security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
16,591 Commits 1 Branch 57 Tags
8b41e6bfdf80e29005ce5a6065caac3ff0b0cc64
Commit Graph

207 Commits

Author SHA1 Message Date
github-actions[bot] b4c6facc1d Merge PR #5693 from @nasbench - chore: archive new rule references and update cache file 
Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-10-15 09:51:23 +02:00
phantinuss b242175fe4 Merge PR #5679 from @swachchhanda000 - chore: update evtx baseline to v0.8.2 
chore: update evtx baseline to v0.8.2 and fix FPs
---------

Co-authored-by: Swachchhanda Shrawan Poudel <87493836+swachchhanda000@users.noreply.github.com>
 2025-10-09 13:03:39 +02:00
github-actions[bot] 019971e1c9 Merge PR #5667 from @nasbench - chore: archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-10-01 10:01:54 +02:00
github-actions[bot] 12d87e7690 Merge PR #5636 from @phantinuss - Update ATT&CK Heatmap Coverage 
* chore: update ATT&CK heatmap

* chore: update heatmap SVG

* chore: tweak output for attack map svg

---------

Co-authored-by: phantinuss <phantinuss@users.noreply.github.com>
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2025-09-22 11:42:05 +02:00
github-actions[bot] f76a82ddc9 Merge PR #5638 from @nasbench - Archive new rule references and update cache file 
Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-09-22 11:41:18 +02:00
github-actions[bot] 1751ef8673 Merge PR #5597 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-08-29 10:31:14 +02:00
phantinuss 4f4f468c4a Merge PR #5557 from @phantinuss - Bump pySigma-validators-sigmahq to 0.10 
chore: bump pySigma-validators-sigmahq to 0.10
 2025-08-14 14:29:11 +02:00
github-actions[bot] f9d2a493f9 Merge PR #5573 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-08-14 14:06:15 +02:00
github-actions[bot] 43304188c2 chore: archive new rule references and update cache file 
Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-07-15 11:38:58 +02:00
github-actions[bot] ff2c7bf284 Merge PR #5507 from @nasbench - archive new rule references and update cache file 
Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-07-01 10:53:58 +02:00
github-actions[bot] be3f2bc7bd Merge PR #5505 from @phantinuss - Update ATT&CK Heatmap Coverage 
chore: update ATT&CK heatmap
chore: add updated ATT&CK coverage image
chore: point heatmap link to master

---------

Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2025-07-01 10:48:15 +02:00
Cameron Roberts bdba8881c8 Merge PR #5213 from @JrOrOneEquals1 - Workflow to update ATT%CK heatmap json 
chore: workflow - auto-update ATT&CK heatmap
---------

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2025-06-24 13:16:34 +02:00
github-actions[bot] df556b9675 Merge PR #5480 from @phantinuss - Archive new rule references and update cache file 
chore: archive new rule references and update cache file
 2025-06-16 12:55:39 +02:00
Ariel Otilibili a1c9827a35 Merge PR #5402 from @ariel-anieli - feat: add JSON output format for deprecated rule summary 
chore: tests/deprecated_rules.py - add json output format
chore: add deprecated/deprecated.json
chore: update README and workflow job accordingly

---------

Signed-off-by: Ariel Otilibili <otilibil@eurecom.fr>
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2025-06-13 10:59:34 +02:00
phantinuss dbf8921652 chore: fix typo as suggested in #5472 2025-06-12 12:41:09 +02:00
phantinuss a38664c771 Merge PR #5443 from @phantinuss - Pin Sigma Validator package to minor version only 
chore: Pin Sigma Validator package to minor version only
 2025-06-04 14:58:58 +02:00
github-actions[bot] f3948c7bdf Merge PR #5449 from @nasbench - Archive new rule references and update cache file 
Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-06-02 13:29:26 +02:00
phantinuss 8259948a3f Merge PR #5421 from @phantinuss - Update evtx-baseline 
chore: update evtx-baseline
 2025-05-20 23:15:57 +02:00
github-actions[bot] e9aa3eb2b3 Merge PR #5398 from @nasbench - Archive new rule references and update cache file 
Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-05-20 23:03:44 +02:00
phantinuss 19568ae667 chore: update pySigma validators 2025-05-08 11:00:04 +02:00
phantinuss 58cb9a11e3 chore: add tests/sigma_cli_conf.yml to tracked files 2025-05-05 10:17:15 +02:00
phantinuss f47604b735 chore: update pySigma validators 2025-04-30 11:31:22 +02:00
github-actions[bot] 36394d43a0 Merge PR #5250 from @nasbench - Archive new rule references and update cache file 
Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-04-17 00:41:06 +02:00
github-actions[bot] 4a3cb8b774 Merge PR #5230 from @nasbench - Archive new rule references and update cache file 
Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-03-16 03:08:28 +01:00
frack113 3ce034bb20 Merge PR #4858 from @frack113 - Add summary csv file, workflow and generation script for deprecated rules 
chore: add summary csv file, workflow and generation script for deprecated rules

