security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,994 Commits 1 Branch 57 Tags
01dc930c173e329c191245b76f05de5fa4b5da21
Commit Graph

552 Commits

Author SHA1 Message Date
frack113 01dc930c17 Change status for old rules 2021-11-27 11:33:14 +01:00
frack113 efa099aec7 Merge pull request #2321 from austinsonger/Azure-Subscription-Permission-Elevation 
Azure subscription permission elevation
 2021-11-27 07:47:54 +01:00
frack113 7a5bf359a1 Merge pull request #2320 from austinsonger/azure_unusual_authentication_interruption.yml 
azure_unusual_authentication_interruption.yml
 2021-11-27 07:47:40 +01:00
Austin Songer 98084e857c Update azure_subscription_permissions_elevation_via_auditlogs.yml 2021-11-26 13:42:48 -06:00
Austin Songer 7e0634e43c Update azure_subscription_permissions_elevation_via_activitylogs.yml 2021-11-26 13:42:39 -06:00
Austin Songer 92f3705bd9 Update and rename activitylogs_azure_subscription_permissions_elevation.yml to azure_subscription_permissions_elevation_via_activitylogs.yml 2021-11-26 12:08:43 -06:00
Austin Songer 5508462029 Rename auditlogs_azure_subscription_permissions_elevation.yml to azure_subscription_permissions_elevation_via_auditlogs.yml 2021-11-26 12:08:13 -06:00
Austin Songer 8e78578892 Update activitylogs_azure_subscription_permissions_elevation.yml 2021-11-26 12:07:21 -06:00
Austin Songer 05c6e3dd12 Update azure_unusual_authentication_interruption.yml 2021-11-26 12:05:36 -06:00
Austin Songer d78bbb9333 Update activitylogs_azure_subscription_permissions_elevation.yml 2021-11-26 11:42:32 -06:00
Austin Songer 0a18b42445 Update azure_unusual_authentication_interruption.yml 2021-11-26 11:41:33 -06:00
Austin Songer 5e42b73a92 activitylogs_azure_subscription_permissions_elevation.yml 2021-11-26 11:33:37 -06:00
Austin Songer 26ae440bd0 auditlogs_azure_subscription_permissions_elevation.yml 2021-11-26 11:32:57 -06:00
Austin Songer b260f25cc0 Create azure_unusual_authentication_interruption.yml 2021-11-26 11:07:53 -06:00
Austin Songer 2f42753b6c Update gcp_kubernetes_admission_controller.yml 2021-11-26 10:35:04 -06:00
Austin Songer d6f1edf5ab Update azure_kubernetes_admission_controller.yml 2021-11-26 10:34:50 -06:00
Austin Songer caf14e3fa0 Update azure_kubernetes_admission_controller.yml 2021-11-26 10:32:23 -06:00
Austin Songer 2c271f5be8 Update gcp_kubernetes_admission_controller.yml 2021-11-26 10:32:11 -06:00
Austin Songer 64179e3512 Update azure_kubernetes_admission_controller.yml 2021-11-26 10:31:36 -06:00
Austin Songer 60743f75da Update gcp_kubernetes_admission_controller.yml 2021-11-26 10:31:33 -06:00
frack113 06d0fd02cc Merge pull request #2310 from austinsonger/kubernetes_cronjobs 
Updating azure_kubernetes_cronjob.yml
 2021-11-26 06:51:48 +01:00
frack113 a507848834 Update azure_kubernetes_cronjob.yml 2021-11-25 10:21:39 +01:00
frack113 34626e41de Update gcp_kubernetes_admission_controller.yml 2021-11-25 09:11:09 +01:00
Austin Songer 0873483e25 Update gcp_kubernetes_admission_controller.yml 2021-11-25 00:14:52 -06:00
Austin Songer a4969fe5d8 Update azure_kubernetes_admission_controller.yml 2021-11-25 00:12:55 -06:00
Austin Songer 55190e32ca Update azure_kubernetes_cronjob.yml 2021-11-25 00:11:07 -06:00
Austin Songer 9a5f3b415e Update gcp_kubernetes_admission_controller.yml 2021-11-25 00:06:36 -06:00
Austin Songer f54b618cd4 Update gcp_kubernetes_admission_controller.yml 2021-11-25 00:05:54 -06:00
Austin Songer fd5ad4b940 Update azure_kubernetes_admission_controller.yml 2021-11-25 00:05:43 -06:00
Austin Songer 2d58a3c8f9 Update azure_kubernetes_admission_controller.yml 2021-11-25 00:00:28 -06:00
Austin Songer 47fb21fae6 Create azure_kubernetes_admission_controller.yml 2021-11-24 23:58:33 -06:00
Austin Songer 8d50ab9e5f Create gcp_kubernetes_admission_controller.yml 2021-11-24 23:53:57 -06:00
Austin Songer 70d1e6d0f3 Update azure_kubernetes_cronjob.yml 2021-11-22 22:45:35 -06:00
Austin Songer 253ec56d1c Create azure_kubernetes_cronjob.yml 2021-11-22 22:40:06 -06:00
Austin Songer 5c118eef46 Create gcp_kubernetes_cronjob.yml 2021-11-22 22:39:39 -06:00
frack113 c7a2fe0ca4 Add onelogin product 2021-11-14 10:59:08 +01:00
frack113 6e4944e475 Add okta product 2021-11-14 10:58:26 +01:00
frack113 b4e7c350ee Add gworkspace product 2021-11-14 10:56:17 +01:00
frack113 7dfd6b1417 Add gcp product 2021-11-14 10:54:14 +01:00
frack113 1c99a93cd8 Add azure product 2021-11-14 10:50:16 +01:00
frack113 b293372913 Add product aws 2021-11-14 09:56:59 +01:00
frack113 3430943746 standardization 2021-11-09 07:27:25 +01:00
Stefan Grimminck 47502e6701 add MITRE technique mapping 2021-10-20 14:29:57 +02:00
frack113 cb98a63453 Merge pull request #2150 from austinsonger/gcp-cloudsql 
gcp_sql_database_modified_or_deleted.yml
 2021-10-16 06:24:46 +01:00
austinsonger 7fc1c50901 gcp_sql_database_modified_or_deleted.yml 2021-10-15 18:53:45 -05:00
frack113 2930c1624c Merge pull request #2142 from austinsonger/aws 
Aws
 2021-10-15 08:17:24 +01:00
Austin Songer 7ad0887704 Update passed_role_to_glue_development_endpoint.yml 2021-10-14 12:10:48 -05:00
Austin Songer 70b55f2c2d Update aws_lambda_function_created_or_invoked.yml 2021-10-14 12:10:29 -05:00
frack113 87f2326402 Merge pull request #2133 from hieuttmmo/master 
Sigma Rules for Privileged Accounts Activities Monitoring in Azure
 2021-10-14 16:53:53 +01:00
Austin Songer 40879252a8 Update aws_lambda_function_created_or_invoked.yml 2021-10-13 16:25:28 -05:00