security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
15,371 Commits 1 Branch 57 Tags
7b90c00a4520f618eefa2f08247f8c84466f446c
Commit Graph

805 Commits

Author SHA1 Message Date
Austin Songer b72e7fc6eb Update rules/cloud/okta/okta_fastpass_phishing_detection.yml 
Co-authored-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-05-10 01:18:00 -05:00
Austin Songer 3e9cfc3e7c Update okta_fastpass_phishing_detection.yml 2023-05-08 11:26:21 -05:00
Austin Songer 8dc803df95 Update okta_fastpass_phishing_detection.yml 2023-05-08 10:35:19 -05:00
Austin Songer df04652768 Update okta_fastpass_phishing_detection.yml 2023-05-07 20:16:54 -05:00
Austin Songer 616bf2a819 Update okta_fastpass_phishing_detection.yml 2023-05-07 20:06:23 -05:00
Austin Songer ce62346e4f Create okta_fastpass_phishing_detection.yml 2023-05-07 19:43:39 -05:00
Nasreddine Bencherchali 7ce4a9b7ec fix: add missing modified 2023-04-28 11:12:30 +02:00
muratogul 961aebb8ef corrected eventSource on aws_enum_buckets.yml file 2023-04-27 22:53:34 -07:00
erickatwork 91bc015216 feat: update description ECS TASK DEF rule (#4181) 2023-04-25 11:00:24 +02:00
Nick Moore 463d9fff82 feat: new rule Potential Okta Password in AlternateID Field (#4158) 2023-04-05 13:21:03 +02:00
Nasreddine Bencherchali 3d9372bef3 feat: new rules, updates and fp fixes (#4136) 2023-04-03 12:06:14 +02:00
FormindGMO fad662ab15 #4149 Fix ALA Rules Compilation (parser and broken azure rules) (#4150) 2023-03-29 23:07:40 +02:00
phantinuss 98ab4bcd6a fix: wording 2023-03-21 08:58:22 +01:00
Nasreddine Bencherchali b253e8cafc fix: apply suggestions from code review 2023-03-20 22:02:38 +01:00
phantinuss d6b91a9abf fix: file extension (3) 2023-03-20 09:54:28 +01:00
phantinuss 23fc8e1d0c fix: file extension (2) 2023-03-20 09:40:23 +01:00
phantinuss f53e9676bb fix: missing file extention 2023-03-20 08:55:49 +01:00
cyb3rjy0t 14eea4ebcb azure_ad_suspicious_signin_bypassingMFA 2023-03-20 00:41:33 -04:00
Wagga 273fdb9985 fix: typos in multiple rules (#4011) 2023-02-06 13:53:23 +01:00
frack113 9e51af56ca Merge pull request #3974 from MarkMorow/master 
Update tags for MITRE ATT&CK
 2023-01-31 07:34:34 +01:00
Nasreddine Bencherchali 7b3a3ee254 fix: add missing space by the end 2023-01-30 10:26:13 +01:00
Nasreddine Bencherchali 6de8009c88 fix: update metadata and prefix test 2023-01-30 10:23:13 +01:00
Mark Morowczynski b24e6d197b Update tags for MITRE ATT&CK 
Update tags for MITRE ATT&CK
 2023-01-29 11:29:12 -08:00
z00t cd15e7beea Rename github_new_org_member_alert.yml to github_new_org_member.yml 
The rule name changed to match the updated rule title.
 2023-01-30 00:02:20 +05:00
z00t d8c18457a0 Update disabled_outdated_dependency_or_vulnerability.yml 
Removed invalid mitre ID T1089, and removed mitigation ID which was included in an error.
 2023-01-30 00:01:22 +05:00
z00t 493daf54f5 Update and rename github_high_risk_configuration_change.yml to disable_github_high_risk_configuration.yml 
The severity level changed to high from critical. The rule name matched the modified title.
 2023-01-29 23:59:53 +05:00
z00t 40d7ce83c7 Rename dependabot_alerts_disabled.yml to disabled_outdated_dependency_or_vulnerability.yml 
The rule name matched to the modified title.
 2023-01-29 23:57:17 +05:00
z00t 23e5faa382 Update rules/cloud/github/github_new_org_member_alert.yml 
Co-authored-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-01-29 23:05:28 +05:00
z00t 579ac60b7a Update rules/cloud/github/github_high_risk_configuration_change.yml 
Co-authored-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-01-29 23:04:30 +05:00
z00t 1959e7936e Update rules/cloud/github/dependabot_alerts_disabled.yml 
Co-authored-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-01-29 23:03:59 +05:00
z00t 60c3221fe1 selection item added. 2023-01-29 21:56:33 +05:00
z00t 6ef4ee26bb Description updated. 2023-01-29 20:45:19 +05:00
z00t 352b477d5b Merge branch 'SigmaHQ:master' into master 2023-01-29 20:40:37 +05:00
Mark Morowczynski 29ca26b32c Updating MITRE Tactics & Techniques 
Updating MITRE Tactics & Techniques to align with existing classifications
 2023-01-28 13:26:15 -08:00
z00t 17640ab9d6 Merge branch 'master' of https://github.com/faisalusuf/sigma 2023-01-28 01:04:05 +05:00
z00t 1fa926ee31 New rules added. 2023-01-28 01:01:30 +05:00
frack113 1033b3f404 change status to test 2023-01-27 06:48:34 +01:00
frack113 fa593dc4c4 Merge pull request #3942 from faisalusuf/master 2023-01-22 18:49:55 +01:00
frack113 6d535e032f Remove operation 2023-01-22 18:42:54 +01:00
frack113 2bd14e4953 Small update 
- Change service to audit
- Add operation
 2023-01-22 08:55:24 +01:00
Nasreddine Bencherchali 7bce67f940 fix: file extension 2023-01-21 11:52:13 +01:00
Nasreddine Bencherchali 9ef8565556 fix: filename 2023-01-21 11:41:44 +01:00
z00t 9cc61a6e60 Single quotes added to non-integer values. 2023-01-20 23:28:23 +05:00
z00t 44a7b78950 New Rule is created. 2023-01-20 23:09:56 +05:00
z00t e27d79e21a New detection rule. 2023-01-20 21:29:31 +05:00
nikitah4x 8015b445fd Update okta_admin_role_assignment_created.yml 2023-01-20 15:47:36 +02:00
nikitah4x 411b1a44e7 Update rules/cloud/okta/okta_admin_role_assignment_created.yml 
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
 2023-01-20 15:42:22 +02:00
nikitah4x a25fdddb0d Update rules/cloud/okta/okta_admin_role_assignment_created.yml 
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
 2023-01-20 15:42:15 +02:00
nikitah4x 44a3371d8a Update rules/cloud/okta/okta_admin_role_assignment_created.yml 
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
 2023-01-20 15:41:32 +02:00
z00t cc511af55e Create github_delete action_invoked.yaml 2023-01-20 18:14:14 +05:00