Add contact-list MISP object for forensic mobile extraction use-cases

[adulau]

Motivation

• Provide a standardized MISP object to capture contact lists and individual contact records produced by forensic/mobile extraction tools (e.g. Cellebrite, MSAB XRY, Magnet AXIOM) to close issue New Object: Contact list #212.
• Capture both per-contact attributes and extraction provenance so analysts can ingest, correlate and attribute contact-list evidence from device, SIM or cloud extractions.

Description

• Added a new object template at objects/contact-list/definition.json that models contact fields (full-name, first-name, last-name, phone-number, e-mail, organisation, handle, address, note, raw-base64) and extraction context (extraction-tool, extraction-type, source-device, source-platform, extracted-at, extraction-reference, contact-count).
• Included requiredOneOf (full-name, phone-number, e-mail, contact-id) to keep ingestion flexible for partial exports and set version to 1 with a generated uuid.
• Added sensible sane_default values for extraction-tool including Cellebrite UFED, Cellebrite Physical Analyzer, MSAB XRY, Magnet AXIOM, Oxygen Forensic Detective, Belkasoft X, and Elcomsoft iOS Forensic Toolkit to explicitly cover Cellebrite and similar workflows.
• Registered the new object in the project index by updating README.md so it appears in the documented object catalog.

Testing

• Ran ./jq_all_the_things.sh, which completed formatting but logged missing environment helper (uuidparse) warnings; the script processed files.
• Executed python unique_uuid.py and it reported no duplicate UUIDs in the tree (success).
• Executed ./validate_all.sh, which failed in this environment due to missing tooling (uuidparse, jsonschema) and the repository cleanliness guard, so full schema validation could not be completed here (failure).
• Attempted jsonschema -i objects/contact-list/definition.json schema_objects.json but the jsonschema binary was not available in the environment (not run).

---

Codex Task