security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,511 Commits 1 Branch 57 Tags
e91fc4486e57fc40e30d12253694de4c80a9e4ea
Commit Graph

582 Commits

Author SHA1 Message Date
Ömer Günal 708a28e307 Delete lnx_space_after_filename.yml 2020-07-13 01:26:37 +03:00
Ömer Günal af6ad5a41b Delete lnx_setuid_setgid.yml 2020-07-13 01:26:29 +03:00
Ömer Günal 64a9b6e098 Delete lnx_disabling_security_tools.yml 2020-07-13 01:26:11 +03:00
Ömer Günal 7466c8d425 Delete lnx_connection_proxy.yml 2020-07-13 01:26:03 +03:00
Ömer Günal 7ce16d1bbc Update lnx_space_after_filename.yml 2020-07-13 01:07:32 +03:00
Ömer Günal 47a2f1bc94 Update lnx_space_after_filename.yml 2020-07-03 18:56:51 +03:00
Ömer Günal 51363d8a87 Update lnx_setuid_setgid.yml 2020-07-03 18:56:40 +03:00
Ömer Günal 87346d4b94 Update lnx_disabling_security_tools.yml 2020-07-03 18:56:30 +03:00
Ömer Günal 64afd6e7ee Update lnx_connection_proxy.yml 2020-07-03 18:56:19 +03:00
Florian Roth 26d8810efb Merge pull request #882 from Neo23x0/rule-devel 
Rule devel
 2020-07-03 15:33:55 +02:00
Florian Roth 8a0262d1a2 fix: in linux keyword expression 2020-07-03 15:08:20 +02:00
Florian Roth 5dd5b87f43 rule: guacamole exploitation detection 2020-07-03 13:20:03 +02:00
Florian Roth fa452bf3e5 Merge pull request #849 from omergunal/ogunal-1 
Rules for detecting suspicious remote file copy
 2020-07-03 11:59:45 +02:00
Florian Roth b9966a173c Update lnx_file_copy.yml 2020-07-03 11:32:49 +02:00
Ömer Günal 4eb97ec43d Update lnx_file_copy.yml 2020-06-22 21:35:50 +03:00
Ömer Günal d17e0ae6eb typo 2020-06-20 23:04:52 +03:00
Ömer Günal 93719d8a01 Merge pull request #1 from omergunal/omergunal-patch-1 
Remote file copy
 2020-06-18 23:56:29 +03:00
Ömer Günal 40a07a2d4f Delete lnx_sudo_enumeration.yml 2020-06-18 23:55:24 +03:00
Ömer Günal d87b0c95a4 Delete lnx_trap.yml 2020-06-18 23:55:16 +03:00
Ömer Günal 8db7c3207a Delete lnx_sudo_caching.yml 2020-06-18 23:54:43 +03:00
Ömer Günal 5bc72b6cba Delete lnx_space_after_filename.yml 2020-06-18 23:54:28 +03:00
Ömer Günal f10440b9fa Delete lnx_setuid_setgid.yml 2020-06-18 23:54:20 +03:00
Ömer Günal 6c8d104e7d Delete lnx_disabling_security_tools.yml 2020-06-18 23:54:06 +03:00
Ömer Günal 84c4683607 Delete lnx_connection_proxy.yml 2020-06-18 23:53:43 +03:00
Ömer Günal c6c455a3ec Remote file copy 2020-06-18 23:37:49 +03:00
Ömer Günal 9bfc3d6807 Delete lnx_file_copy.yml 2020-06-18 23:37:12 +03:00
Ömer Günal a963630db8 Remote File Copy 2020-06-18 23:36:29 +03:00
Ömer Günal 3a607abe33 Update lnx_trap.yml 2020-06-17 19:51:53 +03:00
Ömer Günal 7b86f4aefb Update lnx_trap.yml 2020-06-17 19:47:31 +03:00
Ömer Günal ebbd32d2e1 file extension 2020-06-17 19:43:57 +03:00
Ömer Günal f989f7e155 file extension 2020-06-17 19:43:49 +03:00
Ömer Günal 772c03c49a Connection Proxy 2020-06-17 19:39:55 +03:00
Ömer Günal 9d285ecf74 Trap 2020-06-17 19:39:00 +03:00
Ömer Günal d0b66ab828 Space After Filename 2020-06-17 19:38:38 +03:00
Ömer Günal 3b8fb9e3d8 Disabling Security Tools 2020-06-17 19:38:10 +03:00
Ivan Kirillov 0fbfcc6ba9 Initial round of subtechnique updates 2020-06-16 14:46:08 -06:00
Florian Roth fd2429bd34 Update lnx_setuid_setgid.yml 2020-06-16 19:46:50 +02:00
Florian Roth 06fe720165 Update lnx_sudo_enumeration.yml 2020-06-16 19:33:39 +02:00
Florian Roth 545c05d4d3 Update lnx_setuid_setgid.yml 2020-06-16 19:31:34 +02:00
Ömer Günal 0027415fa2 Update lnx_setuid_setgid.yml 2020-06-16 20:26:50 +03:00
Ömer Günal 41b2309418 file type changed 2020-06-16 20:24:09 +03:00
Ömer Günal 0d0058da43 added id 2020-06-16 20:21:07 +03:00
Ömer Günal bbcd506fb1 added id 2020-06-16 20:21:02 +03:00
Ömer Günal ace575aaa6 added id 2020-06-16 20:20:42 +03:00
Ömer Günal 4b1557a587 Setuid and Setgid 
Detects suspicious change of file privileges with chown and chmod commands
 2020-06-16 20:12:24 +03:00
Ömer Günal b7e1c6750c sudo caching 
attack.t1206
 2020-06-16 19:31:02 +03:00
Ömer Günal e43f13ed67 Update lnx_sudo_enumeration.yml 
attack.t1169
 2020-06-16 19:20:42 +03:00
Ömer Günal 52487159c5 Detect Sudo enumeration commands 2020-06-16 19:17:00 +03:00
Florian Roth 74e16fdccd Merge pull request #803 from gamma37/clear_cmd_history 
Edit Clear Command History
 2020-05-29 17:32:43 +02:00
gamma37 537bda4417 Update lnx_shell_clear_cmd_history.yml 2020-05-28 10:56:35 +02:00