security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
15,089 Commits 1 Branch 57 Tags
d14e287cdf91e2a8b995de5bfbc3fa8540c1922b
Commit Graph

758 Commits

Author SHA1 Message Date
Yugoslavskiy Daniil 34591f9f64 add lnx_system_network_connections_discovery.yml, oscd initiative issue #1011, task number 8 2020-10-20 01:17:06 +02:00
Yugoslavskiy Daniil 941fbebcdc add macos_system_network_connections_discovery.yml, oscd initiative issue #1012, task number 14 2020-10-20 01:14:56 +02:00
Yugoslavskiy Daniil 272fbcc378 fix title 2020-10-20 00:47:02 +02:00
Yugoslavskiy Daniil f0060dec67 fix title 2020-10-20 00:44:23 +02:00
Yugoslavskiy Daniil 1ecb2c1932 add lnx_base64_decode.yml, oscd initiative issue #1011, task number 4 2020-10-20 00:39:06 +02:00
Yugoslavskiy Daniil 8b01062d17 add lnx_base64_decode.yml, oscd initiative issue #1011, task number 4 2020-10-20 00:37:53 +02:00
Yugoslavskiy Daniil cc3ef973c0 add macos_base64_decode.yml, oscd initiative issue #1012, task number 3 2020-10-20 00:36:21 +02:00
Tim I 0323e50011 Detect credential access for macOS via Keychain 2020-10-19 23:37:46 +03:00
Mikhail Larin f75654a3f5 fix indentation 2020-10-19 18:19:38 +03:00
Mikhail Larin fe6459d07e commit to restart checker 2020-10-19 17:20:43 +03:00
Mikhail Larin ddc2d2635d fix wrong tactic 2020-10-19 17:16:22 +03:00
Mikhail Larin 42cc1dc552 fix non-present binary 2020-10-19 17:01:23 +03:00
Mikhail Larin e0e81b5c25 fix newlines 2020-10-19 16:45:42 +03:00
Mikhail Larin a64a70f7ed fix nelwines 2020-10-19 16:44:18 +03:00
Mikhail Larin 85adbc3137 fix newlines 2020-10-19 16:42:43 +03:00
Mikhail Larin 008260b0e4 fix newlines 2020-10-19 16:41:24 +03:00
Mikhail Larin 058c77f6a6 fix newlines 2020-10-19 16:39:41 +03:00
Mikhail Larin dc320e5be2 t1552.001 for lin/macOS 2020-10-19 16:34:13 +03:00
Mikhail Larin c460dcf5de t1552.001 for lin/macos 2020-10-19 16:32:01 +03:00
Mikhail Larin d7e8a802bd t1552.001 for Lin/macOS 2020-10-19 16:28:43 +03:00
Mikhail Larin d9fba92adf t1030 for lin/macos 2020-10-19 16:25:31 +03:00
Mikhail Larin c9ca0a79b6 t1070.006 for lin/macos 2020-10-19 16:17:04 +03:00
Alejandro Ortuno 41f5d7e876 Adding Ömer as leading author 2020-10-18 20:30:32 +02:00
Alejandro Ortuno 8a43dec5a3 Adding Ömer as the leading author 2020-10-18 20:28:55 +02:00
yugoslavskiy cb8cbf5a17 Update lnx_schedule_task_job_cron.yml 
to trigger a test once again)
 2020-10-17 22:25:52 +02:00
yugoslavskiy d6b64f2caf Update lnx_schedule_task_job_cron.yml 
to trigger a test
 2020-10-17 22:22:20 +02:00
remotephone 48cabeafe5 Updated author section 2020-10-16 22:02:58 -05:00
remotephone 8f6ce25bab Merge changes from pull 1084 with this one 
https://github.com/Neo23x0/sigma/pull/1084 includes some commands I missed. This merges both and creates an OR selection condition to match both possible conditions.
 2020-10-16 22:01:44 -05:00
remotephone ffde8b0208 Update to handle different file locations 2020-10-16 21:54:41 -05:00
Mikhail Larin 29f2f1acfe added fish to macos rule 2020-10-17 02:37:21 +03:00
Mikhail Larin 65854752a9 additional shells for both rules fix 2020-10-17 02:33:32 +03:00
Mikhail Larin fb3bee0cad title fix 2020-10-17 02:17:40 +03:00
Mikhail Larin 9b568df527 Lin/Mac T1552.003 2020-10-17 02:06:01 +03:00
Ömer Günal 26bb43eaf6 Update lnx_system_info_discovery.yml 2020-10-16 23:00:44 +03:00
Ömer Günal a01c04018c Update lnx_password_policy_discovery.yml 2020-10-16 22:52:15 +03:00
Ömer Günal bf12c73118 Update at_command.yml 2020-10-16 22:49:40 +03:00
Ömer Günal 723df2f15b Update lnx_system_info_discovery.yml 2020-10-16 21:08:01 +03:00
Ömer Günal f7fbfda794 Update lnx_system_info_discovery.yml 2020-10-16 20:53:00 +03:00
Ömer Günal 2fa7008363 change reference 2020-10-16 20:42:12 +03:00
Ömer Günal bca3c80f43 Update lnx_clear_logs.yml 2020-10-16 20:39:26 +03:00
Ömer Günal 5c34e69fc9 Update lnx_process_discovery.yml 2020-10-16 10:58:51 +03:00
Ömer Günal 0b30835b7b Update at_command.yml 2020-10-16 10:56:06 +03:00
Ömer Günal 373c637e66 Update lnx_install_root_certificate.yml 2020-10-16 10:55:31 +03:00
Ömer Günal 27dcad8ffe Update lnx_process_discovery.yml 2020-10-16 10:52:54 +03:00
Ömer Günal 68e843f0d3 Update lnx_system_info_discovery.yml 2020-10-16 10:48:36 +03:00
Ömer Günal 38c7cb7406 Update lnx_password_policy_discovery.yml 2020-10-16 10:38:36 +03:00
Ömer Günal f1a6e980e5 added category 2020-10-16 10:33:50 +03:00
Ömer Günal 46e887ef38 Update lnx_clear_logs.yml 2020-10-16 10:32:25 +03:00
Jonhnathan 3361b62cc2 Update lnx_auditd_susp_exe_folders.yml 2020-10-15 23:09:06 -03:00
Jonhnathan d655ebf092 Update lnx_auditd_masquerading_crond.yml 2020-10-15 23:08:08 -03:00