security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions 45 Packages Projects Releases Wiki Activity

Merge PR #5217 from @nasbench - Archive new rule references and update cache file

Browse Source 
Co-authored-by: nasbench <nasbench@users.noreply.github.com>
This commit is contained in:
github-actions[bot]
2025-03-05 00:23:03 +01:00
committed by GitHub
parent f4d86e8f37
commit 2b421e3fd7
2 changed files with 494 additions and 481 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/rule-references.txt
+17
View File
@@ -3976,3 +3976,20 @@ https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-serve
https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/replace
https://my.f5.com/manage/s/article/K589
https://tria.ge/220422-1nnmyagdf2/
https://learn.microsoft.com/en-us/entra/architecture/security-operations-applications#application-authentication-flows
https://learn.microsoft.com/en-us/entra/id-governance/privileged-identity-management/pim-how-to-configure-security-alerts#administrators-arent-using-their-privileged-roles
https://thedfirreport.com/2024/09/30/nitrogen-campaign-drops-sliver-and-ends-with-blackcat-ransomware/
https://www.agnosticdev.com/content/how-diagnose-app-transport-security-issues-using-nscurl-and-openssl
https://docs.github.com/en/enterprise-cloud@latest/admin/monitoring-activity-in-your-enterprise/reviewing-audit-logs-for-your-enterprise/audit-log-events-for-your-enterprise#private_repository_forking
https://twitter.com/1ZRR4H/status/1537501582727778304
https://trustedsec.com/blog/oops-i-udld-it-again
https://tria.ge/240123-rapteaahhr/behavioral1
https://learn.microsoft.com/en-us/azure/dns/dns-zones-records
https://www.binarydefense.com/resources/blog/icedid-gziploader-analysis/
https://microsoft.github.io/Threat-Matrix-for-Kubernetes/techniques/container%20service%20account/
https://learn.microsoft.com/en-us/entra/architecture/security-operations-infrastructure#conditional-access
https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html
https://www.gradenegger.eu/en/details-of-the-event-with-id-53-of-the-source-microsoft-windows-certificationauthority/
https://learn.microsoft.com/en-us/entra/id-protection/concept-identity-protection-risks#anonymous-ip-address
https://github.com/GhostPack/SharpDPAPI
https://web.archive.org/web/20230329155141/https://blog.menasec.net/2019/03/threat-hunting-26-remote-windows.html