security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,511 Commits 1 Branch 57 Tags
e91fc4486e57fc40e30d12253694de4c80a9e4ea
Commit Graph

10511 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonhnathan d5803b89ef Update win_apt_zxshell.yml 2020-11-26 23:31:10 -03:00
Jonhnathan 89a4aa84bf Update win_apt_winnti_pipemon.yml 2020-11-26 23:29:10 -03:00
Jonhnathan df93846117 Update win_apt_unidentified_nov_18.yml 2020-11-26 23:26:18 -03:00
Jonhnathan b234d577d6 Update win_apt_sofacy.yml 2020-11-26 23:21:53 -03:00
Jonhnathan 77bae30bef Update win_apt_slingshot.yml 2020-11-26 23:18:32 -03:00
Jonhnathan f2dd516b7c Fix logic 2020-11-26 23:16:03 -03:00
Jonhnathan 127607c5e7 Remove Additional backslash 2020-11-26 23:14:51 -03:00
Jonhnathan bce74198ab Remove Additional backslash 2020-11-26 23:14:24 -03:00
Jonhnathan fda266adb6 Update win_apt_hurricane_panda.yml 2020-11-26 23:12:26 -03:00
Jonhnathan d0b6694767 Update win_apt_greenbug_may20.yml 2020-11-26 23:05:44 -03:00
Jonhnathan 707fbe048e Update win_apt_evilnum_jul20.yml 2020-11-26 23:05:08 -03:00
Jonhnathan a113c0f3b4 Remove Additional backslash 2020-11-26 23:00:05 -03:00
Jonhnathan d57d7c1e5b Remove Additional backslash 2020-11-26 22:59:35 -03:00
Jonhnathan f61317b2f9 Update sysmon_in_memory_assembly_execution.yml 2020-11-26 22:50:48 -03:00
Jonhnathan 784cab1dfe Fix missing logic and Field 2020-11-26 22:46:17 -03:00
Jonhnathan 48f16a0ca8 Update win_susp_net_recon_activity.yml 2020-11-26 22:39:49 -03:00
Florian Roth 3d39d49d65 Merge pull request #1295 from findthebad/fix-winlogbeat-config 
Updated winlogbeat.yml config to include OriginalFileName
 2020-11-26 23:17:45 +01:00
findthebad ad899899ab Updated winlogbeat.yml config to include OriginalFileName 2020-11-26 14:48:14 -05:00
Florian Roth 084cd39505 Merge pull request #1294 from Neo23x0/devel 
Trickbot rules improved
 2020-11-26 10:13:35 +01:00
Florian Roth c6fc9de144 New Trickbot wermgr rule 2020-11-26 09:54:27 +01:00
Florian Roth c111ab3141 Improved Trickbot recon rule 2020-11-26 09:54:13 +01:00
Florian Roth b31ed47ccf Merge branch 'master' into devel 2020-11-26 09:44:56 +01:00
Florian Roth 13354dd7a2 Merge pull request #1293 from hegga/cb-fix-domain-fieldmapping 
Fix field mapping for DestinationHostname
 2020-11-26 09:40:28 +01:00
Helge Aksdal 3a7c114ca3 Fix field mapping for DestinationHostname 2020-11-26 04:17:28 +01:00
Tim I 78d201ad15 Fix value modifier and add a slash 2020-11-24 23:06:21 +03:00
bczyz1 05398ae95e change field newprocessname -> image 2020-11-23 13:43:19 +01:00
toffeebr33k c8c4183678 Update aws_enum_listing.yml 2020-11-22 01:53:58 +08:00
toffeebr33k 3d0e1988c6 Update aws_enum_listing.yml 2020-11-22 01:41:20 +08:00
toffeebr33k 273590b151 Update aws_enum_listing.yml 2020-11-22 01:17:42 +08:00
toffeebr33k 52fca0fe3a Update aws_enum_listing.yml 2020-11-22 01:05:56 +08:00
toffeebr33k e764ca687a Update aws_enum_listing.yml 2020-11-22 00:50:34 +08:00
toffeebr33k 00504ee186 Update aws_update_login_profile.yml 2020-11-22 00:42:25 +08:00
toffeebr33k 3dd1525b98 Update aws_update_login_profile.yml 2020-11-22 00:38:41 +08:00
toffeebr33k 6b65180464 Add files via upload 2020-11-22 00:33:47 +08:00
toffeebr33k cff82ff79a Delete aws_update_login_profile.yml 2020-11-22 00:33:17 +08:00
toffeebr33k 7e1c918b4d Delete aws_enum_listing.yml 2020-11-22 00:32:59 +08:00
toffeebr33k 551764b630 Add files via upload 2020-11-22 00:26:17 +08:00
toffeebr33k 3dd25ddea4 Delete aws_update_login_profile.yml 2020-11-22 00:25:54 +08:00
toffeebr33k fba9c12bb2 Delete aws_enum_listing.yml 2020-11-22 00:25:29 +08:00
toffeebr33k 6c1f3f5969 Update aws_update_login_profile.yml 2020-11-21 23:45:10 +08:00
toffeebr33k 70e725e82e Update aws_enum_listing.yml 2020-11-21 23:44:14 +08:00
toffeebr33k 596d1b6e4c Update aws_update_login_profile.yml 2020-11-21 23:29:49 +08:00
toffeebr33k a786ebd04b Update aws_enum_listing.yml 2020-11-21 23:28:57 +08:00
toffeebr33k 1ca903b168 Update aws_enum_listing.yml 2020-11-21 23:22:07 +08:00
toffeebr33k 7f61591865 Add files via upload 2020-11-21 23:12:50 +08:00
Thomas Patzke 84dc11ca98 Removed ES query tests 2020-11-21 13:33:25 +04:00
Thomas Patzke 0ed54a6cae Merge pull request #1290 from arollyson/helix_backend 
Backend: FireEye Helix
 2020-11-21 00:06:19 +01:00
Lionel 7ca368d1ed fix issue 1285 
https://github.com/Neo23x0/sigma/issues/1285
 2020-11-20 16:42:20 +01:00
Alejandro Ortuno 000c038ede Retrigger tests 2020-11-20 09:30:43 +01:00
Alejandro Ortuno cfcda8d25f Trigger new test execution 2020-11-20 09:29:09 +01:00