security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
16,034 Commits 1 Branch 57 Tags
889efd1663f0781e110f32e8e81e88a311e6c500
Commit Graph

23 Commits

Author SHA1 Message Date
github-actions[bot] ae960f0881 Merge PR #4611 from @nasbench - Promote Older Rules Status From experimental To test 
chore: promote older rules status from experimental to test

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2023-12-01 12:50:36 +01:00
Thurein Oo f5553c037a Merge PR #4552 from @ThureinOo - Add Detection of CVE-2023-46747 Remote Code Execution 
new: CVE-2023-46747 Exploitation Activity - Proxy
new: CVE-2023-46747 Exploitation Activity - Webserver
new: F5 BIG-IP iControl Rest API Command Execution - Proxy
new: F5 BIG-IP iControl Rest API Command Execution - Webserver

---------

Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com>
 2023-11-14 09:41:49 +01:00
github-actions[bot] a6e7cce606 Merge PR #4533 from @nasbench - Promote experimental rules 
chore: promote older rules status from `experimental` to `test`

---------

Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com>
 2023-11-02 10:48:45 +01:00
Nasreddine Bencherchali 95793d73bd Merge PR #4482 From @nasbench - Add New Automation Workflows 
chore: update workflows and add quality of life updates and automation to the repository

---------

Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-10-18 11:53:44 +02:00
frack113 020fc8061f Merge PR #4479 From @frack113 - Upgrade Rules Status 
chore: Upgrade status level from `experimental` to `test` for rules that have not changed in 300 days

---------

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com>
 2023-10-17 14:35:26 +02:00
Thurein Oo 1e7a5b0cb3 Merge PR #4417 from @ThureinOo - Update SQL injections 
update: Added some bypass methods used by SQLI Injectors.

---------

Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
 2023-09-06 11:19:10 +02:00
Thurein Oo d43c500240 Merge PR #4416 from @ThureinOo - Increase SQL Injection Coverage 
update: Detects sql injection exploitation attempts - Increase coverage

---------

Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
Co-authored-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-09-01 13:58:34 +02:00
Thurein Oo 421bbed383 Merge PR #4409 from @ThureinOo - Increase Coverage Of Path Traversal Exploitation Rule 
update: Detects path traversal exploitation attempts - Increase coverage

---------

Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-09-01 10:54:32 +02:00
Tessa Georgen 60b8e9b70f Merge PR #4392 from @tjgeorgen - Update MITRE Tags 
- update: update MITRE tags for multiple rules

---------

Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
 2023-08-28 16:53:27 +02:00
phantinuss 6c4408ddff chore: fix typo of lowercase Windows in description 2023-06-21 09:52:43 +02:00
frack113 c1a9712558 Review Web logsource 2023-05-08 11:04:16 +02:00
Nasreddine Bencherchali 637d610884 chore: move rules to new folders (#4205) 2023-05-02 23:17:57 +02:00
Nasreddine Bencherchali 797a8d0784 Update web_cve_2021_26858_iis_rce.yml 2023-04-26 10:42:38 +02:00
BlueT - Matthew Lien - 練喆明 8471faea15 fix web_cve_2021_26858_iis_rce.yml (all of -> "|all") 
https://github.com/SigmaHQ/sigma/pull/3952
https://github.com/SigmaHQ/sigma-specification/discussions/53
 2023-04-26 07:05:09 +08:00
Nasreddine Bencherchali 3d9372bef3 feat: new rules, updates and fp fixes (#4136) 2023-04-03 12:06:14 +02:00
Nasreddine Bencherchali 4da9252bba fix: add missing space 2023-02-23 19:33:00 +01:00
Bhabesh d3cfc7a7fa Fixed field name 2023-02-24 00:12:16 +05:45
Bhabesh dee1558a8d Added rule (fixed) for CVE-2023-23752 in Joomla 2023-02-23 23:40:08 +05:45
IsaAlMannaei d9d9227910 feat: new rule related to CVE-2022-21587 (#4037) 2023-02-14 14:30:12 +01:00
Nasreddine Bencherchali 1f34cecadf fix: multiple typos 
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-02-06 12:28:45 +01:00
Nasreddine Bencherchali fc818bbbdc feat: multiple updates and fixes 2023-02-03 02:22:28 +01:00
Nasreddine Bencherchali 7c38a5c496 chore: add nextron authors tag 2023-02-01 11:14:59 +01:00
frack113 8b321ba0b2 Order root rules folder 2023-01-31 14:05:08 +01:00