blue-team-tools

Files

T

David Hazekamp bc26970596 fix(rule): lnx_dd_file_overwrite /bin symlinks

This rule is subject to false negatives for *nix distros which
alias /bin to /usr/bin.  By using endswith we can catch dd usage
for either /bin or /usr/bin.

2022-06-06 09:27:27 -05:00

auditd

refactor condition

2022-06-03 15:35:24 +02:00

builtin

refactor condition

2022-06-03 15:35:24 +02:00

file_create

Update lnx_doas_conf_creation.yml

2022-01-20 13:07:53 +01:00

modsecurity

add missing tags

2021-09-07 18:16:46 +02:00

network_connection

Name Normalization

2022-02-27 10:58:14 +01:00

other

remove invalid tag

2022-01-19 18:23:30 +01:00

process_creation

fix(rule): lnx_dd_file_overwrite /bin symlinks

2022-06-06 09:27:27 -05:00