security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,511 Commits 1 Branch 57 Tags
e91fc4486e57fc40e30d12253694de4c80a9e4ea
Commit Graph

10511 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Lep 60997b47b2 moreEventID 2019-11-28 21:34:52 +07:00
Lep 412dfc4f05 Merge branch 'master' of http://git.security.fis.vn/VuNX2/sigma 2019-11-28 17:38:57 +07:00
Lep 738008b52b requiment 2019-11-28 17:38:05 +07:00
Nguyen Xuan Vu 042d078ee1 Update requirements.txt 2019-11-28 05:26:09 -05:00
Lep 158ffd2f0c requiment 2019-11-28 17:23:05 +07:00
Nguyen Xuan Vu f1ae6fa1ed Update README.md 2019-11-28 04:56:05 -05:00
Nguyen Xuan Vu 6ce5a2554f Update README.md 2019-11-28 04:41:58 -05:00
Nguyen Xuan Vu 1fcdf6e5d0 Update README.md 2019-11-28 04:40:52 -05:00
Nguyen Xuan Vu cd1866b30f Update README.md 2019-11-28 04:38:03 -05:00
Nguyen Xuan Vu 6fa6cba16d Update README.md 2019-11-28 04:32:34 -05:00
Nguyen Xuan Vu 31cf40e0e8 Update README.md 2019-11-28 04:31:52 -05:00
Nguyen Xuan Vu 2da7f36e48 Update README.md 2019-11-28 04:31:04 -05:00
Lep 37257170dd postAPI 2019-11-28 16:01:24 +07:00
Lep d08ff35222 postAPI 2019-11-28 11:45:49 +07:00
yugoslavskiy d5722979ea add rules by Daniel Bohannon 2019-11-27 00:02:45 +01:00
yugoslavskiy 41a09cde34 updated filenames 2019-11-26 23:31:18 +01:00
webhead404 21ef152e3a Update win_external_device.yml 2019-11-20 16:19:45 -06:00
webhead404 2bfd4ea654 Added MITRE tags 2019-11-20 16:18:03 -06:00
webhead404 b96ad8ccd7 Merge pull request #2 from webhead404/webhead404-contrib 
Create win_external_device
 2019-11-20 16:09:15 -06:00
webhead404 5c5d28acdc Create win_external_device 2019-11-20 16:07:29 -06:00
Florian Roth 39293d5f2b rule: another reference for CVE-2019-1388 rule 2019-11-20 15:09:30 +01:00
Florian Roth 00a26dff16 Merge pull request #536 from Neo23x0/devel 
Changes to CVE-2019-1388 rule
 2019-11-20 09:27:56 +01:00
Florian Roth f9e6a929ba rule: made it more specific - command line must contain URL 2019-11-20 09:23:04 +01:00
Florian Roth 55e66b1843 rule: added status 2019-11-20 09:21:42 +01:00
Florian Roth 0b9cd47c1e Merge pull request #535 from Neo23x0/devel 
Rule to detect CVE-2019-1388
 2019-11-20 09:19:52 +01:00
Florian Roth 4022e3251b rule: changed title 2019-11-20 09:16:00 +01:00
Florian Roth 158f6b3065 rule: exploitation of CVE-2019-1388 2019-11-20 09:12:02 +01:00
Florian Roth a6d069c6d2 Merge branch 'master' into devel 2019-11-19 15:59:22 +01:00
Florian Roth 98aa4d4ecb fix: fixed typo in rule for renamed procdump 2019-11-19 15:59:07 +01:00
yugoslavskiy 1b591ee598 add JET CSIRT team sysmon_process_reimaging.yml with unsupported logic 2019-11-19 02:17:07 +01:00
yugoslavskiy 2a33e6fed9 unify location of rules with unsupported logic 2019-11-19 02:12:22 +01:00
yugoslavskiy efc404fbae resolve conflicts with rule IDs; restored and deprecated sysmon_mimikatz_detection_lsass.yml 2019-11-19 02:11:19 +01:00
Maxime Lamothe-Brassard 61bcc46394 Prettier formatting of YAML. 2019-11-18 14:50:41 -05:00
Florian Roth 0dd583510a Merge pull request #534 from Neo23x0/devel 
rules and fixes
 2019-11-18 16:01:26 +01:00
Florian Roth 2c855be9d3 fix: casing fix in renamed procdump rule 2019-11-18 15:57:14 +01:00
Florian Roth fdc32889a7 rule: PulseSecure CVE-2019-11510 attack 2019-11-18 15:33:58 +01:00
Florian Roth 93f890b31d rule: renamed procdump 2019-11-18 15:27:04 +01:00
Florian Roth da05c9bb82 fix: line break in description 2019-11-18 15:26:55 +01:00
Florian Roth 2c54d1afe4 rule: removed Zebrocy rule because it doesn't work that way 
reason: command line gets split up at the '&' character, which results in two command lines
 2019-11-18 11:42:38 +01:00
Austin Clark ad1a6a2bd3 Update cisco_cli_net_sniff.yml 2019-11-15 19:32:53 +01:00
Austin Clark 441a302623 Update cisco_cli_moving_data.yml 2019-11-15 19:31:41 +01:00
Austin Clark 93a40b3b97 Update cisco_cli_modify_config.yml 2019-11-15 19:31:07 +01:00
Austin Clark 9cd6670501 Update cisco_cli_local_accounts.yml 2019-11-15 19:30:33 +01:00
Austin Clark ed85f1e612 Update cisco_cli_input_capture.yml 2019-11-15 19:11:03 +01:00
Austin Clark d8e0cfb64c Update cisco_cli_file_deletion.yml 2019-11-15 19:10:19 +01:00
Austin Clark af1cf4615f Update cisco_cli_dos.yml 2019-11-15 19:09:38 +01:00
Austin Clark 46c63094de Update cisco_cli_discovery.yml 2019-11-15 19:08:53 +01:00
Austin Clark ac07b00497 Update cisco_cli_disable_logging.yml 2019-11-15 19:08:08 +01:00
Austin Clark 6448631005 Update cisco_cli_crypto_actions.yml 2019-11-15 19:07:09 +01:00
Austin Clark 82237fa347 Update cisco_cli_collect_data.yml 2019-11-15 19:05:55 +01:00