colander_data_converter.base.types.threat
- class colander_data_converter.base.types.threat.ThreatType[source]
Bases:
CommonEntityTypeThreatType represents metadata for threats in Colander. Check the list of supported types.
Example
>>> threat_type = ThreatTypes.TROJAN.value >>> print(threat_type.name) Trojan
- Fields:
- Validators:
is_supported_type»short_name
- class colander_data_converter.base.types.threat.ThreatTypes(*values)[source]
Bases:
EnumThreatTypes provides access to all supported threat types.
This class loads threat type definitions from the threat types JSON file and exposes them as an enum. It also provides a method to look up a threat type by its short name.
Example
>>> threat_type = ThreatTypes.TROJAN.value >>> print(threat_type.name) Trojan >>> default_type = ThreatTypes.by_short_name("nonexistent") >>> print(default_type.name) Generic
- ADWARE = ADWARE
Adware - Software that automatically displays or downloads advertising material, often unwanted.
- APT = APT
APT - Advanced Persistent Threat; a prolonged and targeted cyberattack by a well-resourced adversary.
- BACKDOOR = BACKDOOR
Backdoor - Malware that allows unauthorized remote access to a compromised system.
- BOTNET = BOTNET
Botnet - A network of compromised computers controlled by an attacker to perform coordinated tasks.
- BROWSER_HIJACKER = BROWSER_HIJACKER
Browser Hijacker - Malware that alters browser settings, redirects traffic, or injects unwanted ads.
- CRYPTOJACKING = CRYPTOJACKING
Cryptojacking - Unauthorized use of a device to mine cryptocurrency.
- CYBERCRIME = CYBERCRIME
Cybercrime - Criminal activities carried out using computers or the internet, including fraud, theft, and unauthorized access.
- CYBER_ATTACK = CYBER_ATTACK
Cyber Attack - An attempt by hackers to damage, disrupt, or gain unauthorized access to computer systems, networks, or devices.
- DOXXING = DOXXING
Doxxing - The act of publicly revealing private or identifying information about an individual without their consent.
- DROPPER = DROPPER
Dropper - A type of malware designed to deliver and install other malicious software.
- EXPLOIT_KIT = EXPLOIT_KIT
Exploit Kit - A toolkit used to exploit vulnerabilities in software to deliver malware.
- GENERIC = GENERIC
Generic - A general or unspecified threat type that does not fit other categories.
- HARASSMENT = HARASSMENT
Harassment - Unwanted behavior intended to intimidate, threaten, or disturb an individual, often through digital means.
- INFO_STEALER = INFO_STEALER
Information Stealer - Malware designed to steal sensitive information such as credentials or financial data.
- LOADER = LOADER
Loader - Malware that loads and executes other malicious payloads on a system.
- MALVERTISING = MALVERTISING
Malvertising - The use of online advertising to spread malware.
- MALWARE = MALWARE
Malware - A general term for any software intentionally designed to cause damage or unauthorized actions.
- MOBILE_MALWARE = MOBILE_MALWARE
Mobile Malware - A malware specifically targeting mobile devices to steal data or perform malicious actions.
- PHISHING = PHISHING
Phishing - A technique to trick users into revealing sensitive information, often via fake emails or websites.
- PHYSICAL_ATTACK = PHYSICAL_ATTACK
Physical Attack - A threat involving physical actions intended to harm or compromise assets, infrastructure, or individuals.
- RANSOMWARE = RANSOMWARE
Ransomware - Malware that encrypts data and demands payment for decryption.
- RAT = RAT
Remote Access Trojan (RAT) - Malware that provides remote control over an infected system.
- ROOTKIT = ROOTKIT
Rootkit - Malware designed to hide its presence and provide privileged access to a system.
- SPAM = SPAM
Spam - Unsolicited or bulk messages, often used to deliver malware or phishing attempts.
- SPYWARE = SPYWARE
Spyware - Malware that secretly gathers user information without consent.
- STALKERWARE = STALKERWARE
Stalkerware - Software used to secretly monitor and track user activity, often for surveillance.
- TROJAN = TROJAN
Trojan - Malware disguised as legitimate software to trick users into installing it.
- default = GENERIC