security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e7d2bba8a298c78ed3d378fad2d07cfc1a07ea24
blue-team-tools/rules/web
T
History
Mohamed Ashraf e873392366
Create Release / Create Release (push) Has been cancelled
Details
Merge PR #4522 from @X-Junior - updating multiple rules 
update: Obfuscated IP Via CLI - increase coverage for more types of obfuscation and fix logic
update: Obfuscated IP Download Activity - increase coverage for more types of obfuscation and fix logic
update: Csc.EXE Execution Form Potentially Suspicious Parent - add more MS Office tools, suspicious locations and filter known FPs
update: Dynamic .NET Compilation Via Csc.EXE - add more suspicious locations
update: Malware User Agent - add new user agents

---------

Co-authored-by: nasbench <8741929+nasbench@users.noreply.github.com>
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
2023-11-06 17:07:33 +01:00
..
product
Merge PR #4392 from @tjgeorgen - Update MITRE Tags
2023-08-28 16:53:27 +02:00
proxy_generic
Merge PR #4522 from @X-Junior - updating multiple rules
2023-11-06 17:07:33 +01:00
webserver_generic
Merge PR #4533 from @nasbench - Promote experimental rules
2023-11-02 10:48:45 +01:00