security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
797bcaebfeecfa154c5b912b3cd1d7ba159da505
blue-team-tools/rules/linux
T
History
Swachchhanda Shrawan Poudel 2b5715303f Merge PR #5908 from @swachchhanda000 - Fix fps and improve metadata of several Linux rules 
fix: Linux Logs Clearing Attempts - Add new filters for sysstat and dmesg legitimate command deletion
fix: Disable Or Stop Services - Add new filters for legitimate service stoppoing via systemctl for snapd, asw and others
fix: Potential Suspicious Change To Sensitive/Critical Files - Add filters for `/^*` and `s/^` usage with sed
fix: Persistence Via Sudoers.d Files - Add filter for dpkg writing README
fix: Chmod Targeting Sensitive Directories - enhance metadata and add multipel filters for legit use cases
2026-04-28 01:12:30 +02:00
..
auditd
Merge PR #5921 from @Axel-NTT - Update BPFDoor Abnormal Process ID or Lock File Accessed
2026-04-01 13:16:52 +02:00
builtin
Merge PR #5769 from @nasbench - fix keywords rule and remove the fields field
2025-11-24 09:54:29 +01:00
file_event
Merge PR #5908 from @swachchhanda000 - Fix fps and improve metadata of several Linux rules
2026-04-28 01:12:30 +02:00
network_connection
Merge PR #5397 from @nasbench - Promote older rules status from experimental to test
2025-05-20 22:58:46 +02:00
process_creation
Merge PR #5908 from @swachchhanda000 - Fix fps and improve metadata of several Linux rules
2026-04-28 01:12:30 +02:00