security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,959 Commits 1 Branch 57 Tags
7b64ab552f94de507753860b6ff0268d4a656321
Commit Graph

14 Commits

Author SHA1 Message Date
Florian Roth d3ee1aba66 docs: MITRE ATT&CK(R) trademark references removed or adjusted 
https://github.com/Neo23x0/sigma/issues/1028
 2020-09-30 08:53:52 +02:00
Alexey Lednyov 1eb675f693 att&ck tags review: web, network/zeek 2020-09-03 17:06:37 +03:00
Josh Brower 4c4b8db7cf Zeek RDP rule 2020-08-23 13:16:42 -04:00
Florian Roth 781667ef22 fix: zeek rule references isn't a list 2020-07-14 00:33:47 +02:00
Florian Roth c3ffa0b9d3 fix: duplicate IDs 2020-06-24 17:04:04 +02:00
Ivan Kirillov 0fbfcc6ba9 Initial round of subtechnique updates 2020-06-16 14:46:08 -06:00
neu5ron 7c3dea22b8 small T, big T 2020-05-19 05:13:48 -04:00
neu5ron 602c8917ef domain user enumeration via zeek rpc (dce_rpc) log. 2020-05-19 05:08:26 -04:00
neu5ron 858ebcd3d3 author typo update 2020-05-19 04:35:47 -04:00
neu5ron 2fc8d513d6 zeek, swap path and name 2020-05-19 04:35:30 -04:00
neu5ron a01a85cf9b CI/CD check fixes (missing ID's) 2020-05-04 15:22:18 -04:00
neu5ron a61b1da47a fixed yaml space causing condition to not be found 2020-05-04 15:17:43 -04:00
neu5ron d300027848 on behalf of @socprime [SOC Prime Inc.](https://my.socprime.com/en/tdm/) 
add rules for Zeek. This includes Windows Event Channel Security EventID:5145 that have same fields as Zeek SMB
Also, converted some of (MITRE ATT&CK BZAR)[https://github.com/mitre-attack/bzar] which are Zeek (sensor) scripts.
 2020-05-02 07:27:51 -04:00
neu5ron c66540c029 on behalf of @socprime [SOC Prime Inc.](https://my.socprime.com/en/tdm/) 
create `zeek` folder to store Zeek rules
 2020-05-02 07:25:21 -04:00