security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
16,483 Commits 1 Branch 57 Tags
b2acd800981e1c8d9f747173eb7803f0405cebd6
Commit Graph

18 Commits

Author SHA1 Message Date
Fukusuke Takahashi 132482818e Merge PR #5007 from @fukusuket - Fix unreachable GitHub URL references 
chore: CVE-2021-1675 Print Spooler Exploitation Filename Pattern - Fix unreachable GitHub URL references
chore: HackTool - DInjector PowerShell Cradle Execution - Fix unreachable GitHub URL references
chore: InstallerFileTakeOver LPE CVE-2021-41379 File Create Event - Fix unreachable GitHub URL references
chore: LPE InstallerFileTakeOver PoC CVE-2021-41379  - Fix unreachable GitHub URL references
chore: Malicious PowerShell Scripts - FileCreation - Fix unreachable GitHub URL references
chore: Malicious PowerShell Scripts - PoshModule - Fix unreachable GitHub URL references
chore: Possible CVE-2021-1675 Print Spooler Exploitation - Fix unreachable GitHub URL references
chore: Potential NT API Stub Patching - Fix unreachable GitHub URL references
chore: Potential PrintNightmare Exploitation Attempt - Fix unreachable GitHub URL references
chore: Potential RDP Exploit CVE-2019-0708 - Fix unreachable GitHub URL references
chore: Potential SAM Database Dump - Fix unreachable GitHub URL references
chore: Scanner PoC for CVE-2019-0708 RDP RCE Vuln - Fix unreachable GitHub URL references
chore: Suspicious Rejected SMB Guest Logon From IP - Fix unreachable GitHub URL references
chore: Windows Spooler Service Suspicious Binary Load - Fix unreachable GitHub URL references
 2024-09-13 11:14:11 +02:00
Nasreddine Bencherchali 598d29f811 Merge PR #4950 from @nasbench - Comply With v2 Spec Changes 
chore: change tags, date, modified fields to comply with v2 of the Sigma spec.
chore: update the related type from `obsoletes` to `obsolete`.
chore: update local json schema to the latest version.
 2024-08-12 12:02:50 +02:00
Nasreddine Bencherchali 637d610884 chore: move rules to new folders (#4205) 2023-05-02 23:17:57 +02:00
Nasreddine Bencherchali 2710bf4710 feat: new rules, updates and fp fixes (#4162) 2023-04-11 13:04:22 +02:00
Nasreddine Bencherchali 587fbbce58 chore: update pipe-notation rules to unsupported 2023-02-24 19:54:14 +01:00
Nasreddine Bencherchali 7c38a5c496 chore: add nextron authors tag 2023-02-01 11:14:59 +01:00
frack113 8720356684 Update field name 2023-01-02 15:49:45 +01:00
frack113 8b749fb126 Order yaml field 2022-10-25 11:08:51 +02:00
frack113 931fb30853 old experimental rule promotion 2022-10-09 16:54:04 +02:00
Florian Roth 92b6ba95e6 reduce the timeframe to 1min 2022-09-16 09:12:08 +02:00
Florian Roth 860c45a038 added time frame 2022-09-09 17:07:45 +02:00
FabFaeb cfb90d0d01 merge 2022-09-07 16:54:28 +02:00
FabFaeb a8eb1ba972 rename rule 2022-09-07 16:52:09 +02:00
Florian Roth 3d9d90f43e Update win_susp_failed_admin_share_mount.yml 2022-09-02 17:24:28 +02:00
FabFaeb ab9e15f456 fix title 2022-09-01 17:05:32 +02:00
FabFaeb df2ef5a2ee added missing newline 2022-08-31 09:59:29 +02:00
FabFaeb 3a020ce499 added "failed admin share mount" rule 2022-08-31 09:57:09 +02:00
frack113 7053d42e43 move to builtin 2022-01-21 11:59:13 +01:00