security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
16,483 Commits 1 Branch 57 Tags
b2acd800981e1c8d9f747173eb7803f0405cebd6
Commit Graph

8 Commits

Author SHA1 Message Date
Nasreddine Bencherchali 598d29f811 Merge PR #4950 from @nasbench - Comply With v2 Spec Changes 
chore: change tags, date, modified fields to comply with v2 of the Sigma spec.
chore: update the related type from `obsoletes` to `obsolete`.
chore: update local json schema to the latest version.
 2024-08-12 12:02:50 +02:00
Mostafa Moradian 73910a282f Merge PR #4630 from @mostafa - Add missing expand modifier to placeholder rules 
update: Account Created And Deleted By Non Approved Users - Add missing `expand` modifier
update: Authentication Occuring Outside Normal Business Hours - Add missing `expand` modifier
update: Privilege Role Elevation Not Occuring on SAW or PAW - Add missing `expand` modifier
update: Privilege Role Sign-In Outside Expected Controls - Add missing `expand` modifier
update: Privilege Role Sign-In Outside Of Normal Hours - Add missing `expand` modifier
update: Potential Zerologon (CVE-2020-1472) Exploitation - Add missing `expand` modifier
update: Potential Pass the Hash Activity - Add missing `expand` modifier
update: Interactive Logon to Server Systems - Add missing `expand` modifier
update: Remote Registry Management Using Reg Utility - Add missing `expand` modifier
 2023-12-18 11:14:28 +01:00
Nasreddine Bencherchali 95793d73bd Merge PR #4482 From @nasbench - Add New Automation Workflows 
chore: update workflows and add quality of life updates and automation to the repository

---------

Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-10-18 11:53:44 +02:00
frack113 020fc8061f Merge PR #4479 From @frack113 - Upgrade Rules Status 
chore: Upgrade status level from `experimental` to `test` for rules that have not changed in 300 days

---------

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com>
 2023-10-17 14:35:26 +02:00
Nasreddine Bencherchali 5dd4df421d fix: order placeholder rules and enhance descriptions 2022-12-13 11:31:12 +01:00
Nasreddine Bencherchali 5232094c71 fix: more fp found in testing and enhance fp metadata 2022-12-13 11:25:23 +01:00
Nasreddine Bencherchali 18e43cff02 Fix valid accounts tag 2022-10-05 17:18:01 +02:00
frack113 288461ddbe Order placerholder rules 2022-08-17 21:05:34 +02:00