security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4989d43ae97015f8113aed2efcd49d288b8fec21
blue-team-tools/rules/web/proxy_generic
T
History
Nasreddine Bencherchali 779111a0dd Merge PR #4928 from @nasbench - Fix FPs and issues found in testing 
fix: Potential DLL Sideloading Of DbgModel.DLL - Update selection name to match the condition
fix: NTLM Logon - Remove unnecessary field
fix: Potential Commandline Obfuscation Using Unicode Characters - Remove legitimate currency characters as they could be used in document names
fix: Suspicious SYSTEM User Process Creation - Update `ping` filter to account for other FP variants found in the wild.
2024-07-24 09:22:49 +02:00
..
proxy_download_susp_dyndns.yml
chore: update rules from r-dns to cs-host
2023-05-18 23:03:23 +02:00
proxy_download_susp_tlds_blacklist.yml
chore: update rules from r-dns to cs-host
2023-05-18 23:03:23 +02:00
proxy_download_susp_tlds_whitelist.yml
Merge PR #4681 from @nasbench - Add Missing Ref & Tags
2024-01-29 13:37:20 +01:00
proxy_downloadcradle_webdav.yml
Merge PR #4738 from @nasbench - Small fixes and metadata updates
2024-02-26 22:01:53 +01:00
proxy_f5_tm_utility_bash_api_request.yml
Merge PR #4552 from @ThureinOo - Add Detection of CVE-2023-46747 Remote Code Execution
2023-11-14 09:41:49 +01:00
proxy_hktl_baby_shark_default_agent_url.yml
Merge PR #4738 from @nasbench - Small fixes and metadata updates
2024-02-26 22:01:53 +01:00
proxy_hktl_cobalt_strike_malleable_c2_requests.yml
Merge PR #4738 from @nasbench - Small fixes and metadata updates
2024-02-26 22:01:53 +01:00
proxy_hktl_empire_ua_uri_patterns.yml
Merge PR #4738 from @nasbench - Small fixes and metadata updates
2024-02-26 22:01:53 +01:00
proxy_pua_advanced_ip_scanner_update_check.yml
Merge PR #4738 from @nasbench - Small fixes and metadata updates
2024-02-26 22:01:53 +01:00
proxy_pwndrop.yml
chore: add nextron authors tag
2023-02-01 11:14:59 +01:00
proxy_raw_paste_service_access.yml
Merge PR #4738 from @nasbench - Small fixes and metadata updates
2024-02-26 22:01:53 +01:00
proxy_susp_flash_download_loc.yml
chore: add nextron authors tag
2023-02-01 11:14:59 +01:00
proxy_susp_ipfs_cred_harvest.yml
Merge PR #4700 from @nasbench - Promote older rules status from experimental to test
2024-02-01 02:09:31 +01:00
proxy_telegram_api.yml
chore: update rules from r-dns to cs-host
2023-05-18 23:03:23 +02:00
proxy_ua_apt.yml
Merge PR #4928 from @nasbench - Fix FPs and issues found in testing
2024-07-24 09:22:49 +02:00
proxy_ua_base64_encoded.yml
Merge PR #4745 from @nasbench - Promote older rules status from experimental to test
2024-03-01 15:38:35 +01:00
proxy_ua_bitsadmin_susp_ip.yml
Merge PR #4681 from @nasbench - Add Missing Ref & Tags
2024-01-29 13:37:20 +01:00
proxy_ua_bitsadmin_susp_tld.yml
Merge PR #4791 from @nasbench - Promote older rules status from experimental to test
2024-04-01 15:14:10 +02:00
proxy_ua_cryptominer.yml
chore: add nextron authors tag
2023-02-01 11:14:59 +01:00
proxy_ua_empty.yml
Merge PR #4738 from @nasbench - Small fixes and metadata updates
2024-02-26 22:01:53 +01:00
proxy_ua_frameworks.yml
Merge PR #4928 from @nasbench - Fix FPs and issues found in testing
2024-07-24 09:22:49 +02:00
proxy_ua_hacktool.yml
chore: add nextron authors tag
2023-02-01 11:14:59 +01:00
proxy_ua_malware.yml
Merge PR #4928 from @nasbench - Fix FPs and issues found in testing
2024-07-24 09:22:49 +02:00
proxy_ua_powershell.yml
Merge PR #4738 from @nasbench - Small fixes and metadata updates
2024-02-26 22:01:53 +01:00
proxy_ua_rclone.yml
Merge PR #4479 From @frack113 - Upgrade Rules Status
2023-10-17 14:35:26 +02:00
proxy_ua_susp_base64.yml
Merge PR #4745 from @nasbench - Promote older rules status from experimental to test
2024-03-01 15:38:35 +01:00
proxy_ua_susp.yml
Merge PR #4482 From @nasbench - Add New Automation Workflows
2023-10-18 11:53:44 +02:00
proxy_webdav_external_execution.yml
Merge PR #4845 from @ahmedfarou22 - Proxy WebDAV Rule Improvements/New Rule
2024-05-10 16:16:42 +02:00