security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
15,089 Commits 1 Branch 57 Tags
d14e287cdf91e2a8b995de5bfbc3fa8540c1922b
Commit Graph

15089 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
D4rkCiph3r afc6198da8 Update proc_creation_macos_binary_padding.yml 
Few minor changes, increasing the precision of the rule and reducing the possible false positives.
 2023-02-17 18:05:55 +05:30
Nasreddine Bencherchali 164b3a36b6 Merge pull request #4043 from nasbench/certutil-other-updates 
feat: certutil rules updates + other fixes
 2023-02-16 11:45:08 +01:00
Nasreddine Bencherchali c56f7932e0 Merge pull request #4041 from nasbench/wmic-rules-updates 
feat: wmic rules update + other fixes
 2023-02-16 11:38:16 +01:00
Nasreddine Bencherchali 151171848a Merge pull request #4038 from nasbench/nasbench-rule-devel 
feat: updates and enhancements
 2023-02-16 11:30:15 +01:00
Nasreddine Bencherchali 416c10e0d3 fix: yaml error in description 2023-02-16 11:15:06 +01:00
Nasreddine Bencherchali 4142819114 fix: apply suggestions from code review 
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-02-16 11:06:57 +01:00
Nasreddine Bencherchali 362f4e4e60 fix: apply suggestions from code review 
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-02-16 11:05:38 +01:00
Nasreddine Bencherchali e2068c5cd0 Merge pull request #4001 from mbabinski/master 
feat: new rule related to Right-to-left override character in the CLI
 2023-02-16 10:54:13 +01:00
Nasreddine Bencherchali 088ff06cc3 fix: apply suggestions from code review 
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
 2023-02-16 10:46:29 +01:00
Nasreddine Bencherchali e2acd4a276 fix: add missing space 2023-02-16 01:40:01 +01:00
Nasreddine Bencherchali 927affe24a fix: update metadata 2023-02-16 01:39:16 +01:00
Micah Babinski 0634364e5c Updated rule with YAML unicode escaping 2023-02-15 14:54:37 -08:00
Nasreddine Bencherchali f951fc7536 fix: remove unrelated bitsadmin selection 2023-02-15 21:18:38 +01:00
Nasreddine Bencherchali d56da92948 fix: broken selection 2023-02-15 19:58:48 +01:00
Nasreddine Bencherchali 7ec76db26c Merge branch 'master' into wmic-rules-updates 2023-02-15 19:58:11 +01:00
Nasreddine Bencherchali 58e5201317 feat: update bitsadmin rules and other 2023-02-15 19:55:40 +01:00
Nasreddine Bencherchali c168a7ad00 feat: update certutil rules 2023-02-15 19:55:39 +01:00
frack113 e52edb69c4 Merge pull request #4039 from fornotes/master 
Added New Rule for LPE via StorSvc DLL Hijack
 2023-02-15 19:18:39 +01:00
Nasreddine Bencherchali 39e957d7ee fix: update title 2023-02-15 19:11:39 +01:00
Nasreddine Bencherchali 33207aa7ab fix: change link to permalink 2023-02-15 13:37:05 +01:00
Nasreddine Bencherchali 2fd43cbe82 fix: typo in field 2023-02-15 13:27:56 +01:00
Nasreddine Bencherchali c99d1f1876 fix: add some missing fields 2023-02-15 13:25:59 +01:00
fornotes 8876b4ba01 added SprintCSP.dll for StorSvc DLL Hijack 2023-02-15 11:37:18 +00:00
Nasreddine Bencherchali 5b3f97776a Merge pull request #4042 from nasbench/localpotato-binary-rule 
feat: add localpotato binary rule
 2023-02-15 12:30:41 +01:00
fornotes c42db7489d Merge branch 'SigmaHQ:master' into master 2023-02-15 11:30:22 +00:00
fornotes 96d774babd removed file_event_win_storsvc_dll_hijack.yml 
as suggested by  nasbench
 2023-02-15 11:29:57 +00:00
Moti-H ff4242dadd feat: add new application vulnerability rules (#4034) 2023-02-15 12:29:53 +01:00
fornotes 51ed166480 Merge branch 'SigmaHQ:master' into master 2023-02-15 11:26:53 +00:00
Nasreddine Bencherchali 5aeedfa813 fix: increase severity 2023-02-14 23:35:09 +01:00
Nasreddine Bencherchali 8506dcaec8 feat: add related field 2023-02-14 23:34:14 +01:00
Nasreddine Bencherchali cbbf443eb5 feat: add localpotato binary rule 2023-02-14 19:57:26 +01:00
Nasreddine Bencherchali 514eeb63fd fix: typo in related field 2023-02-14 19:43:20 +01:00
Nasreddine Bencherchali 7b86bea7ac fix: add missing modified 2023-02-14 19:30:19 +01:00
Nasreddine Bencherchali 2ef681291a feat: more rules updates 2023-02-14 19:30:18 +01:00
Nasreddine Bencherchali 4f59a13d46 feat: update wmic rules 2023-02-14 19:30:18 +01:00
IsaAlMannaei d9d9227910 feat: new rule related to CVE-2022-21587 (#4037) 2023-02-14 14:30:12 +01:00
Nasreddine Bencherchali 568db7bb1e fix: apply suggestions from code review 2023-02-14 13:24:09 +01:00
fornotes c0bda80e3e Added file_event_win_storsvc_dll_hijack.yml 2023-02-14 15:06:53 +05:30
Nasreddine Bencherchali ddf464b9de fix: add missing modified date 2023-02-14 01:11:42 +01:00
Nasreddine Bencherchali 492e35872c feat: more updates 2023-02-14 01:08:25 +01:00
Nasreddine Bencherchali cd345251c3 fix: broken selection 2023-02-14 00:52:52 +01:00
Nasreddine Bencherchali 27aac97639 feat: updates and enhancements 2023-02-14 00:51:20 +01:00
Nasreddine Bencherchali a79abaaf45 Merge pull request #4033 from qasimqlf/patch-32 
feat: add missing `OriginalFileName` field
 2023-02-13 14:48:10 +01:00
Qasim Qlf 1adec45ca6 fix: add OriginalFileName (#4032) 2023-02-13 14:40:54 +01:00
Qasim Qlf ab611c29ba fix: updated condition (#4031) 2023-02-13 14:37:33 +01:00
Qasim Qlf 7b435afa4d feat: add missing OriginalFileName field 2023-02-11 23:04:18 +05:00
frack113 da61cf17bd Merge pull request #4028 from securepeacock/patch-39 
Create proc_creation_win_userdomain_variable_enumeration.yml
 2023-02-11 07:23:32 +01:00
Nasreddine Bencherchali 095b41370f Merge pull request #4027 from nasbench/nasbench-rule-devel 
feat: updates and enhancements
 2023-02-10 10:59:14 +01:00
Nasreddine Bencherchali 6623dec47b fix: some stylistic issues 2023-02-10 10:56:37 +01:00
Nasreddine Bencherchali 1d89b041ae fix: change title from domain to wbesites 2023-02-10 10:49:52 +01:00