security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bfc5586e439ab11954292ec8a0be5b52b1657a2f
blue-team-tools/rules/linux
T
History
Fukusuke Takahashi dbba992bc3 Merge PR #4960 from @fukusuket - Update unreachable/broken references 
chore: Unix Shell Configuration Modification - Update unreachable/broken references
chore: JNDIExploit Pattern - Update unreachable/broken references
chore: Load Of RstrtMgr.DLL By A Suspicious Process - Update unreachable/broken references
chore: Load Of RstrtMgr.DLL By An Uncommon Process - Update unreachable/broken references
chore: Potential appverifUI.DLL Sideloading - Update unreachable/broken references
chore: Potential Dead Drop Resolvers - Update unreachable/broken references
chore: HackTool - SecurityXploded Execution - Update unreachable/broken references
chore: Suspicious Processes Spawned by Java.EXE - Update unreachable/broken references
chore: Shell Process Spawned by Java.EXE - Update unreachable/broken references
chore: New Firewall Rule Added Via Netsh.EXE - Update unreachable/broken references
chore: PUA - AdvancedRun Execution - Update unreachable/broken references
chore: PUA - AdvancedRun Suspicious Execution - Update unreachable/broken references
chore: PUA - NSudo Execution - Update unreachable/broken references
chore: Windows Processes Suspicious Parent Directory - Update unreachable/broken references
chore: Suspect Svchost Activity - Update unreachable/broken references
chore: Whoami.EXE Execution From Privileged Process - Update unreachable/broken references
chore: Turla PNG Dropper Service - Update unreachable/broken references
chore: Exploiting SetupComplete.cmd CVE-2019-1378 - Update unreachable/broken references
chore: Log4j RCE CVE-2021-44228 Generic - Update unreachable/broken references
chore: Log4j RCE CVE-2021-44228 in Fields - Update unreachable/broken references
chore: .Class Extension URI Ending Request - Update unreachable/broken references
chore: DLL Call by Ordinal Via Rundll32.EXE - Update unreachable/broken references
2024-08-10 12:52:28 +02:00
..
auditd
Merge PR #4960 from @fukusuket - Update unreachable/broken references
2024-08-10 12:52:28 +02:00
builtin
Merge PR #4795 from @signalblur - Update Linux Command History Tampering rule
2024-04-17 14:28:17 +02:00
file_event
Merge PR #4791 from @nasbench - Promote older rules status from experimental to test
2024-04-01 15:14:10 +02:00
network_connection
Merge PR #4882 from @netgrain - New rules related to LocaltoNet tunneling
2024-06-20 13:09:49 +02:00
process_creation
Merge PR #4893 from @ryanplasma - Update Microsoft references URLS
2024-07-02 12:00:11 +02:00