security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
15,089 Commits 1 Branch 57 Tags
d14e287cdf91e2a8b995de5bfbc3fa8540c1922b
Commit Graph

312 Commits

Author SHA1 Message Date
Nasreddine Bencherchali 64295b1ed7 fix: remove unnecessary filter 2023-03-15 00:11:35 +01:00
Nasreddine Bencherchali d36f7e9819 fix: fp found in testing 2023-03-14 23:58:04 +01:00
Zeta 9da9da80d3 Update ATT&CK Techniques and Tactics (#4096) 2023-03-10 01:21:42 +01:00
frack113 d8a7228c68 Add MicrosoftRedirectionURL 2023-03-05 15:10:18 +01:00
Nasreddine Bencherchali 09110727fd fix: change to permalink 
Co-authored-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-02-23 10:47:52 +01:00
securepeacock 807b41c003 Update registry_set_wdigest_enable_uselogoncredential.yml 
Added Atomic Red Team test in references.
 2023-02-22 15:38:12 -05:00
Nasreddine Bencherchali 6a0b38291f fix: fp found in baseline 2023-02-17 23:16:42 +01:00
Nasreddine Bencherchali ee7d1d9890 feat: add reference 2023-02-17 19:58:26 +01:00
Nasreddine Bencherchali 787ea00ff7 feat: new rule for events.asp technique 2023-02-17 19:41:14 +01:00
Nasreddine Bencherchali 68c052aab7 feat: updates and fixes 2023-02-17 17:51:44 +01:00
Nasreddine Bencherchali c4d8be3780 fix: duplicate titles 2023-02-09 16:06:09 +01:00
Nasreddine Bencherchali da012ad80d fix: resolves #4014 2023-02-09 15:48:13 +01:00
Nasreddine Bencherchali 6d14a14f9e fix: typos 
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-02-09 13:09:46 +01:00
Nasreddine Bencherchali a24012b2b5 fix: apply suggestions 2023-02-09 10:41:41 +01:00
Nasreddine Bencherchali 4bb2beeb15 fix: duplicate ids and small updates 2023-02-08 19:36:55 +01:00
Nasreddine Bencherchali 0717634671 feat: updates and enhancements 2023-02-08 19:12:35 +01:00
Nasreddine Bencherchali a19a75b0b0 fix: resolves #4015 2023-02-07 14:33:56 +01:00
Wagga 273fdb9985 fix: typos in multiple rules (#4011) 2023-02-06 13:53:23 +01:00
Nasreddine Bencherchali 1f34cecadf fix: multiple typos 
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-02-06 12:28:45 +01:00
Nasreddine Bencherchali 68f0833cbc feat: more fixes and updates 2023-02-05 21:46:22 +01:00
Nasreddine Bencherchali 307ecf5694 fix: typos in titles and descriptions of rules 
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-02-02 19:40:01 +01:00
Nasreddine Bencherchali d08acc18ae fix: add missing modified field 2023-02-02 00:28:32 +01:00
Nasreddine Bencherchali 0663b4e3f4 feat: more updates 2023-02-02 00:24:35 +01:00
Nasreddine Bencherchali 7c38a5c496 chore: add nextron authors tag 2023-02-01 11:14:59 +01:00
Qasim Qlf 4938f9b44c Rename registry_set_persistance_xll.yml to registry_set_persistence_xll.yml 
Updated persistance to persistence
 2023-01-30 14:33:49 +05:00
frack113 1948b1cb6d Merge pull request #3965 from frack113/pormotion_status 
change status to test
 2023-01-27 17:56:12 +01:00
frack113 dabf286c17 Merge pull request #3966 from frack113/PendingFileRenameOperations 
Add registry_set_susp_pendingfilerenameoperations
 2023-01-27 17:55:51 +01:00
frack113 7ea3db18f7 Fix test errors 2023-01-27 15:09:43 +01:00
Nasreddine Bencherchali 35dabc529c fix: update metadata 2023-01-27 13:55:19 +01:00
frack113 5087b95155 Merge remote-tracking branch 'upstream/master' into pormotion_status 2023-01-27 11:29:27 +01:00
frack113 0f9ce8de60 Update registry_set_susp_pendingfilerenameoperations.yml 2023-01-27 11:09:45 +01:00
frack113 40dffb5c92 Add registry_set_susp_pendingfilerenameoperations 2023-01-27 10:49:58 +01:00
frack113 1033b3f404 change status to test 2023-01-27 06:48:34 +01:00
Nasreddine Bencherchali c538550b03 feat: updates and fixes 2023-01-26 22:42:56 +01:00
Nasreddine Bencherchali ae0fe8393e fix: optimize pwsh reg logging tamper rule 2023-01-21 12:28:28 +01:00
Nasreddine Bencherchali 5710475311 feat: update pwsh reg logging tamper 2023-01-20 16:19:50 +01:00
Nasreddine Bencherchali 6d6721ba24 fix: reposition selection for readability 2023-01-20 09:46:24 +01:00
Nasreddine Bencherchali d9f37de1cf fix: fp found in testing 2023-01-19 18:47:11 +01:00
Nasreddine Bencherchali e213252c4c feat: logic update to multiple rules 2023-01-19 16:37:10 +01:00
Nasreddine Bencherchali 3a473b8313 fix: small metadata fixes 2023-01-18 23:30:40 +01:00
Nasreddine Bencherchali 02e4a5112d fix: fp found in testing 2023-01-18 18:41:07 +01:00
Nasreddine Bencherchali 679207b6c4 fix: update metadata 2023-01-16 11:15:45 +01:00
frack113 c3f285d945 Add redcannary rules 2023-01-15 12:01:11 +01:00
Nasreddine Bencherchali 8707345be7 fix: add related metadata 2023-01-13 17:21:21 +01:00
frack113 1b11e29fef Move rules 2023-01-13 12:15:08 +01:00
Nasreddine Bencherchali 90c1e45d83 feat: add new reg variant of dev mode 2023-01-12 15:05:53 +01:00
Nasreddine Bencherchali 0470f45246 fix: apply suggestions from code review 
Co-authored-by: frack113 <62423083+frack113@users.noreply.github.com>
 2023-01-12 10:36:13 +01:00
Nasreddine Bencherchali d0b2e2cbba fix: more fp and duplicate id 2023-01-11 23:47:12 +01:00
Nasreddine Bencherchali b6b1eba014 fix: fp and add related fields 2023-01-11 23:39:15 +01:00
Nasreddine Bencherchali debd658aac feat: new rules related to appx packages 2023-01-11 23:04:37 +01:00