security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,844 Commits 1 Branch 57 Tags
d1268d040cf2e6fa0f28a30a78fb4a44e5200289
Commit Graph

90 Commits

Author SHA1 Message Date
frack113 d1268d040c Change status and related 2022-02-03 06:53:50 +01:00
frack113 8eeadb9beb Add other browser 2022-02-03 06:38:43 +01:00
frack113 0bcb842c70 Redcannary windows 2022-01-30 18:47:49 +01:00
frack113 1aa7697ca8 Update posh_ps_clear_powershell_history.yml 2022-01-27 16:16:57 +01:00
Florian Roth d52602dd5e Update posh_ps_clear_powershell_history.yml 2022-01-26 18:09:09 +01:00
Florian Roth feedcee6bf Update posh_ps_clear_powershell_history.yml 2022-01-26 17:57:26 +01:00
frack113 818b20b949 add posh_ps_clear_powershell_history 2022-01-25 19:58:18 +01:00
frack113 8a47c56397 Merge pull request #2595 from frack113/red_20220123b 
Windows Redcannary
 2022-01-25 06:21:17 +01:00
frack113 f1959f25d7 Windows Redcannary 2022-01-23 16:37:59 +01:00
frack113 1b8fa21be1 Fix space 2022-01-23 11:40:35 +01:00
frack113 90334e7f7c Redcannary windows test 2022-01-23 11:37:01 +01:00
frack113 caa4c7f977 Add Redcannary Windows Rules 2022-01-19 20:40:43 +01:00
frack113 4631d0c482 remove invalid tag 2022-01-19 18:23:30 +01:00
frack113 3ec9f6d252 Merge pull request #2569 from frack113/red_20220116 
Windows Redcannary defense_evasion
 2022-01-17 06:36:41 +01:00
frack113 fc7485a07c Merge pull request #2567 from frack113/red_20220115 
Windows Redcannary
 2022-01-17 06:35:49 +01:00
frack113 12f0d6dfab Windows Redcannary 2022-01-16 14:47:56 +01:00
frack113 cb938c14df Windows Redcannary 2022-01-15 17:04:03 +01:00
frack113 65a268b0b3 Rename powershell_script 2022-01-15 10:54:21 +01:00
frack113 f4c6871b50 Merge pull request #2554 from frack113/red_2022012 
Windows Redcannary
 2022-01-13 22:26:48 +01:00
frack113 592485fac5 Windows Redcannary 2022-01-12 20:27:56 +01:00
phantinuss b6d4e39538 feat: check for the existence of a description field 
it is not mandatory in the sigma standard but
mandatory for this repository
 2022-01-12 12:55:49 +01:00
frack113 f7e670d55e Simple Quote 2022-01-11 13:40:53 +01:00
Florian Roth 11164849b3 Merge pull request #2543 from SigmaHQ/rule-devel 
Several new rules and some fixes
 2022-01-11 12:44:03 +01:00
Florian Roth e055ec1d52 refactor: change all " of them" expressions 2022-01-11 10:59:57 +01:00
Florian Roth 55d49b7e9b Merge branch 'master' into rule-devel 2022-01-11 08:20:29 +01:00
frack113 16f3fdb922 fix detection 2022-01-10 17:48:46 +01:00
Florian Roth ab761ce996 refactor: adjusted rule level 2022-01-09 16:13:25 +01:00
Florian Roth 68fea95772 Update posh_ps_suspicious_iofilestream.yml 2022-01-09 16:12:31 +01:00
frack113 01c6e5f6e3 Windows Redcannary 2022-01-09 12:37:23 +01:00
frack113 af99c75785 Windows Redcannary 2022-01-08 09:17:56 +01:00
frack113 33b5223ab7 fix quote 2022-01-06 14:09:09 +01:00
frack113 73f258e2d1 Change double quote to quote 2022-01-06 14:02:35 +01:00
frack113 601aa50587 Merge pull request #2507 from frack113/redcannary_20220102 
Windows Redcannary
 2022-01-03 12:38:05 +01:00
frack113 8b67ad069e Windows Redcannary 2022-01-02 10:36:52 +01:00
frack113 7eebc4d054 Windows redcannary 2022-01-01 08:42:40 +01:00
frack113 2eda4d51d5 Merge pull request #2500 from frack113/redcannary_20211229 
Windows Redcannary
 2021-12-31 17:29:09 +01:00
Florian Roth 07036fd2a7 Update powershell_ps_office_comobject_registerxll.yml 2021-12-31 15:48:41 +01:00
Florian Roth dde4d25b6b Update powershell_ps_directoryservices_accountmanagement.yml 2021-12-31 15:48:15 +01:00
frack113 5d5b3e83b1 Windows persistence 2021-12-30 11:58:10 +01:00
frack113 d8f5d3cca3 Windows Redcannay 2021-12-29 17:47:43 +01:00
frack113 1a877a5ccd Merge pull request #2495 from frack113/redcannary_20211227 
Windows redcannary rules
 2021-12-28 12:52:07 +01:00
Florian Roth 01021a585d Update powershell_ps_susp_win32_shadowcopy.yml 2021-12-28 12:04:14 +01:00
Florian Roth af3462f7e6 Update powershell_ps_susp_remove_adgroupmember.yml 2021-12-28 12:03:40 +01:00
frack113 744b7602c9 Windows redcannary rules 2021-12-27 20:25:01 +01:00
frack113 b967deaabd Windows Redcannary impact 2021-12-26 12:09:42 +01:00
frack113 0e31c23620 Merge pull request #2476 from frack113/redcannary_20211220 
Windows Redcannary
 2021-12-21 20:41:58 +01:00
frack113 e542c10e8e Fix error 2021-12-20 11:35:12 +01:00
frack113 96a42f3bb5 Windows redcannary 2021-12-20 10:43:32 +01:00
frack113 b89580488a Windows Redcannary 2021-12-19 11:20:42 +01:00
frack113 ab450e5782 Merge pull request #2458 from frack113/redcanary_20211216 
Windows Redcanary T1518.001 discovery
 2021-12-16 22:47:23 +01:00