security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
17fff52ae21e06bd0209a86bf57435e7a003c95f
blue-team-tools/rules
T
History
Florian Roth 17fff52ae2 Merge pull request #3099 from frack113/word_startup 
Add file_event_win_susp_winword_startup
2022-06-06 22:25:58 +02:00
..
application
refactor condition
2022-06-03 15:39:41 +02:00
apt
remove invalid tag
2022-01-19 18:23:30 +01:00
cloud
Create azure_app_owner_added.yml
2022-06-02 13:37:00 -07:00
compliance
chore: test rules: reactivate single value list check
2022-05-10 17:13:04 +02:00
linux
Create proc_creation_lnx_susp_chmod_directories.yml
2022-06-03 19:24:02 -04:00
macos
refactor condition
2022-06-03 15:35:24 +02:00
network
refactor condition
2022-06-03 15:35:24 +02:00
proxy
Renamed suspicious in filenames to susp
2022-05-19 09:37:04 +02:00
web
refactor: new expr from honeypot, increased level
2022-06-06 17:32:08 +02:00
windows
Filter valid ext
2022-06-06 21:51:15 +02:00