security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
Files
906797e3d114395e8e4dfeba4aa95fe6672ef162
blue-team-tools/rules
T
History
Nasreddine Bencherchali 906797e3d1 Merge PR #4735 from @nasbench - Slash&Grab Exploitation Related Rule Updates 
new: Potentially Suspicious File Download From File Sharing Domain Via PowerShell.EXE
new: Remote Access Tool - ScreenConnect Backstage Mode Anomaly 2
new: Remote Access Tool - ScreenConnect Remote Execution
new: Remote Access Tool - Simple Help Execution
new: ScreenConnect - SlashAndGrab Exploitation Indicators
new: Suspicious File Download From IP Via Wget.EXE - Paths
new: User Added To Highly Privileged Group
update: Suspicious PowerShell IEX Execution Patterns - Enhance coverage by adding new "IEX" variant
update: Weak or Abused Passwords In CLI - Add additional password seen abused in the wild
2024-02-23 23:57:44 +01:00
..
application
chore: promote older rules status from experimental to test (#4651)
2024-01-01 09:00:51 +01:00
category
Merge PR #4533 from @nasbench - Promote experimental rules
2023-11-02 10:48:45 +01:00
cloud
Merge PR #4700 from @nasbench - Promote older rules status from experimental to test
2024-02-01 02:09:31 +01:00
compliance
Merge PR #4681 from @nasbench - Add Missing Ref & Tags
2024-01-29 13:37:20 +01:00
linux
Merge PR #4700 from @nasbench - Promote older rules status from experimental to test
2024-02-01 02:09:31 +01:00
macos
Merge PR #4700 from @nasbench - Promote older rules status from experimental to test
2024-02-01 02:09:31 +01:00
network
Merge PR #4681 from @nasbench - Add Missing Ref & Tags
2024-01-29 13:37:20 +01:00
web
Merge PR #4721 from @MalGamy - Add UA used by RedCurl APT
2024-02-15 11:27:43 +01:00
windows
Merge PR #4735 from @nasbench - Slash&Grab Exploitation Related Rule Updates
2024-02-23 23:57:44 +01:00
README.md
chore: move more rules
2023-04-21 15:01:48 +02:00

README.md

TBD

Reference in New Issue View Git Blame Copy Permalink