blue-team-tools

Author	SHA1	Message	Date
Nasreddine Bencherchali	598d29f811	Merge PR #4950 from @nasbench - Comply With v2 Spec Changes chore: change tags, date, modified fields to comply with v2 of the Sigma spec. chore: update the related type from `obsoletes` to `obsolete`. chore: update local json schema to the latest version.	2024-08-12 12:02:50 +02:00
$frack113$ frack113	48baf1187b	Merge PR #4752 from @frack113 - Update rules to use the `windash` modifier update: File Enumeration Via Dir Command - Update logic to use a wildcard in addition, for better accuracy. chore: update multiple rules to use the windash modifier --------- Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com>	2024-03-11 12:01:30 +01:00
$frack113$ frack113	020fc8061f	Merge PR #4479 From @frack113 - Upgrade Rules Status chore: Upgrade status level from `experimental` to `test` for rules that have not changed in 300 days --------- Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com> Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com>	2023-10-17 14:35:26 +02:00
Nasreddine Bencherchali	36b9716b27	Update proc_creation_win_esentutl_webcache.yml	2022-10-31 20:56:29 +01:00
$frack113$ frack113	1f8e37351e	order yaml	2022-10-28 15:06:36 +02:00
Nasreddine Bencherchali	d8a3ca6919	Updated Rules to Use OriginalFileName	2022-05-12 23:27:48 +01:00
phantinuss	6ae28b7a1c	fix: legitimate --> Legitimate	2022-03-16 14:35:19 +01:00
$frack113$ frack113	8bb3379b68	Normalization of rule names	2022-02-22 11:16:31 +01:00