security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
15,807 Commits 1 Branch 57 Tags
291ca18d22f720f2ebcd30cf468f4434cecccdaa
Commit Graph

395 Commits

Author SHA1 Message Date
phantinuss f9893202e5 fix: IPv6 prefix 2023-08-22 13:17:40 +02:00
phantinuss 24e7333f15 fix: typo 2023-08-22 11:43:04 +02:00
Nasreddine Bencherchali 89c6ea2ef0 Update rules/web/proxy_generic/proxy_webdav_search_ms.yml 
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-08-22 11:42:08 +02:00
Nasreddine Bencherchali 201066947b feat: update detection & metadata 2023-08-22 11:00:55 +02:00
Micah Babinski 8d16ed2cc2 Added search(-ms)/WebDAV rules 2023-08-04 17:37:54 -07:00
Josh f083be8458 Fixed typo in comment 
DragonOK and not dargonOK :)
 2023-07-17 14:39:48 -04:00
phantinuss 6c4408ddff chore: fix typo of lowercase Windows in description 2023-06-21 09:52:43 +02:00
Nasreddine Bencherchali 066f57abb8 chore: update rules from r-dns to cs-host 2023-05-18 23:03:23 +02:00
Axel-NTT c1ba6e1505 Update proxy_ua_bitsadmin_susp_tld.yml to use proxy field 2023-05-17 13:46:28 +02:00
Nasreddine Bencherchali e0a2d52671 Merge pull request #4218 from nasbench/fin7-rules 
feat: updates and new rules related to fin7
 2023-05-09 16:14:26 +02:00
Nasreddine Bencherchali bbf1e54510 fix: apply suggestions from code review 
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-05-09 16:04:24 +02:00
frack113 c1a9712558 Review Web logsource 2023-05-08 11:04:16 +02:00
Nasreddine Bencherchali 24ed6be065 feat: updates and new rules related to fin7 2023-05-05 01:26:06 +02:00
Nasreddine Bencherchali 637d610884 chore: move rules to new folders (#4205) 2023-05-02 23:17:57 +02:00
Nasreddine Bencherchali 797a8d0784 Update web_cve_2021_26858_iis_rce.yml 2023-04-26 10:42:38 +02:00
BlueT - Matthew Lien - 練喆明 8471faea15 fix web_cve_2021_26858_iis_rce.yml (all of -> "|all") 
https://github.com/SigmaHQ/sigma/pull/3952
https://github.com/SigmaHQ/sigma-specification/discussions/53
 2023-04-26 07:05:09 +08:00
Nasreddine Bencherchali 0c23616a12 fix: move to deprecated 2023-04-21 15:05:56 +02:00
Nasreddine Bencherchali b26f9a9793 chore: move more rules 2023-04-21 15:01:48 +02:00
Nasreddine Bencherchali b851734126 chore: move 3cx related rules 2023-04-21 15:00:35 +02:00
Frank Iacovino 4e47720427 Correct rule description in web_apache_segfault.yml 2023-04-19 11:23:52 -04:00
Nasreddine Bencherchali 4ce1bf45b6 feat: update malware ua 2023-04-12 16:12:11 +02:00
Nasreddine Bencherchali 3d9372bef3 feat: new rules, updates and fp fixes (#4136) 2023-04-03 12:06:14 +02:00
Nasreddine Bencherchali 5138fef3e5 feat: update 3cx compromise related rules (#4156) 2023-03-31 15:01:41 +02:00
Arnim Rupp b2e9b47e91 feat: add new domain to rules related to 3CX compromise (#4154) 2023-03-30 13:18:11 +02:00
Nasreddine Bencherchali c08a50758b feat: update 2023-03-29 18:59:24 +02:00
Mohamed Ashraf dc83671da0 Update proxy_ua_malware.yml 2023-03-27 13:13:16 +02:00
Mohamed Ashraf (X__Junior) e868b66592 Update proxy_ua_malware.yml 2023-03-27 11:10:14 +02:00
Gavin Knapp ec892dec93 feat: new rule proxy_susp_ipfs_cred_harvest.yml (#4113) 2023-03-24 12:29:25 +01:00
Nasreddine Bencherchali eb5d96f270 fix: update modified 2023-03-20 16:44:29 +01:00
Mohamed Ashraf (X__Junior) 87404ea1e1 Update proxy_ua_malware.yml 2023-03-20 17:41:13 +02:00
frack113 4d8a6ca51f Merge pull request #4073 from nasbench/nasbench-rule-devel 
feat: updates and fixes
 2023-02-24 17:50:50 +01:00
Nasreddine Bencherchali 4da9252bba fix: add missing space 2023-02-23 19:33:00 +01:00
Bhabesh d3cfc7a7fa Fixed field name 2023-02-24 00:12:16 +05:45
Bhabesh dee1558a8d Added rule (fixed) for CVE-2023-23752 in Joomla 2023-02-23 23:40:08 +05:45
Nasreddine Bencherchali 078e3ab500 feat: updates and fixes 2023-02-23 12:49:44 +01:00
IsaAlMannaei d9d9227910 feat: new rule related to CVE-2022-21587 (#4037) 2023-02-14 14:30:12 +01:00
Nasreddine Bencherchali 1f34cecadf fix: multiple typos 
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-02-06 12:28:45 +01:00
Nasreddine Bencherchali fc818bbbdc feat: multiple updates and fixes 2023-02-03 02:22:28 +01:00
Nasreddine Bencherchali 7c38a5c496 chore: add nextron authors tag 2023-02-01 11:14:59 +01:00
frack113 8b321ba0b2 Order root rules folder 2023-01-31 14:05:08 +01:00
frack113 9320bf246d Order root rules folder 2023-01-29 09:49:42 +01:00
frack113 1033b3f404 change status to test 2023-01-27 06:48:34 +01:00
Nasreddine Bencherchali 9fe829af52 feat: new rules related to CVE-2022-44877 2023-01-20 13:51:17 +01:00
Nasreddine Bencherchali 26fef9bfd1 fix: add logic to the correct rule 2023-01-19 00:59:13 +01:00
cyb3rjy0t a27457715b CVE-2022-82889 2023-01-16 14:34:41 -05:00
frack113 f9e1419760 Order file 2023-01-10 06:24:48 +01:00
frack113 756a248032 update logsource 2023-01-04 18:52:24 +01:00
frack113 c62d624892 Use W3C cs-uri-query 2023-01-02 18:56:34 +01:00
frack113 41c850e00b Use W3C cs-uri-query 2023-01-02 18:45:50 +01:00
frack113 a1a94a0b66 Update W3C field name 2023-01-02 16:39:55 +01:00