blue-team-tools

Author	SHA1	Message	Date
gs3cl	122cb47d71	Gs3cl patch 1 (#3753 )	2022-12-05 10:39:58 +01:00
Mustafa Kaan Demir	27822a0827	DomainPasswordSpray Attacks Rule	2022-10-29 09:36:40 +02:00
Nasreddine Bencherchali	bb84e503fa	Merge branch 'master' into nasbench-rule-devel	2022-10-26 10:39:55 +02:00
$frack113$ frack113	1e5ae09c4b	Order yaml field	2022-10-26 09:43:39 +02:00
Nasreddine Bencherchali	ada1121447	Add Office Token Stealing Rules	2022-10-25 01:14:27 +02:00
Nasreddine Bencherchali	238e0ecd7d	Update Ref+Selection	2022-07-11 14:11:53 +01:00
Nasreddine Bencherchali	5e42c4086a	Add new PowerShell Function and Scripts	2022-06-28 22:18:44 +01:00
Tim Shelton	d3ef79018c	False positive - another amazon module filter	2022-06-08 19:00:12 +00:00
Nasreddine Bencherchali	6aad923023	Fix typo and Update Rule - Fixed typo in PowerShell definition to "enabled" - Removed leading space from "/af" flag in "msdt" rule as it can be used without leading space.	2022-06-01 15:54:40 +01:00
Tim Shelton	c1ef20761a	Fixing condition	2022-05-26 16:14:37 +00:00
Tim Shelton	9086efa5cd	Updating meta	2022-05-26 16:13:22 +00:00
Tim Shelton	295a984d89	Fixing order of items in yaml	2022-05-26 16:12:31 +00:00
Tim Shelton	879fccd266	merging locally	2022-05-26 15:27:13 +00:00
Tim Shelton	b78386d372	FP: ignore Amazon aws powershell	2022-05-26 14:45:00 +00:00
Nasreddine Bencherchali	c3d807f53a	Add More Malicious PowerShell Script/Cmdlet Names	2022-05-24 22:02:08 +01:00
phantinuss	4585133325	fix: remove penetration testing as a valid false positive	2022-03-16 13:51:26 +01:00
$frack113$ frack113	4631d0c482	remove invalid tag	2022-01-19 18:23:30 +01:00
$frack113$ frack113	65a268b0b3	Rename powershell_script	2022-01-15 10:54:21 +01:00

18 Commits