security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions 45 Packages Projects Releases Wiki Activity
16,507 Commits 1 Branch 57 Tags
a55bc212ad50e92aed59adf9b2842b818ef38b5c
Commit Graph

198 Commits

Author SHA1 Message Date
github-actions[bot] ff2c7bf284 Merge PR #5507 from @nasbench - archive new rule references and update cache file 
Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-07-01 10:53:58 +02:00
github-actions[bot] be3f2bc7bd Merge PR #5505 from @phantinuss - Update ATT&CK Heatmap Coverage 
chore: update ATT&CK heatmap
chore: add updated ATT&CK coverage image
chore: point heatmap link to master

---------

Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2025-07-01 10:48:15 +02:00
Cameron Roberts bdba8881c8 Merge PR #5213 from @JrOrOneEquals1 - Workflow to update ATT%CK heatmap json 
chore: workflow - auto-update ATT&CK heatmap
---------

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2025-06-24 13:16:34 +02:00
github-actions[bot] df556b9675 Merge PR #5480 from @phantinuss - Archive new rule references and update cache file 
chore: archive new rule references and update cache file
 2025-06-16 12:55:39 +02:00
Ariel Otilibili a1c9827a35 Merge PR #5402 from @ariel-anieli - feat: add JSON output format for deprecated rule summary 
chore: tests/deprecated_rules.py - add json output format
chore: add deprecated/deprecated.json
chore: update README and workflow job accordingly

---------

Signed-off-by: Ariel Otilibili <otilibil@eurecom.fr>
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2025-06-13 10:59:34 +02:00
phantinuss dbf8921652 chore: fix typo as suggested in #5472 2025-06-12 12:41:09 +02:00
phantinuss a38664c771 Merge PR #5443 from @phantinuss - Pin Sigma Validator package to minor version only 
chore: Pin Sigma Validator package to minor version only
 2025-06-04 14:58:58 +02:00
github-actions[bot] f3948c7bdf Merge PR #5449 from @nasbench - Archive new rule references and update cache file 
Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-06-02 13:29:26 +02:00
phantinuss 8259948a3f Merge PR #5421 from @phantinuss - Update evtx-baseline 
chore: update evtx-baseline
 2025-05-20 23:15:57 +02:00
github-actions[bot] e9aa3eb2b3 Merge PR #5398 from @nasbench - Archive new rule references and update cache file 
Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-05-20 23:03:44 +02:00
phantinuss 19568ae667 chore: update pySigma validators 2025-05-08 11:00:04 +02:00
phantinuss 58cb9a11e3 chore: add tests/sigma_cli_conf.yml to tracked files 2025-05-05 10:17:15 +02:00
phantinuss f47604b735 chore: update pySigma validators 2025-04-30 11:31:22 +02:00
github-actions[bot] 36394d43a0 Merge PR #5250 from @nasbench - Archive new rule references and update cache file 
Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-04-17 00:41:06 +02:00
github-actions[bot] 4a3cb8b774 Merge PR #5230 from @nasbench - Archive new rule references and update cache file 
Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-03-16 03:08:28 +01:00
frack113 3ce034bb20 Merge PR #4858 from @frack113 - Add summary csv file, workflow and generation script for deprecated rules 
chore: add summary csv file, workflow and generation script for deprecated rules

---------

Co-authored-by: Nasreddine Bencherchali <monsteroffire2@gmail.com>
 2025-03-05 00:59:36 +01:00
github-actions[bot] 2b421e3fd7 Merge PR #5217 from @nasbench - Archive new rule references and update cache file 
Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-03-05 00:23:03 +01:00
github-actions[bot] c0aa75845b Merge PR #5194 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-02-17 12:04:58 +01:00
github-actions[bot] 1d8c84387f Merge PR #5178 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-02-03 18:22:38 +01:00
github-actions[bot] f3a3392bd2 Merge PR #5161 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-01-19 21:43:16 +01:00
github-actions[bot] 952d518f66 Merge PR #5150 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2025-01-06 15:35:53 +01:00
github-actions[bot] 0cb8e32d26 Merge PR #5130 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-12-16 13:42:23 +01:00
github-actions[bot] 4075c508d1 Merge PR #5101 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-12-01 13:39:50 +01:00
github-actions[bot] 4ec3e69de0 Merge PR #5080 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-11-17 23:44:45 +01:00
github-actions[bot] 04df2e483a Merge PR #5051 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-11-01 10:49:49 +01:00
github-actions[bot] 8ebc58cf42 Merge PR #5028 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-10-01 14:55:39 +02:00
github-actions[bot] 23c4c0b90c Merge PR #5009 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-09-18 23:55:08 +02:00
github-actions[bot] 9eb4dea0a6 Merge PR #4992 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-09-02 10:01:12 +02:00
github-actions[bot] 8bf0ef1253 Merge PR #4970 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-08-15 11:13:47 +02:00
Nasreddine Bencherchali 598d29f811 Merge PR #4950 from @nasbench - Comply With v2 Spec Changes 
chore: change tags, date, modified fields to comply with v2 of the Sigma spec.
chore: update the related type from `obsoletes` to `obsolete`.
chore: update local json schema to the latest version.
 2024-08-12 12:02:50 +02:00
peterydzynski ace902b68f Merge PR #4957 from @peterydzynski - Update regex for Powershell Token Obfuscation rules 
update: Powershell Token Obfuscation - Process Creation - Optimized used regex
update: Powershell Token Obfuscation - Powershell - Optimized used regex
chore: Fixed SigmaHQ conventions broken links
 2024-08-10 13:26:42 +02:00
frack113 51d0119a58 Merge PR #4959 from @frack113 - Freeze pySigma to 0.11.9 before migration to v2 
chore: freeze pySigma before migrating all rules to v2
 2024-08-10 11:26:33 +02:00
github-actions[bot] b8e67f13d5 Merge PR #4943 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-08-01 10:26:40 +02:00
Josh 6dd993aa24 Merge PR #4918 from @joshnck - Update goodlog-tests.yml 
chore: Update `goodlog-tests.yml` - Explicitly add the execute permission to the `.github/workflows/matchgrep.sh` via `chmod +x` 

