blue-team-tools/rules/network at d78bbb9333145c36aee74e2ace05b58302e4d92d - blue-team-tools - GreySec Git

security-tools/blue-team-tools

Files

T

History

$frack113$ frack113 83dee26262 Update net_pua_cryptocoin_mining_xmr.yml

2021-11-20 19:20:07 +01:00

..

…

Missing status in rules (#2284 )

2021-11-19 22:32:26 +01:00

net_apt_equationgroup_c2.yml

add tag mitre t1041 for equation group c2

2021-11-20 16:23:27 +01:00

net_dns_c2_detection.yml

…

net_firewall_high_dns_bytes_out.yml

split global net_high_dns_bytes_out.yml

2021-09-21 19:53:25 +02:00

net_firewall_high_dns_requests_rate.yml

…

net_high_dns_bytes_out.yml

split global net_high_dns_bytes_out.yml

2021-09-21 19:53:25 +02:00

net_high_dns_requests_rate.yml

…

net_high_null_records_requests_rate.yml

…

net_high_txt_records_requests_rate.yml

…

net_mal_dns_cobaltstrike.yml

CobaltStrike DNS rules

2021-11-09 17:29:43 +01:00

net_pua_cryptocoin_mining_xmr.yml

Update net_pua_cryptocoin_mining_xmr.yml

2021-11-20 19:20:07 +01:00

net_susp_dns_b64_queries.yml

…

net_susp_dns_txt_exec_strings.yml

…

net_susp_network_scan_by_ip.yml

…

net_susp_network_scan_by_port.yml

…

net_susp_telegram_api.yml

…

net_wannacry_killswitch_domain.yml

…