 frack113
|
05f4f50fc2
|
Merge pull request #2037 from frack113/clean_win_outlook_registry_todaypage
Clean win outlook registry todaypage
|
2021-09-17 06:34:38 +02:00 |
|
|
Sittikorn S
|
13553ef917
|
Update web_cve_2021_40539_manageengine_adselfservice_exploit.yml
|
2021-09-17 09:53:12 +07:00 |
|
|
frack113
|
7a22fc6dba
|
clean string
|
2021-09-16 16:26:53 +02:00 |
|
|
frack113
|
c36cf428ac
|
clean list 1 elem
|
2021-09-16 16:18:30 +02:00 |
|
|
Florian Roth
|
a926439b39
|
fix: default to (Default)
|
2021-09-16 11:39:45 +02:00 |
|
|
frack113
|
6e981f56df
|
fix detection from references
|
2021-09-16 09:20:41 +02:00 |
|
|
frack113
|
8a847e0538
|
Update process_creation_possible_privilege_escalation_via_service_registry_permissions.yml
|
2021-09-15 19:05:31 +02:00 |
|
|
frack113
|
973e0666ac
|
Merge pull request #2020 from frack113/pc_global
Split some global process_creation rules
|
2021-09-15 19:03:30 +02:00 |
|
|
frack113
|
3b8282c221
|
fix detection
|
2021-09-15 16:21:30 +02:00 |
|
|
frack113
|
33a51df46a
|
Update lnx_system_info_discovery.yml
|
2021-09-14 21:03:46 +02:00 |
|
|
frack113
|
a6da209507
|
Update lnx_auditd_system_info_discovery2.yml
|
2021-09-14 21:02:51 +02:00 |
|
|
frack113
|
a3477893de
|
Update lnx_auditd_network_service_scanning.yml
|
2021-09-14 21:02:13 +02:00 |
|
|
frack113
|
83531bb2ff
|
split global lnx_system_info_discovery.yml
|
2021-09-14 20:13:57 +02:00 |
|
|
frack113
|
38c0f83eaf
|
split global lnx_sudo_cve_2019_14287.yml
|
2021-09-14 20:07:13 +02:00 |
|
|
frack113
|
87e5fc48fa
|
split global lnx_security_tools_disabling.yml
|
2021-09-14 19:32:58 +02:00 |
|
|
frack113
|
ecefc6e913
|
add missing product
|
2021-09-14 19:29:49 +02:00 |
|
|
frack113
|
bc69900335
|
split global lnx_network_service_scanning.yml
|
2021-09-14 19:27:28 +02:00 |
|
|
frack113
|
30955c4884
|
split global lnx_auditd_cve_2021_3156_sudo_buffer_overflow.yml
|
2021-09-14 19:24:11 +02:00 |
|
|
frack113
|
1e4484bffb
|
split lnx_auditd_cve_2021_3156_sudo_buffer_overflow
|
2021-09-14 19:22:56 +02:00 |
|
|
frack113
|
b08b3e2b0d
|
Merge pull request #2021 from frack113/global_registry
Split registry Global rules
|
2021-09-14 19:18:34 +02:00 |
|
|
frack113
|
d13af3e258
|
Merge pull request #2019 from frack113/normalise_name
Split 2 global rules and normalyze name
|
2021-09-14 19:17:55 +02:00 |
|
|
frack113
|
7298225cbe
|
Merge pull request #2028 from zakibro/master
New Rule - Linux - Auditd - Screen Capture with xwd
|
2021-09-14 09:58:11 +02:00 |
|
|
zakibro
|
e47a7d9826
|
Update lnx_auditd_screencaputre_xwd.yml
|
2021-09-13 19:08:23 +02:00 |
|
|
Pawel Mazur
|
a8f9617ccd
|
New Rule - Linux - Auditd - Screen Capture with xwd
|
2021-09-13 18:56:33 +02:00 |
|
|
Florian Roth
|
4118402127
|
Merge pull request #2027 from frack113/fix_reg_key
Fix registry TargetObject
|
2021-09-13 15:59:47 +02:00 |
|
|
Florian Roth
|
680cad2a52
|
