security-tools/blue-team-tools: Blue team tooling - detection rules, forensics, SIEM content - blue-team-tools - GreySec Git

security-tools/blue-team-tools

T

Nguyen Xuan Vu 1fcdf6e5d0 Update README.md

2019-11-28 04:40:52 -05:00

postAPI

2019-11-28 11:45:49 +07:00

Merge branch 'devel-sumo' of https://github.com/juju4/sigma into juju4-devel-sumo

2019-06-28 23:39:15 +02:00

docs: Info Graphic version 0.1 LQ / HQ

2018-07-17 19:25:37 -06:00

Sigma ATT&CK coverage by @jmallette

2019-04-11 18:27:52 +02:00

IP Clean

2019-10-22 17:49:50 +07:00

Added ATT&CK technique to rule test

2019-08-25 10:13:11 +02:00

postAPI

2019-11-28 16:01:24 +07:00

_config.yml

Set theme jekyll-theme-hacker

2017-03-05 01:06:36 +01:00

.gitignore

IDE settings file

2017-03-14 12:52:11 +01:00

.travis.yml

chore: workaround Travis Python 3.5 problems

2019-02-23 07:43:41 +01:00

.yamllint

Really run yamllint (it wasn't checking any rule)

2019-01-10 09:51:33 +01:00

BREAKING_CHANGES.md

Fix small typos in file breaking-changes

2019-08-06 09:57:00 +02:00

LICENSE.GPL.txt

Re-licensing toolchain under LGPLv3

2017-12-07 21:55:43 +01:00

LICENSE.LGPL.txt

Re-licensing toolchain under LGPLv3

2017-12-07 21:55:43 +01:00

Makefile

Sigmatools release 0.12

2019-08-01 23:45:07 +02:00

Pipfile

Pipenv packaging

2019-08-09 14:43:29 +02:00

Pipfile.lock

Pipenv packaging

2019-08-09 14:43:29 +02:00

README.md

Update README.md

2019-11-28 04:40:52 -05:00

sigma-schema.rx.yml

changed .yaml files to .yml for consistency

2018-11-20 21:07:36 -08:00

README.md

Sửa host và API Token trong code:

Đường dẫn: sigma/tools/sigma/backends/carbonblack.py - line 145.

url = host CarbonBlack

X-Auth-Token = API Token từ profile admin

Chạy lệnh gọi chuyển rules lên watchlist qua API: cd /sigma/tools: python3 sigmac -t carbonblack -c carbonblack -r

Example:

python3 sigmac -t carbonblack -c carbonblack -r ../rules/windows/process_creation