security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions 45 Packages Projects Releases Wiki Activity
16,792 Commits 1 Branch 57 Tags
master
Commit Graph

5 Commits

Author SHA1 Message Date
Swachchhanda Shrawan Poudel fcb2aead3a Merge PR #5941 from @swachchhanda000 - Add RedSun Execution Indicators 
new: RedSun - Named Pipe Created
new: RedSun - TieringEngineService.exe Staged in RS-Prefixed Temp Dir
new: RedSun - Conhost.exe Spawned by TieringEngineService.exe
new: RedSun - TieringEngineService.exe Detected as EICAR Test File

---------

Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
 2026-04-28 03:22:30 +02:00
Swachchhanda Shrawan Poudel 3305d11c89 Merge PR #5942 from @swachchhanda000 - Add Potential CVE-2026-33829 Exploitation - Windows Snipping Tool Remote File Path URI 
new: Potential CVE-2026-33829 Exploitation - Windows Snipping Tool Remote File Path URI

---------

Co-authored-by: Nasreddine Bencherchali <monsteroffire2@gmail.com>
 2026-04-28 00:58:55 +02:00
Swachchhanda Shrawan Poudel 56a58e1ee6 Merge PR #5772 from @swachchhanda000 - Add Shai-Hulud: The Second Coming Rules 
update: Shai-Hulud Malicious GitHub Workflow Creation - Add new entries to the list to increase coverage
new: Shai-Hulud Malware Indicators - Linux
new: Shai-Hulud Malicious Bun Execution - Linux
new: Shai-Hulud 2.0 Malicious NPM Package Installation - Linux
new: Shai-Hulud Malware Indicators - Windows
new: Shai-Hulud Malicious Bun Execution
new: Shai-Hulud 2.0 Malicious NPM Package Installation
new: Script Interpreter Spawning Credential Scanner - Linux
new: Script Interpreter Spawning Credential Scanner - Windows

---------

Co-authored-by: Nasreddine Bencherchali <monsteroffire2@gmail.com>
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
Co-authored-by: frack113 <62423083+frack113@users.noreply.github.com>
 2026-03-29 14:58:59 +02:00
Swachchhanda Shrawan Poudel 13aae8c1ea Merge PR #5795 from @swachchhanda000 - Add new rules for CVE-2025-55182 / React2Shell 
new: Windows Suspicious Child Process From Node.js - React2Shell
new: Linux Suspicious Child Process From Node.js - React2Shell

---------

Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
 2025-12-10 03:13:14 +01:00
YxinMiracle 238e6f070f Merge PR #5707 from @YxinMiracle - Add Grixba Malware Reconnaissance Activity 
new: Grixba Malware Reconnaissance Activity
---------

Co-authored-by: Swachchhanda Shrawan Poudel <87493836+swachchhanda000@users.noreply.github.com>
Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com>
 2025-11-27 22:36:53 +01:00