security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions 45 Packages Projects Releases Wiki Activity

Merge PR #5667 from @nasbench - chore: archive new rule references and update cache file

Browse Source 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
This commit is contained in:
github-actions[bot]
2025-10-01 10:01:54 +02:00
committed by GitHub
parent 1cdf898681
commit 019971e1c9
2 changed files with 484 additions and 454 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/rule-references.txt
+17
View File
@@ -4164,3 +4164,20 @@ https://symantec-enterprise-blogs.security.com/threat-intelligence/harvester-new
https://www.sans.org/blog/defending-against-scattered-spider-and-the-com-with-cybercrime-intelligence/
https://www.spamhaus.org/reputation-statistics/cctlds/domains/
https://web.archive.org/web/20230329170326/https://blog.menasec.net/2019/02/threat-hunting-21-procdump-or-taskmgr.html
https://www.atomicredteam.io/atomic-red-team/atomics/T1562.002#atomic-test-8---modify-event-log-channel-access-permissions-via-registry---powershell
https://tria.ge/240225-jlylpafb24/behavioral1/analog?main_event=Registry&op=SetValueKeyInt
https://github.com/vari-sh/RedTeamGrimoire/tree/b5e7635d34db6e1f0398d8847e8f293186e947c5/HollowReaper
https://github.com/sadshade/veeam-creds/blob/6010eaf31ba41011b58d6af3950cffbf6f5cea32/Veeam-Get-Creds.ps1
https://learn.microsoft.com/en-us/windows/win32/msi/event-logging
https://www.trustedsec.com/blog/critical-vulnerability-in-progress-moveit-transfer-technical-analysis-and-recommendations/
https://www.virustotal.com/gui/file/c1f27d9795a2eba630db8a043580a0761798f06370fb1317067805f8a845b00c
https://www.trendmicro.com/en_us/research/25/c/socgholishs-intrusion-techniques-facilitate-distribution-of-rans.html
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-10/security/threat-protection/auditing/event-4794
https://projectdiscovery.io/blog/crushftp-authentication-bypass
https://thecyberexpress.com/ukraine-hit-by-meshagent-malware-campaign/
https://unit42.paloaltonetworks.com/preventing-clickfix-attack-vector/
https://www.huntress.com/blog/attacking-mssql-servers
https://learn.microsoft.com/en-us/entra/id-protection/concept-identity-protection-risks#malware-linked-ip-address-deprecated
https://decoded.avast.io/janvojtesek/raspberry-robins-roshtyak-a-little-lesson-in-trickery/
https://www.giac.org/paper/gcih/266/review-ftp-protocol-cyber-defense-initiative/102802
https://web.archive.org/web/20231230220738/https://www.lunasec.io/docs/blog/log4j-zero-day/