---------

Co-authored-by: Nasreddine Bencherchali <monsteroffire2@gmail.com>
 2025-03-05 00:59:36 +01:00
github-actions[bot] 2b421e3fd7 Merge PR #5217 from @nasbench - Archive new rule references and update cache file 
Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-03-05 00:23:03 +01:00
github-actions[bot] c0aa75845b Merge PR #5194 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-02-17 12:04:58 +01:00
github-actions[bot] 1d8c84387f Merge PR #5178 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-02-03 18:22:38 +01:00
github-actions[bot] f3a3392bd2 Merge PR #5161 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-01-19 21:43:16 +01:00
github-actions[bot] 952d518f66 Merge PR #5150 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-01-06 15:35:53 +01:00
github-actions[bot] 0cb8e32d26 Merge PR #5130 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-12-16 13:42:23 +01:00
github-actions[bot] 4075c508d1 Merge PR #5101 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-12-01 13:39:50 +01:00
github-actions[bot] 4ec3e69de0 Merge PR #5080 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-11-17 23:44:45 +01:00
github-actions[bot] 04df2e483a Merge PR #5051 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-11-01 10:49:49 +01:00
github-actions[bot] 8ebc58cf42 Merge PR #5028 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-10-01 14:55:39 +02:00
github-actions[bot] 23c4c0b90c Merge PR #5009 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-09-18 23:55:08 +02:00
github-actions[bot] 9eb4dea0a6 Merge PR #4992 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-09-02 10:01:12 +02:00
github-actions[bot] 8bf0ef1253 Merge PR #4970 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-08-15 11:13:47 +02:00
Nasreddine Bencherchali 598d29f811 Merge PR #4950 from @nasbench - Comply With v2 Spec Changes 
chore: change tags, date, modified fields to comply with v2 of the Sigma spec.
chore: update the related type from `obsoletes` to `obsolete`.
chore: update local json schema to the latest version.
 2024-08-12 12:02:50 +02:00
peterydzynski ace902b68f Merge PR #4957 from @peterydzynski - Update regex for Powershell Token Obfuscation rules 
update: Powershell Token Obfuscation - Process Creation - Optimized used regex
update: Powershell Token Obfuscation - Powershell - Optimized used regex
chore: Fixed SigmaHQ conventions broken links
 2024-08-10 13:26:42 +02:00
frack113 51d0119a58 Merge PR #4959 from @frack113 - Freeze pySigma to 0.11.9 before migration to v2 
chore: freeze pySigma before migrating all rules to v2
 2024-08-10 11:26:33 +02:00
github-actions[bot] b8e67f13d5 Merge PR #4943 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-08-01 10:26:40 +02:00
Josh 6dd993aa24 Merge PR #4918 from @joshnck - Update goodlog-tests.yml 
chore: Update `goodlog-tests.yml` - Explicitly add the execute permission to the `.github/workflows/matchgrep.sh` via `chmod +x` 

---------

thanks: @joshnck
 2024-07-19 11:19:33 +02:00
github-actions[bot] 73f0078e92 Merge PR #4915 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-07-15 13:31:18 +02:00
Nasreddine Bencherchali c2915a678b Merge PR #4912 from @nasbench - update pySigma-validators-sigmahq to version 0.7.0 and sigma_cli_conf.yml 
chore: update `pySigma-validators-sigmahq` to version 0.7.0 and `sigma_cli_conf.yml`

---------

Co-authored-by: frack113 <62423083+frack113@users.noreply.github.com>
 2024-07-11 11:24:01 +02:00
github-actions[bot] 7682688ca9 Merge PR #4892 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-07-01 10:51:28 +02:00
github-actions[bot] 5a05ffc541 Merge PR #4879 from @nasbench - archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-06-20 11:44:19 +02:00
github-actions[bot] 3be29eb79e Merge PR #4868 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-06-03 10:28:40 +02:00
github-actions[bot] e9cb6fc400 Merge PR #4855 from @nasbench - Update rule ref archive cache 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-05-27 12:53:54 +02:00
frack113 7d6f32d1be Merge PR #4850 from @frack113 - Cleanup rule conditions to align with standard 
chore: Cleanup conditions
update: Scheduled Task Creation From Potential Suspicious Parent Location - Add additional "temporary folder" locations.

---------

Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com>
 2024-05-13 12:10:33 +02:00