blue-team-tools

security-tools/blue-team-tools

Fork 0

T

vunx2 579e7481c7 cleanValue + eventID list

2020-02-04 18:14:40 +07:00

.vscode

cleanValue + eventID list

2020-02-04 18:14:40 +07:00

contrib

Merge branch 'devel-sumo' of https://github.com/juju4/sigma into juju4-devel-sumo

2019-06-28 23:39:15 +02:00

images

docs: Info Graphic version 0.1 LQ / HQ

2018-07-17 19:25:37 -06:00

other

Sigma ATT&CK coverage by @jmallette

2019-04-11 18:27:52 +02:00

rules

cleanValue + eventID list

2020-02-04 18:14:40 +07:00

tests

Added ATT&CK technique to rule test

2019-08-25 10:13:11 +02:00

tools

cleanValue + eventID list

2020-02-04 18:14:40 +07:00

_config.yml

Set theme jekyll-theme-hacker

2017-03-05 01:06:36 +01:00

.gitignore

IDE settings file

2017-03-14 12:52:11 +01:00

.travis.yml

chore: workaround Travis Python 3.5 problems

2019-02-23 07:43:41 +01:00

.yamllint

Really run yamllint (it wasn't checking any rule)

2019-01-10 09:51:33 +01:00

BREAKING_CHANGES.md

Fix small typos in file breaking-changes

2019-08-06 09:57:00 +02:00

LICENSE.GPL.txt

Re-licensing toolchain under LGPLv3

2017-12-07 21:55:43 +01:00

LICENSE.LGPL.txt

Re-licensing toolchain under LGPLv3

2017-12-07 21:55:43 +01:00

Makefile

Sigmatools release 0.12

2019-08-01 23:45:07 +02:00

Pipfile

Pipenv packaging

2019-08-09 14:43:29 +02:00

Pipfile.lock

Pipenv packaging

2019-08-09 14:43:29 +02:00

README.md

Update README.md

2019-11-28 04:56:05 -05:00

sigma-schema.rx.yml

changed .yaml files to .yml for consistency

2018-11-20 21:07:36 -08:00

README.md

Sửa host và API Token trong code:

Đường dẫn: sigma/tools/sigma/backends/carbonblack.py - line 145.

url = host CarbonBlack

X-Auth-Token = API Token từ profile admin

Chạy lệnh gọi chuyển rules lên watchlist qua API:

cd /sigma/tools

python3 sigmac -t carbonblack -c carbonblack -r

Example:

python3 sigmac  -t carbonblack -c carbonblack -r /sigmaRules_tuned