security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
16,224 Commits 1 Branch 57 Tags
4989d43ae97015f8113aed2efcd49d288b8fec21
Commit Graph

10 Commits

Author SHA1 Message Date
Nasreddine Bencherchali d7f1e8c443 Update lnx_auditd_binary_padding.yml 2023-05-03 01:09:55 +02:00
fukusuket 78fe42f78c refactor: use '|all' instead of using all of for a single selector. 2023-04-30 21:49:32 +09:00
Nasreddine Bencherchali 7e73028c5e feat: updates and enhancements 2023-01-06 16:35:34 +01:00
frack113 cd4121d966 Update Title (#3731) 
Co-authored-by: Florian Roth <venom14@gmail.com>
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
 2022-11-27 19:19:27 +01:00
frack113 11cb03181e Order yaml field 2022-10-25 08:53:44 +02:00
Nasreddine Bencherchali d03f6df250 Reference Update [Batch 1] 2022-07-07 15:24:15 +01:00
phantinuss 043747822f fix: more falsepositives harmonization 2022-03-16 14:57:06 +01:00
frack113 01dc930c17 Change status for old rules 2021-11-27 11:33:14 +01:00
Max Altgelt 6f05e33feb fix: Correct incorrect message / keyword usage 
Correct a number of rules where message or keyword were incorrectly used
as field names in events (typically windows event logs). However, neither
field actually exists and as such these strings could never match.
 2021-08-12 16:28:07 +02:00
frack113 f2cdbb5aa7 Rename rule service:auditd 2021-07-07 13:53:51 +02:00