security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
16,224 Commits 1 Branch 57 Tags
4989d43ae97015f8113aed2efcd49d288b8fec21
Commit Graph

17 Commits

Author SHA1 Message Date
Andreas Braathen 5397ea4f0a Merge PR #4882 from @netgrain - New rules related to LocaltoNet tunneling 
new: Communication To LocaltoNet Tunneling Service Initiated
new: Communication To LocaltoNet Tunneling Service Initiated - Linux 

---------

Co-authored-by: Andreas Braathen <andreasb@mnemonic.io>
Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com>
 2024-06-20 13:09:49 +02:00
Joe 6412c1a02b Merge PR #4822 from @hasselj - Add Potentially Suspicious Malware Callback Communication - Linux 
new: Potentially Suspicious Malware Callback Communication - Linux
 
---------

Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com>
 2024-05-10 17:07:43 +02:00
frack113 020fc8061f Merge PR #4479 From @frack113 - Upgrade Rules Status 
chore: Upgrade status level from `experimental` to `test` for rules that have not changed in 300 days

---------

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com>
 2023-10-17 14:35:26 +02:00
Tessa Georgen 60b8e9b70f Merge PR #4392 from @tjgeorgen - Update MITRE Tags 
- update: update MITRE tags for multiple rules

---------

Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
 2023-08-28 16:53:27 +02:00
Nasreddine Bencherchali 7c38a5c496 chore: add nextron authors tag 2023-02-01 11:14:59 +01:00
frack113 7060db3d47 Promotion rules (#3821) 
* Promotion rules

* fix missing null

* fix: modified date

Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
 2022-12-27 12:29:10 +01:00
Florian Roth ffbaee0c56 Update rules/linux/network_connection/net_connection_lnx_ngrok_tunnel.yml 
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
 2022-11-04 10:49:12 +01:00
Florian Roth f27466ef2b Update rules/linux/network_connection/net_connection_lnx_ngrok_tunnel.yml 
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
 2022-11-04 10:49:01 +01:00
Florian Roth 4fcac3089d Rule: Ngrok tunnel LNX 2022-11-03 17:41:23 +01:00
frack113 11cb03181e Order yaml field 2022-10-25 08:53:44 +02:00
nasreddine.bencherchali@nextron-systems.com 4fc62dee7c Linux rules update 2022-09-16 09:22:57 +02:00
Florian Roth 664ec8b43e refactor: remove rules for false alarm 
https://twitter.com/cyb3rops/status/1555242921850544131
 2022-08-04 20:05:16 +02:00
Florian Roth 72dbfffc0f rule: myjino github repo compromise 2022-08-03 08:34:28 +02:00
Nasreddine Bencherchali d03f6df250 Reference Update [Batch 1] 2022-07-07 15:24:15 +01:00
frack113 7fb8272f94 Name Normalization 
Name Normalization
 2022-02-27 10:58:14 +01:00
Florian Roth ab499c9c21 rules: crypto coin mining 2021-10-26 08:52:07 +02:00
Florian Roth 0b46180cd2 fix: moved back connect bash to correct folder 2021-10-26 08:51:54 +02:00