security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7f030b250e82fda2795bba7ea2f7a102ff5e88fa
blue-team-tools/rules
T
History
phantinuss 7f030b250e fix: wrong mapping of Windows Audit Log EventID 4688 
reverts some changes introduced by commit c5fa73c328
    - removes the unnecessary/wrong field mapping
    - fixes the rules to apply to CommandLine instead of
      ParentCommandLine as the author probably intended
2022-03-30 11:24:24 +02:00
..
application
Merge pull request #2837 from SigmaHQ/log-source-cleanup
2022-03-24 21:26:46 +01:00
apt
remove invalid tag
2022-01-19 18:23:30 +01:00
cloud
Merge pull request #2850 from hieuttmmo/master
2022-03-25 11:35:49 +01:00
compliance
refactor: first bigger log source refactoring
2022-03-22 17:58:29 +01:00
generic
fix: remove penetration testing as a valid false positive
2022-03-16 13:51:26 +01:00
linux
fix: product unix > linux
2022-03-24 11:40:51 +01:00
macos
refactor: move macos rules to separate dir
2022-03-24 09:17:05 +01:00
network
fix: empty query in rule > bug
2022-03-24 15:17:29 +01:00
proxy
remove invalid tag
2022-01-19 18:23:30 +01:00
web
refactor: first bigger log source refactoring
2022-03-22 17:58:29 +01:00
windows
fix: wrong mapping of Windows Audit Log EventID 4688
2022-03-30 11:24:24 +02:00