security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
15,315 Commits 1 Branch 57 Tags
063bb57dfdabbefb7c84166b7a35dfdabd2b8c90
Commit Graph

83 Commits

Author SHA1 Message Date
Nasreddine Bencherchali e898abc019 feat: rule updates 2023-04-12 02:57:44 +02:00
Wagga 273fdb9985 fix: typos in multiple rules (#4011) 2023-02-06 13:53:23 +01:00
Nasreddine Bencherchali 7c38a5c496 chore: add nextron authors tag 2023-02-01 11:14:59 +01:00
Nasreddine Bencherchali e0217640e8 fix: remove duplicate entries 2023-01-11 16:34:03 +01:00
Nasreddine Bencherchali 75b6b4fa59 fix: add missing modified date 2023-01-11 16:28:45 +01:00
Nasreddine Bencherchali 7edac96e63 fix: add modified 2023-01-11 16:27:49 +01:00
pH-T 5cc5f4db6d fix: syntax error 2023-01-11 16:27:17 +01:00
Paul Hager 69ffa7f51b feat: updated rules for coverage of CVE-2015-2291 2023-01-11 16:24:05 +01:00
frack113 aee5ca7afc Fix invalid field cast or name (#3841) 2022-12-30 11:46:21 +01:00
frack113 7060db3d47 Promotion rules (#3821) 
* Promotion rules

* fix missing null

* fix: modified date

Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
 2022-12-27 12:29:10 +01:00
Nasreddine Bencherchali 03cc78e916 feat: filename test enhancements (#3812) 2022-12-23 09:25:16 +01:00
Nasreddine Bencherchali 3868dd91c6 feat: updates and enhancements 2022-12-16 16:52:12 +01:00
Nasreddine Bencherchali d82e3de11c fix: fix empty field in selection 2022-11-30 00:57:38 +01:00
Nasreddine Bencherchali 04a1d29eac feat: update driver rules 2022-11-29 23:24:34 +01:00
Nasreddine Bencherchali 1d7ee1cd19 feat: enhance duplicate test (#3736) 
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2022-11-29 13:47:09 +01:00
Florian Roth 66adbb43f7 chore: change modified date 2022-11-19 08:48:43 +01:00
Florian Roth 5c5639cfc6 Merge branch 'rule-devel' of https://github.com/SigmaHQ/sigma into rule-devel 2022-11-17 17:34:50 +01:00
Florian Roth 860b290f32 fix: change casing 2022-11-17 17:34:48 +01:00
Florian Roth 136398698b fix: list with one element 2022-11-16 20:18:30 +01:00
Florian Roth 4234018e22 fix: duplicate uuid 2022-11-16 20:17:29 +01:00
Florian Roth c79f594425 rule: proc hacker, system informer driver load; refactor: imphash casing 2022-11-16 18:12:23 +01:00
Florian Roth 71431efd16 fix: hash selection with OR in Dell driver rule 2022-11-10 13:22:04 +01:00
Florian Roth 7ef9893579 rule: vulnerable Lenovo driver 2022-11-10 13:21:31 +01:00
frack113 dfdaecc52c Order yaml field 2022-10-25 12:00:56 +02:00
Nasreddine Bencherchali 7621ce8899 Add New Vuln Driver 
Add new vuln driver related to CVE-2022-37969
 2022-10-20 11:55:36 +02:00
Kawa 6960178d56 Update driver_load_vuln_drivers_names.yml 2022-10-17 15:23:14 +02:00
Nasreddine Bencherchali 7e2f624b0f Update drivers list 2022-10-10 13:03:56 +02:00
Nasreddine Bencherchali 0d253472eb Update driver_load_vuln_drivers_names.yml 2022-10-10 12:28:41 +02:00
Nasreddine Bencherchali 8b40e6fe21 Add missing backslash and remove duplicate 2022-10-10 11:35:50 +02:00
frack113 cf7a348028 Fix related 2022-10-09 17:28:05 +02:00
frack113 931fb30853 old experimental rule promotion 2022-10-09 16:54:04 +02:00
Florian Roth 303fbd2e35 Update driver_load_vuln_drivers_names.yml 2022-10-06 09:28:43 +02:00
Nasreddine Bencherchali e2721f57e1 Update driver list with ELASTIC information 2022-10-05 11:01:29 +02:00
Nasreddine Bencherchali 16e377ef5e Fix 2022-10-04 23:12:37 +02:00
Nasreddine Bencherchali 098d530577 Fix error in driver rule 2022-10-04 11:38:58 +02:00
Nasreddine Bencherchali 809f45800e Update drivers list 2022-10-03 10:46:02 +02:00
Nasreddine Bencherchali 48c1104b1a New+Update 2022-09-02 09:15:21 +02:00
Nasreddine Bencherchali ea183cae13 Updates+New Rules 2022-08-31 09:39:16 +02:00
Nasreddine Bencherchali 11a322f4f0 New + Update 2022-08-26 15:38:43 +01:00
frack113 5cf940c0a8 Merge pull request #3425 from YamatoSecurity/fix-backend-bool-conversion-error 
fix backend bool conversion errors
 2022-08-25 06:41:43 +02:00
Nasreddine Bencherchali 728a7ccb66 Fix after review 2022-08-24 18:35:23 +01:00
Yamato Security 1faef2fa97 fix backend bool conversion errors 2022-08-24 09:23:35 +09:00
Florian Roth 8648919169 change casing to include both casings 2022-08-20 09:28:47 +02:00
Nasreddine Bencherchali b45316cf8b Update driver_load_vuln_drivers.yml 2022-08-19 09:29:20 +01:00
Nasreddine Bencherchali 0e40cee045 Update rules 2022-08-18 18:22:28 +01:00
Nasreddine Bencherchali 234484c399 Add rules 2022-08-18 15:30:17 +01:00
Nasreddine Bencherchali faa3f6b636 Create driver_load_vuln_drivers.yml 2022-08-18 13:45:25 +01:00
Nasreddine Bencherchali 0d8dba5200 Update driver_load_susp_temp_use.yml 2022-07-28 12:40:30 +01:00
Nasreddine Bencherchali 2420c98959 Create driver_load_vuln_avast_anti_rootkit_driver.yml 2022-07-28 12:40:23 +01:00
Florian Roth 27061cd0ac refactor: windivert driver load update 2022-07-27 08:58:46 +02:00