security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,994 Commits 1 Branch 57 Tags
01dc930c173e329c191245b76f05de5fa4b5da21
Commit Graph

124 Commits

Author SHA1 Message Date
frack113 c49b0d49fa Add deprecated status 2021-10-28 20:08:27 +02:00
frack113 c0a3f7afdd Remove my print debug 2021-10-26 12:25:26 +02:00
frack113 ba4bb061c7 Fix test_duplicate_detections for logsource 2021-10-26 12:22:18 +02:00
frack113 162d869e2b Add cve tags 2021-10-25 18:14:03 +02:00
phantinuss 55f942b526 fix: change error message 2021-10-14 08:53:50 +02:00
phantinuss 9ddabe18ed feat: testing for space in field names 2021-10-13 14:21:23 +02:00
frack113 759a715198 Add logsource to duplicate logic test 2021-10-04 20:34:45 +02:00
frack113 bcf40fa4e4 Fix logsource not a string 2021-09-27 18:59:05 +02:00
frack113 c59b0eb543 Merge pull request #2063 from frack113/last_global 
Split Last Global Rules
 2021-09-23 13:54:57 +02:00
frack113 595e4b9d6d add duplicate name file check 2021-09-23 06:50:18 +02:00
frack113 5989127035 optimization of name detection 2021-09-22 19:02:44 +02:00
frack113 edb19013d5 fix test_file_names 2021-09-22 16:11:29 +02:00
frack113 e16e9e8ea7 fix timeframe compare error 2021-09-21 22:54:45 +02:00
frack113 29490f350d fix NoneType object has no attribute get 2021-09-12 20:13:58 +02:00
frack113 e6d4cb15bd fix NoneType error 2021-09-12 20:04:58 +02:00
frack113 97cd368064 update test_rules.py 2021-09-10 13:33:16 +02:00
phantinuss abf40ecfbc fix: typo in URL 2021-08-31 12:50:11 +02:00
frack113 3eb3377a7b check valid date order 2021-08-26 06:51:37 +02:00
frack113 a4021842de Fix invalid tags 2021-08-25 09:15:57 +02:00
frack113 5b869a3f42 Update cve tags 2021-08-24 10:50:01 +02:00
frack113 c2302a15da fix cve tags 2021-08-24 10:10:45 +02:00
Austin Songer e039f91272 Spelling 2021-08-18 19:00:57 +00:00
frack113 76d956e110 update test_missing_id 2021-08-16 18:12:17 +02:00
frack113 3900ba9e2c add license test 2021-08-14 19:42:29 +02:00
frack113 db0de126a5 test author for Detection Rule License 1.1 2021-08-14 19:16:36 +02:00
frack113 e45557316e Fix selection with only 1 element 2021-08-14 09:54:27 +02:00
frack113 5e5ac8479c Add tlp and target Attribute 2021-08-11 14:26:20 +02:00
frack113 e098cdf3a1 fix url ref 2021-08-10 11:07:28 +02:00
frack113 ce17f8e9e2 add test_selection_list_one_value warning only 2021-08-10 10:21:22 +02:00
Florian Roth 9b7be5985e Merge pull request #1773 from phantinuss/master 
Two CobaltStrike BOF rules and a little fix on the local rule test script usage text
 2021-08-05 15:42:47 +02:00
Florian Roth 917b95d8ff fix: bash script bug 2021-07-30 08:51:38 +02:00
Florian Roth 5947dddcd2 feat: print the faulty rule as an error into cmdline 2021-07-30 08:24:06 +02:00
Florian Roth 7c78f40372 Merge pull request #1744 from gliptak/patch-3 
Add yamllint to GHA
 2021-07-28 16:24:33 +02:00
phantinuss 2866a1dbdc fix: change howto to match current state of code 2021-07-28 15:13:55 +02:00
frack113 6b076d4360 Add test_optional_author 2021-07-27 19:14:00 +02:00
Gábor Lipták d2592ee0b6 Add yamllint to GHA 
Signed-off-by: Gábor Lipták <gliptak@gmail.com>
 2021-07-26 21:26:16 -04:00
frack113 ffcd3a2112 Add test_optional_related test_optional_fields test_optional_falsepositives 2021-07-24 09:41:04 +02:00
frack113 aff5264096 Add check for status and level 2021-07-22 19:25:51 +02:00
frack113 fe20158f5e Update date and modified test 2021-07-21 18:28:47 +02:00
frack113 50c47a4ed0 check duplicate id 2021-07-17 10:32:29 +02:00
Florian Roth 02bf32ce6c fixed more legal issues 2021-05-15 13:09:08 +02:00
Florian Roth 526ab4f707 feat: trademark test case 2021-05-15 13:02:49 +02:00
jaegeral e1f43f17c2 fixed various spelling errors all over rules and source code 2021-02-24 14:43:13 +00:00
mat b3e36281b5 fix reference field + add test for references in plural form 2020-11-27 10:17:45 +01:00
Florian Roth d3ee1aba66 docs: MITRE ATT&CK(R) trademark references removed or adjusted 
https://github.com/Neo23x0/sigma/issues/1028
 2020-09-30 08:53:52 +02:00
Florian Roth 8970d03f6f Merge pull request #952 from Neo23x0/devel 
feat: Detect duplicate rule tags
 2020-07-28 10:21:59 +02:00
Florian Roth 051e2ce905 feat: detect duplicate tags 2020-07-27 11:37:58 +02:00
Ryan Plas de53a08746 Merge branch 'master' of github.com:Neo23x0/sigma 2020-07-15 10:27:33 -04:00
Florian Roth 71e66ea9ba refactor: tests use live data from MITRE's TAXI service 2020-07-14 17:54:02 +02:00
Florian Roth cf25b9c509 feat: filename test 2020-07-14 12:33:16 +02:00