security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d0b2bd9875d61d3c50d256ba40a64203ca15e677
blue-team-tools/rules
T
History
Thomas Patzke d0b2bd9875 Multiple rules per file 
* New wrapper class SigmaCollectionParser parses all YAML documents
  contained in file and handles multiple SigmaParser instantiation.
* Exemplary extended one security/4688 rule to security/4688 + sysmon/1
2017-10-31 23:06:18 +01:00
..
application
Renamed rule file (typo)
2017-09-17 00:32:57 +02:00
apt
US CERT TA17-293A report - renamed PsExec execution
2017-10-22 12:55:26 +02:00
linux
Fixed rules
2017-09-11 00:35:52 +02:00
network
Added field names to first rules
2017-09-12 23:54:04 +02:00
proxy
Suspicious flash player download location / BadRabbit
2017-10-25 08:40:30 +02:00
web
Added vhost field to web rules
2017-09-17 00:20:17 +02:00
windows
Multiple rules per file
2017-10-31 23:06:18 +01:00