security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
611b72dba5ab174cfdcc970d18eae621097160f2
blue-team-tools/rules
T
History
Vasiliy Burov 977551c69d Added some suspicious locations 
Added 'C:\Windows\Tasks' and 'C:\Windows\System32\Tasks' as suspicious locations accordingly article: https://github.com/ThreatHuntingProject/ThreatHunting/blob/master/hunts/suspicious_process_creation_via_windows_event_logs.md
2019-12-10 20:17:40 +03:00
..
application
Added UUIDs to rules
2019-11-12 23:12:27 +01:00
apt
fix: fixed broken link in elise rule
2019-12-05 09:56:20 +01:00
compliance
Added UUIDs to rules
2019-11-12 23:12:27 +01:00
linux
Added UUIDs to rules
2019-11-12 23:12:27 +01:00
network
Added UUIDs to rules
2019-11-12 23:12:27 +01:00
proxy
Merge branch 'rules'
2019-12-09 16:17:39 +01:00
web
rule: PulseSecure CVE-2019-11510 attack
2019-11-18 15:33:58 +01:00
windows
Added some suspicious locations
2019-12-10 20:17:40 +03:00