security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions 45 Packages Projects Releases Wiki Activity

Merge PR #5250 from @nasbench - Archive new rule references and update cache file

Browse Source 
Co-authored-by: nasbench <nasbench@users.noreply.github.com>
This commit is contained in:
github-actions[bot]
2025-04-17 00:41:06 +02:00
committed by GitHub
parent 1f1cac10eb
commit 36394d43a0
2 changed files with 474 additions and 465 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/rule-references.txt
+18
View File
@@ -4011,3 +4011,21 @@ https://www.virustotal.com/gui/file/6f0f20da34396166df352bf301b3c59ef42b0bc67f52
https://learn.microsoft.com/en-us/dotnet/framework/tools/installutil-exe-installer-tool
https://research.nccgroup.com/2022/07/13/climbing-mount-everest-black-byte-bytes-back/
https://web.archive.org/web/20230329153811/https://blog.menasec.net/2019/02/threat-huting-10-impacketsecretdump.html
https://twitter.com/DTCERT/status/1712785421845790799
https://objective-see.org/blog/blog_0x1E.html
https://learn.microsoft.com/en-us/virtualization/hyper-v-on-windows/quick-start/enable-hyper-v
https://twitter.com/NathanMcNulty/status/1785051227568632263
https://learn.microsoft.com/en-us/defender-cloud-apps/policy-template-reference
https://developer.broadcom.com/xapis/esxcli-command-reference/7.0.0/namespace/esxcli_vsan.html
https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunctionUrlConfig.html
https://www.ultimatewindowssecurity.com/wiki/page.aspx?spid=NSrpcservers
https://research.splunk.com/endpoint/07921114-6db4-4e2e-ae58-3ea8a52ae93f/
https://gist.github.com/mgeeky/3b11169ab77a7de354f4111aa2f0df38
https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/rundll32
https://www.qemu.org/docs/master/system/invocation.html#hxtool-5
https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-rrp/0fa3191d-bb79-490a-81bd-54c2601b7a78
https://trustedsec.com/blog/specula-turning-outlook-into-a-c2-with-one-registry-change
https://strontic.github.io/xcyclopedia/library/aclui.dll-F883E9CA757B622B032FDCA5BF33D0DF.html
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-10/security/threat-protection/auditing/event-4706
https://devco.re/blog/2024/08/23/streaming-vulnerabilities-from-windows-kernel-proxying-to-kernel-part1-en/
https://web.archive.org/web/20220519091349/https://fatrodzianko.com/2020/02/15/dll-side-loading-appverif-exe/