 frack113
|
7060db3d47
|
Promotion rules (#3821)
* Promotion rules
* fix missing null
* fix: modified date
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
|
2022-12-27 12:29:10 +01:00 |
|
|
Nasreddine Bencherchali
|
025c1a4aae
|
fix: enhance logic and severity
|
2022-12-19 11:21:24 +01:00 |
|
|
frack113
|
9af4c20912
|
Merge pull request #3783 from nasbench/nasbench-rule-devel
feat: updates and enhancements
|
2022-12-14 13:19:46 +01:00 |
|
|
Nasreddine Bencherchali
|
5232094c71
|
fix: more fp found in testing and enhance fp metadata
|
2022-12-13 11:25:23 +01:00 |
|
|
sai prashanth pulisetti
|
5a46cd3efd
|
Create Abuse Nslookup with DNS Records (#3773)
Co-authored-by: frack113 <62423083+frack113@users.noreply.github.com>
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
|
2022-12-12 13:24:46 +01:00 |
|
|
frack113
|
0f3eefdc9c
|
Update title (#3746)
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
|
2022-12-02 18:10:43 +01:00 |
|
|
Nasreddine Bencherchali
|
5a70e402b3
|
Update rules
|
2022-11-09 16:13:17 +01:00 |
|
|
frack113
|
1e5ae09c4b
|
Order yaml field
|
2022-10-26 09:43:39 +02:00 |
|
|
frack113
|
cf7a348028
|
Fix related
|
2022-10-09 17:28:05 +02:00 |
|
|
frack113
|
931fb30853
|
old experimental rule promotion
|
2022-10-09 16:54:04 +02:00 |
|
|
Nasreddine Bencherchali
|
2c26614ce4
|
Update Wildcard + Int to Str fields
|
2022-10-05 23:15:20 +02:00 |
|
|
Nasreddine Bencherchali
|
9ef9103368
|
Update PowerShell + other rules
|
2022-08-05 17:10:41 +01:00 |
|
|
Nasreddine Bencherchali
|
238e0ecd7d
|
Update Ref+Selection
|
2022-07-11 14:11:53 +01:00 |
|
|
Nasreddine Bencherchali
|
b26c28972d
|
Add missing definition fields and references
|
2022-07-07 19:13:01 +01:00 |
|
|
Florian Roth
|
50b2fad091
|
Merge branch 'master' into aurora-false-positive-fixing
|
2022-06-20 13:43:36 +02:00 |
|
|
Florian Roth
|
72de90d2aa
|
fix: FPs
|
2022-06-20 12:52:23 +02:00 |
|
|
Florian Roth
|
f728893364
|
refactor: rule level adjustments - critical to high
|
2022-06-18 17:43:22 +02:00 |
|
|
David ANDRE
|
74b9f97b9c
|
Renamed suspicious in filenames to susp
|
2022-05-19 09:37:04 +02:00 |
|
|
phantinuss
|
84d0c472ba
|
fix: remove penetration test as valid false positive reason
|
2022-03-16 14:33:18 +01:00 |
|
|
phantinuss
|
b23eee6ebf
|
fix: unknown --> Unknown
|
2022-03-16 13:43:54 +01:00 |
|
|
Florian Roth
|
8012efa9b5
|
refactor: some adjustments
|
2022-03-04 16:34:15 +01:00 |
|
|
Florian Roth
|
921d46ca79
|
fix: FPs noticed with Aurora
|
2022-02-21 18:43:18 +01:00 |
|
|
frack113
|
4631d0c482
|
remove invalid tag
|
2022-01-19 18:23:30 +01:00 |
|
|
frack113
|
5fd339858a
|
Rename powershell_classic
|
2022-01-15 10:30:03 +01:00 |
|
|
frack113
|
73f258e2d1
|
Change double quote to quote
|
2022-01-06 14:02:35 +01:00 |
|
|
frack113
|
ee67779811
|
Windows T1049 RedCannary
|
2021-12-11 09:38:20 +01:00 |
|
|
frack113
|
4149fa8632
|
change to category: ps_classic_*
|
2021-10-16 08:26:51 +02:00 |
|
|
frack113
|
0d04b469f7
|
order powershell_classic
|
2021-10-07 07:40:53 +02:00 |
|