This repository has been archived by the owner on Jun 17, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 17
Tags
wes edited this page Apr 23, 2018
·
2 revisions
CIF uses tags to describe observables, an single observable can have one tag or many tags. These tags are defined on ingest to CIF. Tags are not predefined by the CIF, a new tag can be created at any time by inserting a new observable with a newly created tag.
Default tags shipped with CIF:
- botnet
- exploit
- hijacked
- malware
- phishing
- scanner
- search
- suspicious
- bruteforce
- whitelist
You can see an example on how to search by tags with this command:
$ cif --tags malware -f csv
amber,everyone,2015-03-20T05:04:16Z,withfx.com,,,60.764,malware,,malc0de.com,
...