security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
14,175 Commits 1 Branch 57 Tags
3da07164ce0d651bf72691bac1cfcafbf20249de
Commit Graph

6 Commits

Author SHA1 Message Date
frack113 1f8e37351e order yaml 2022-10-28 15:06:36 +02:00
Gude5 a3e6856764 new rules: Sigma rules based on Elastic rules (#3632) 
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
 2022-10-28 10:13:44 +02:00
Nasreddine Bencherchali 48c1104b1a New+Update 2022-09-02 09:15:21 +02:00
Nasreddine Bencherchali f0e05ccb3c Rule Update (Batch 2) 
- Added 5 more PowerShell scripts for the rule "file_event_win_powershell_exploit_scripts.yml"
- Created new rule for "certoc" lolbin to cover "Download" option as described in the LOLBAS project
- Created specific rule for the "IEExec" lolbin to cover "Download" option as described in the LOLBAS Project
- Updated some rules to use "OriginalFileName" in addition to the "Image" selection
- Updated some rules to increase coverage.
 2022-05-16 22:02:41 +01:00
phantinuss 043747822f fix: more falsepositives harmonization 2022-03-16 14:57:06 +01:00
frack113 8bb3379b68 Normalization of rule names 2022-02-22 11:16:31 +01:00