security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
af492dc0f6305e6ede07d208ec58ee13bcf91dff
blue-team-tools/rules
T
History
Matt Anderson af492dc0f6 Merge PR #5528 from @MATTANDERS0N - add rules for defense evasion 
new: PowerShell Defender Default Threat Action Set to 'Allow' or 'NoAction'
new: Windows Defender Context Menu Removed via Reg.exe
new: Disabling Windows Defender WMI Autologger Session via Reg.exe
new: Delete Defender Scan ShellEx Context Menu Registry Key
new: Windows Defender Default Threat Action Modified

---------

Co-authored-by: Swachchhanda Shrawan Poudel <87493836+swachchhanda000@users.noreply.github.com>
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
2025-07-28 13:25:23 +02:00
..
application
Merge PR #5452 from @david-syk - Update the MITRE ATT&CK tags for multiple rules
2025-06-04 14:39:25 +02:00
category
Merge PR #5477 from @phantinuss - chore: update MITRE tag t1219 to t1219.002
2025-06-13 10:00:52 +02:00
cloud
Merge PR #5530 from @peterydzynski - fix: use correct dash type and add spaces
2025-07-18 10:51:11 +02:00
compliance
Merge PR #4950 from @nasbench - Comply With v2 Spec Changes
2024-08-12 12:02:50 +02:00
linux
Merge PR #5506 from @nasbench -promote older rules status from experimental to test
2025-07-01 10:34:38 +02:00
macos
Merge PR #5506 from @nasbench -promote older rules status from experimental to test
2025-07-01 10:34:38 +02:00
network
Merge PR #5492 from @swachchhanda000 - Kerberos Coercion Via DNS SPN Spoofing
2025-07-08 11:35:45 +02:00
web
Merge PR #5452 from @david-syk - Update the MITRE ATT&CK tags for multiple rules
2025-06-04 14:39:25 +02:00
windows
Merge PR #5528 from @MATTANDERS0N - add rules for defense evasion
2025-07-28 13:25:23 +02:00
README.md
chore: move more rules
2023-04-21 15:01:48 +02:00

README.md

TBD

Reference in New Issue View Git Blame Copy Permalink