security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
14,909 Commits 1 Branch 57 Tags
aa8c18c0a5b2cd78bba2d2ff0fe3fa975d116e95
Commit Graph

4550 Commits

Author SHA1 Message Date
frack113 ae45af68ab Update proc_creation_win_hktl_jlaive_batch_execution.yml 2023-02-22 17:13:48 +01:00
frack113 f2c3954e74 Update proc_creation_win_hktl_crackmapexec_execution_patterns.yml 2023-02-22 17:13:02 +01:00
Nasreddine Bencherchali 69c28fedbc fix: typo 
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-02-22 12:16:49 +01:00
Nasreddine Bencherchali 02d6d571cb fix: apply suggestions from 2nd code review 
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-02-22 12:15:49 +01:00
Nasreddine Bencherchali fc3c6ef4c7 fix: apply suggestions from code review 
Co-authored-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-02-22 11:05:50 +01:00
frack113 1a14cd58db Update proc_creation_win_msiexec_dll.yml 2023-02-22 06:34:02 +01:00
frack113 bc5ec4fc88 Update proc_creation_win_auditpol_susp_execution.yml 2023-02-22 06:26:30 +01:00
Nasreddine Bencherchali 5f1231b5f2 fix: unused selection 2023-02-21 22:25:34 +01:00
Nasreddine Bencherchali 63888f7a53 feat: multiple fixes and updates 2023-02-21 22:15:30 +01:00
Nasreddine Bencherchali 41e844e0cc fix: add missing modified 2023-02-20 17:08:48 +01:00
Wagga 7387648bb1 Update proc_creation_win_mstsc_remote_connection.yml 2023-02-20 14:13:26 +01:00
Wagga e7492c0f75 Update proc_creation_win_apt_cozy_bear_phishing_campaign_indicators.yml 2023-02-20 14:12:51 +01:00
Wagga fae6d7066a Update and rename proc_creation_win_apt_cozy_bear_phishing_campaing_indicators.yml to proc_creation_win_apt_cozy_bear_phishing_campaign_indicators.yml 2023-02-20 14:12:32 +01:00
Wagga 71b849146c Update proc_creation_win_certutil_export_pfx.yml 2023-02-20 14:11:48 +01:00
Nasreddine Bencherchali b1866adb07 Merge pull request #4049 from nasbench/nasbench-rule-devel 
feat: new rules, updates and fixes
 2023-02-20 13:44:04 +01:00
Nasreddine Bencherchali f0afc4cce6 fix: apply suggestions from code review 
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-02-20 12:06:37 +01:00
Nasreddine Bencherchali 1dba328ddc fix: add missing modified 2023-02-17 22:52:09 +01:00
Yamato Security 9c673bbb15 added other potential IEX strings 2023-02-18 05:51:40 +09:00
Nasreddine Bencherchali 68c052aab7 feat: updates and fixes 2023-02-17 17:51:44 +01:00
Nasreddine Bencherchali 164b3a36b6 Merge pull request #4043 from nasbench/certutil-other-updates 
feat: certutil rules updates + other fixes
 2023-02-16 11:45:08 +01:00
Nasreddine Bencherchali c56f7932e0 Merge pull request #4041 from nasbench/wmic-rules-updates 
feat: wmic rules update + other fixes
 2023-02-16 11:38:16 +01:00
Nasreddine Bencherchali 151171848a Merge pull request #4038 from nasbench/nasbench-rule-devel 
feat: updates and enhancements
 2023-02-16 11:30:15 +01:00
Nasreddine Bencherchali 416c10e0d3 fix: yaml error in description 2023-02-16 11:15:06 +01:00
Nasreddine Bencherchali 4142819114 fix: apply suggestions from code review 
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-02-16 11:06:57 +01:00
Nasreddine Bencherchali 362f4e4e60 fix: apply suggestions from code review 
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-02-16 11:05:38 +01:00
Nasreddine Bencherchali e2068c5cd0 Merge pull request #4001 from mbabinski/master 
feat: new rule related to Right-to-left override character in the CLI
 2023-02-16 10:54:13 +01:00
Nasreddine Bencherchali 088ff06cc3 fix: apply suggestions from code review 
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-02-16 10:46:29 +01:00
Nasreddine Bencherchali e2acd4a276 fix: add missing space 2023-02-16 01:40:01 +01:00
Nasreddine Bencherchali 927affe24a fix: update metadata 2023-02-16 01:39:16 +01:00
Micah Babinski 0634364e5c Updated rule with YAML unicode escaping 2023-02-15 14:54:37 -08:00
Nasreddine Bencherchali f951fc7536 fix: remove unrelated bitsadmin selection 2023-02-15 21:18:38 +01:00
Nasreddine Bencherchali d56da92948 fix: broken selection 2023-02-15 19:58:48 +01:00
Nasreddine Bencherchali 7ec76db26c Merge branch 'master' into wmic-rules-updates 2023-02-15 19:58:11 +01:00
Nasreddine Bencherchali 58e5201317 feat: update bitsadmin rules and other 2023-02-15 19:55:40 +01:00
Nasreddine Bencherchali c168a7ad00 feat: update certutil rules 2023-02-15 19:55:39 +01:00
Nasreddine Bencherchali 5aeedfa813 fix: increase severity 2023-02-14 23:35:09 +01:00
Nasreddine Bencherchali 8506dcaec8 feat: add related field 2023-02-14 23:34:14 +01:00
Nasreddine Bencherchali cbbf443eb5 feat: add localpotato binary rule 2023-02-14 19:57:26 +01:00
Nasreddine Bencherchali 514eeb63fd fix: typo in related field 2023-02-14 19:43:20 +01:00
Nasreddine Bencherchali 2ef681291a feat: more rules updates 2023-02-14 19:30:18 +01:00
Nasreddine Bencherchali 4f59a13d46 feat: update wmic rules 2023-02-14 19:30:18 +01:00
Nasreddine Bencherchali 568db7bb1e fix: apply suggestions from code review 2023-02-14 13:24:09 +01:00
Nasreddine Bencherchali ddf464b9de fix: add missing modified date 2023-02-14 01:11:42 +01:00
Nasreddine Bencherchali 492e35872c feat: more updates 2023-02-14 01:08:25 +01:00
Nasreddine Bencherchali cd345251c3 fix: broken selection 2023-02-14 00:52:52 +01:00
Nasreddine Bencherchali 27aac97639 feat: updates and enhancements 2023-02-14 00:51:20 +01:00
Nasreddine Bencherchali a79abaaf45 Merge pull request #4033 from qasimqlf/patch-32 
feat: add missing `OriginalFileName` field
 2023-02-13 14:48:10 +01:00
Qasim Qlf 1adec45ca6 fix: add OriginalFileName (#4032) 2023-02-13 14:40:54 +01:00
Qasim Qlf ab611c29ba fix: updated condition (#4031) 2023-02-13 14:37:33 +01:00
Qasim Qlf 7b435afa4d feat: add missing OriginalFileName field 2023-02-11 23:04:18 +05:00