LOOBin base class
| Name | Type | |
|---|---|---|
| name | String | |
| author | String | |
| short_description | String | |
| full_description | String | |
| created | String | |
| example_use_cases | Array | |
| paths | Array | |
| detections | Array | |
| resources | Array | |
| acknowledgements | Array | |
| Title | Name | |
|---|---|---|
| Description | Name of the LOOBin | |
| Type | String | |
| Required | Yes | |
| Title | Author | |
|---|---|---|
| Description | Author of the LOOBin | |
| Type | String | |
| Required | Yes | |
| Title | Short Description | |
|---|---|---|
| Description | A short description of the LOOBin.This will display in the LOOBin card list and the LOOBins website search results. | |
| Type | String | |
| Required | Yes | |
| Title | Full Description | |
|---|---|---|
| Description | A full description of the LOOBin.This will display on the LOOBin's single page. | |
| Type | String | |
| Required | Yes | |
| Title | Created | |
|---|---|---|
| Description | Date the LOOBin was created | |
| Type | String | |
| Required | Yes | |
| Format | date | |
| Title | Example Use Cases | |
|---|---|---|
| Description | A list of example use cases for the LOOBin | |
| Type | Array | |
| Required | Yes | |
| Title | Name | |
|---|---|---|
| Type | String | |
| Title | Description | |
|---|---|---|
| Type | String | |
| Title | Code | |
|---|---|---|
| Type | String | |
| Title | Tactics | |
|---|---|---|
| Type | Array | |
| Title | Tags | |
|---|---|---|
| Type | Array | |
| Title | Paths | |
|---|---|---|
| Description | A list of paths to the LOOBin | |
| Type | Array | |
| Required | Yes | |
| Title | Detections | |
|---|---|---|
| Description | A list of detections for the LOOBin | |
| Type | Array | |
| Required | Yes | |
| Title | Name | |
|---|---|---|
| Type | String | |
| Title | Url | |
|---|---|---|
| Type | String | |
| Title | Resource | |
|---|---|---|
| Description | A list of useful resources for the LOOBin | |
| Type | Array | |
| Required | No | |
| Title | Name | |
|---|---|---|
| Type | String | |
| Title | Url | |
|---|---|---|
| Type | String | |
| Title | Acknowledgements | |
|---|---|---|
| Description | Acknowledgements for the LOOBin | |
| Type | Array | |
| Required | No | |
{
"title": "LOOBin",
"description": "LOOBin base class",
"type": "object",
"properties": {
"name": {
"title": "Name",
"description": "Name of the LOOBin",
"type": "string"
},
"author": {
"title": "Author",
"description": "Author of the LOOBin",
"type": "string"
},
"short_description": {
"title": "Short Description",
"description": "A short description of the LOOBin.This will display in the LOOBin card list and the LOOBins website search results.",
"type": "string"
},
"full_description": {
"title": "Full Description",
"description": "A full description of the LOOBin.This will display on the LOOBin's single page.",
"type": "string"
},
"created": {
"title": "Created",
"description": "Date the LOOBin was created",
"type": "string",
"format": "date"
},
"example_use_cases": {
"title": "Example Use Cases",
"description": "A list of example use cases for the LOOBin",
"type": "array",
"items": {
"$ref": "#/definitions/ExampleUseCase"
}
},
"paths": {
"title": "Paths",
"description": "A list of paths to the LOOBin",
"type": "array",
"items": {
"type": "string"
}
},
"detections": {
"title": "Detections",
"description": "A list of detections for the LOOBin",
"type": "array",
"items": {
"$ref": "#/definitions/Detection"
}
},
"resources": {
"title": "Resource",
"description": "A list of useful resources for the LOOBin",
"type": "array",
"items": {
"$ref": "#/definitions/Resource"
}
},
"acknowledgements": {
"title": "Acknowledgements",
"description": "Acknowledgements for the LOOBin",
"type": "array",
"items": {
"type": "string"
}
}
},
"required": [
"name",
"author",
"short_description",
"full_description",
"created",
"example_use_cases",
"paths",
"detections"
],
"definitions": {
"ExampleUseCase": {
"title": "ExampleUseCase",
"description": "Use case base class",
"type": "object",
"properties": {
"name": {
"title": "Name",
"type": "string"
},
"description": {
"title": "Description",
"type": "string"
},
"code": {
"title": "Code",
"type": "string"
},
"tactics": {
"title": "Tactics",
"type": "array",
"items": {
"enum": [
"Reconnaissance",
"Resource Development",
"Initial Access",
"Execution",
"Persistence",
"Privilege Escalation",
"Defense Evasion",
"Credential Access",
"Discovery",
"Lateral Movement",
"Collection",
"Exfiltration",
"Command and Control",
"Impact"
],
"type": "string"
}
},
"tags": {
"title": "Tags",
"type": "array",
"items": {
"type": "string"
}
}
},
"required": [
"name",
"description"
]
},
"Detection": {
"title": "Detection",
"description": "Detection base class",
"type": "object",
"properties": {
"name": {
"title": "Name",
"type": "string"
},
"url": {
"title": "Url",
"type": "string"
}
},
"required": [
"name",
"url"
]
},
"Resource": {
"title": "Resource",
"description": "External reference base class",
"type": "object",
"properties": {
"name": {
"title": "Name",
"type": "string"
},
"url": {
"title": "Url",
"type": "string"
}
},
"required": [
"name",
"url"
]
}
}
}name: Template
author: Enter your name or alias here.
short_description: A short description of the binary goes here.
full_description: A full length description of the binary goes here.
created: 2023-04-14
example_use_cases:
- name: An Example Use Case
description: A description of the use case goes here.
code: A code snippet goes here.
tactics:
- Discovery
tags:
- example_tag
- another_tag
- name: Another Example Use Case
description: A description of the use case goes here.
code: A code snippet goes here.
tactics:
- Collection
tags:
- another_tag
paths:
- /enter/binary/path/here
detections:
- name: A detection source (e.g. Sigma)
url: https://urltodetection.here
resources:
- name: Name of resources.
url: https://urlofexternalreference.here
acknowledgements:
- Enter any acknowledgements here.