---------

thanks: @joshnck
 2024-07-19 11:19:33 +02:00
github-actions[bot] 73f0078e92 Merge PR #4915 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-07-15 13:31:18 +02:00
Nasreddine Bencherchali c2915a678b Merge PR #4912 from @nasbench - update pySigma-validators-sigmahq to version 0.7.0 and sigma_cli_conf.yml 
chore: update `pySigma-validators-sigmahq` to version 0.7.0 and `sigma_cli_conf.yml`

---------

Co-authored-by: frack113 <62423083+frack113@users.noreply.github.com>
 2024-07-11 11:24:01 +02:00
github-actions[bot] 7682688ca9 Merge PR #4892 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-07-01 10:51:28 +02:00
github-actions[bot] 5a05ffc541 Merge PR #4879 from @nasbench - archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-06-20 11:44:19 +02:00
github-actions[bot] 3be29eb79e Merge PR #4868 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-06-03 10:28:40 +02:00
github-actions[bot] e9cb6fc400 Merge PR #4855 from @nasbench - Update rule ref archive cache 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-05-27 12:53:54 +02:00
frack113 7d6f32d1be Merge PR #4850 from @frack113 - Cleanup rule conditions to align with standard 
chore: Cleanup conditions
update: Scheduled Task Creation From Potential Suspicious Parent Location - Add additional "temporary folder" locations.

---------

Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com>
 2024-05-13 12:10:33 +02:00
frack113 2cfa9a2d1f Merge PR #4847 from @frack113 - Update test Workflow to use pySigma-validators-sigmahq 
chore: update workflow to use "pySigma-validators-sigmahq"
 2024-05-10 10:32:54 +02:00
github-actions[bot] 45b93fcfab Merge PR #4842 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file
 2024-05-02 10:33:45 +02:00
github-actions[bot] 9104b4d22b Merge PR #4816 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file
 2024-04-15 10:25:48 +02:00
github-actions[bot] 720397d731 Merge PR #4792 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file

Co-authored-by: nasbench <nasbench@users.noreply.github.com>
 2024-04-01 15:13:17 +02:00
Mostafa Moradian 49adcf9a00 Merge PR #4775 from @mostafa - change action name to sigma-rules-validator 
chore: change action name to sigma-rules-validator

Thanks: @mostafa
 2024-03-18 16:44:59 +01:00
frack113 b24da5c685 Merge PR #4771 from @frack113 - Fix false positive found in testing 
update: Uncommon Outbound Kerberos Connection - Security - Update filter to include device type paths and reduce the level to "medium"
update: Uncommon Outbound Kerberos Connection - Update filters to include tomcat and reduce the level to "medium"
 
---------

Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com>
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2024-03-18 12:00:59 +01:00
Mostafa Moradian d52189daa3 Merge PR #4772 from @mostafa - update sigma validation CI workflow to fix errors 
chore: update sigma validation CI workflow to fix errors.
 2024-03-15 18:21:15 +01:00
Mostafa Moradian 416de03cdc Merge PR #4769 from @mostafa - Update sigma validation workflow 
chore: Add comment to the code
chore: Ignore inaccessible file
chore: Switch to using the action for validating Sigma rules

Thanks: @mostafa
 2024-03-15 11:03:15 +01:00
github-actions[bot] 250e7d7fa8 Merge PR #4770 from @nasbench - Archive new rule references and update cache file 
chore: archive new rule references and update cache file
 2024-03-15 11:02:08 +01:00