Merge pull request #2025 from BlackB0lt/patch-18
Update win_file_winword_cve_2021_40444.yml
|
2021-09-13 15:58:45 +02:00 |
|
|
Sittikorn S
|
dd9921b360
|
Update win_file_winword_cve_2021_40444.yml
Add modified date
|
2021-09-13 19:41:01 +07:00 |
|
|
frack113
|
34111b3aaf
|
Merge pull request #2023 from austinsonger/okta
Okta Rules
|
2021-09-13 14:34:52 +02:00 |
|
|
frack113
|
ab5d3a9da4
|
Merge pull request #2024 from austinsonger/azure_new_cloudshell_created.yml
azure_new_cloudshell_created.yml
|
2021-09-13 14:34:11 +02:00 |
|
|
frack113
|
047ebab36b
|
fix HKCU
|
2021-09-13 14:01:39 +02:00 |
|
|
frack113
|
7b6ae81b8b
|
fix TargetObject HK
|
2021-09-13 13:16:16 +02:00 |
|
|
frack113
|
bd3b1323b4
|
fix TargetObject HKCU
|
2021-09-13 12:45:10 +02:00 |
|
|
Sittikorn S
|
edd5c2745e
|
Update win_file_winword_cve_2021_40444.yml
change TargetFilename|contains|all
|
2021-09-13 16:05:56 +07:00 |
|
|
Sittikorn S
|
5977596e65
|
Update win_file_winword_cve_2021_40444.yml
|
2021-09-13 16:05:22 +07:00 |
|
|
Sittikorn S
|
7386904e42
|
Update win_file_winword_cve_2021_40444.yml
Add new condition
|
2021-09-13 15:33:14 +07:00 |
|
|
Sittikorn S
|
9576663789
|
Update web_cve_2021_40539_manageengine_adselfservice_exploit.yml
Edit My Teammate
|
2021-09-13 15:23:38 +07:00 |
|
|
pbssubhash
|
4ae1d41983
|
Corrected Rules - Logsource
|
2021-09-13 10:16:02 +05:30 |
|
|
Austin Songer
|
8e1f36ec39
|
Update okta_api_token_created.yml
|
2021-09-12 23:34:08 -05:00 |
|
|
frack113
|
e4d3d313c7
|
Update okta_policy_rule_modified_or_deleted.yml
|
2021-09-13 06:33:49 +02:00 |
|
|
frack113
|
18223a37cd
|
Update okta_application_sign-on_policy_modified_or_deleted.yml
|
2021-09-13 06:26:01 +02:00 |
|
|
Austin Songer
|
e1ef3857fb
|
Update and rename okta_user_account_lockout.yml to okta_user_account_locked_out.yml
|
2021-09-12 20:49:44 -05:00 |
|
|
Austin Songer
|
01c985b99a
|
Update and rename okta_user_account_mfa_bypass_attempt.yml to okta_mfa_reset_or_deactivated.yml
|
2021-09-12 20:40:33 -05:00 |
|
|
Austin Songer
|
1f5e2577cb
|
Delete okta_user_account_mfa_reset.yml
|
2021-09-12 20:34:37 -05:00 |
|
|
Austin Songer
|
bec7b5d3e7
|
Create okta_security_threat_detected.yml
|
2021-09-12 20:33:27 -05:00 |
|
|
Austin Songer
|
249d3198d3
|
Create okta_application_sign-on_policy_modified_or_deleted.yml
|
2021-09-12 20:27:45 -05:00 |
|
|
Austin Songer
|
f759fff453
|
Update okta_policy_rule_modified_or_deleted.yml
|
2021-09-12 20:24:12 -05:00 |
|
|
Austin Songer
|
e60fbbf4b8
|
Update okta_network_zone_deactivated_or_deleted.yml
|
2021-09-12 20:22:16 -05:00 |
|
|
Austin Songer
|
45b6ac72ee
|
Update okta_application_modified_or_deleted.yml
|
2021-09-12 20:19:57 -05:00 |
|
|
Austin Songer
|
9f70336879
|
Update okta_api_token_revoked.yml
|
2021-09-12 20:16:37 -05:00 |
|
|
Austin Songer
|
aa8978e9da
|
Update okta_api_token_created.yml
|
2021-09-12 20:14:27 -05:00 |
|