security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bb97300f1f9c188288153344a5ecfbd76e2efcad
blue-team-tools/rules
T
History
Ali Alwashali bb97300f1f Merge PR #4532 from @alwashali - Update EventLog Query Related Rules 
new: EventLog Query Requests By Builtin Utilities
update: Potentially Suspicious EventLog Recon Activity Using Log Query Utilities - Enhanced logic from simply covering wevtutil to covering other tools and conditions.

---------

Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com>
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
2023-11-20 12:47:01 +01:00
..
application
Merge PR #4479 From @frack113 - Upgrade Rules Status
2023-10-17 14:35:26 +02:00
category
Merge PR #4533 from @nasbench - Promote experimental rules
2023-11-02 10:48:45 +01:00
cloud
Merge PR #4533 from @nasbench - Promote experimental rules
2023-11-02 10:48:45 +01:00
compliance
feat: filename test enhancements (#3812)
2022-12-23 09:25:16 +01:00
linux
Merge PR #4533 from @nasbench - Promote experimental rules
2023-11-02 10:48:45 +01:00
macos
Merge PR #4533 from @nasbench - Promote experimental rules
2023-11-02 10:48:45 +01:00
network
Merge PR #4482 From @nasbench - Add New Automation Workflows
2023-10-18 11:53:44 +02:00
web
Merge PR #4552 from @ThureinOo - Add Detection of CVE-2023-46747 Remote Code Execution
2023-11-14 09:41:49 +01:00
windows
Merge PR #4532 from @alwashali - Update EventLog Query Related Rules
2023-11-20 12:47:01 +01:00
README.md
chore: move more rules
2023-04-21 15:01:48 +02:00

README.md

TBD

Reference in New Issue View Git Blame Copy Permalink