Commit Graph

63 Commits

Author SHA1 Message Date
Florian Roth
ec13c691ce
Merge pull request #1585 from BlackB0lt/patch-6
Create aws_ec2_disable_encryption.yml
2021-07-08 14:54:02 +02:00
Austin Songer
aac72668f4
Update microsoft365_impossible_travel_activity.yml 2021-07-06 16:59:28 -05:00
Austin Songer
af3fd2fe8e
Create microsoft365_impossible_travel_activity.yml 2021-07-06 16:55:54 -05:00
Sittikorn S
9ae8fedff3
Update aws_ec2_disable_encryption.yml 2021-06-29 18:05:25 +07:00
Florian Roth
9c769a3fce
Update aws_securityhub_finding_evasion.yml 2021-06-29 12:49:32 +02:00
Sittikorn S
c2e701958e
Create aws_ec2_disable_encryption.yml 2021-06-29 11:06:00 +07:00
Sittikorn S
bfe110a2c5
Update aws_securityhub_finding_evasion.yml 2021-06-28 16:07:54 +07:00
Sittikorn S
5a61e402bf
Update aws_securityhub_finding_evasion.yml 2021-06-28 15:57:21 +07:00
Sittikorn S
071699da5e
Update aws_securityhub_finding_evasion.yml 2021-06-28 15:52:42 +07:00
Sittikorn S
ff83414871
Update and rename aws_securityhub_disable_finding.yml to aws_securityhub_finding_evasion.yml 2021-06-28 15:45:31 +07:00
Sittikorn S
4c323d40dd
Create aws_securityhub_disable_finding.yml 2021-06-28 15:42:34 +07:00
Darin Smith
e921181f4b Add AWS snapshot exfiltration rule 2021-05-17 13:00:01 -07:00
Anton Kutepov
3f45269296 Merge branch 'oscd'
B
B
B
B
A
2021-03-02 22:58:41 +03:00
jaegeral
e1f43f17c2 fixed various spelling errors all over rules and source code 2021-02-24 14:43:13 +00:00
Joshua Roys
025a17e44b fix: case in level
Otherwise es-rule ends up with a null risk_score and invalid severity.
2021-02-22 21:34:06 -05:00
toffeebr33k
c8c4183678
Update aws_enum_listing.yml 2020-11-22 01:53:58 +08:00
toffeebr33k
3d0e1988c6
Update aws_enum_listing.yml 2020-11-22 01:41:20 +08:00
toffeebr33k
273590b151
Update aws_enum_listing.yml 2020-11-22 01:17:42 +08:00
toffeebr33k
52fca0fe3a
Update aws_enum_listing.yml 2020-11-22 01:05:56 +08:00
toffeebr33k
e764ca687a
Update aws_enum_listing.yml 2020-11-22 00:50:34 +08:00
toffeebr33k
00504ee186
Update aws_update_login_profile.yml 2020-11-22 00:42:25 +08:00
toffeebr33k
3dd1525b98
Update aws_update_login_profile.yml 2020-11-22 00:38:41 +08:00
toffeebr33k
6b65180464
Add files via upload 2020-11-22 00:33:47 +08:00
toffeebr33k
cff82ff79a
Delete aws_update_login_profile.yml 2020-11-22 00:33:17 +08:00
toffeebr33k
7e1c918b4d
Delete aws_enum_listing.yml 2020-11-22 00:32:59 +08:00
toffeebr33k
551764b630
Add files via upload 2020-11-22 00:26:17 +08:00
toffeebr33k
3dd25ddea4
Delete aws_update_login_profile.yml 2020-11-22 00:25:54 +08:00
toffeebr33k
fba9c12bb2
Delete aws_enum_listing.yml 2020-11-22 00:25:29 +08:00
toffeebr33k
6c1f3f5969
Update aws_update_login_profile.yml 2020-11-21 23:45:10 +08:00
toffeebr33k
70e725e82e
Update aws_enum_listing.yml 2020-11-21 23:44:14 +08:00
toffeebr33k
596d1b6e4c
Update aws_update_login_profile.yml 2020-11-21 23:29:49 +08:00
toffeebr33k
a786ebd04b
Update aws_enum_listing.yml 2020-11-21 23:28:57 +08:00
toffeebr33k
1ca903b168
Update aws_enum_listing.yml 2020-11-21 23:22:07 +08:00
toffeebr33k
7f61591865
Add files via upload 2020-11-21 23:12:50 +08:00
Jonhnathan
56dd924fc3
Update aws_ec2_vm_export_failure.yml 2020-10-15 23:31:55 -03:00
Mike Wade
57cae0ded1 Fixed reference typo 2020-09-13 22:07:43 -06:00
Mike Wade
52ab677798 Fixed my git issue 2020-09-13 22:03:04 -06:00
aw350m3
198e42d724 deleted extra spaces 2020-09-03 14:22:31 +00:00
aw350m3
b00047a4e8 att&ck tags review: application, apt, cloud, generic, proxy 2020-09-03 14:16:54 +00:00
Aidan Bracher
b61527d0b2 Added ATT&CK tactic 2020-07-18 02:42:10 +01:00
Aidan Bracher
161829a4c0 Added ATT&CK tactic 2020-07-18 02:41:48 +01:00
Aidan Bracher
147fd46157 Added ATT&CK tactic 2020-07-18 02:41:10 +01:00
Ivan Kirillov
0fbfcc6ba9 Initial round of subtechnique updates 2020-06-16 14:46:08 -06:00
pdr9rc
31ad81874f capitalized titles
corrected capitalization of titles and removed literals from config
2020-05-05 11:32:18 +01:00
Tiago Faria
dd85467a27
Update aws_ec2_vm_export_failure.yml 2020-05-02 00:13:55 +01:00
pdr9rc
9ce84a38e5 overrides section support + one example rule + cloudtrail config
ditto
2020-04-29 20:36:45 +01:00
faloker
6d9c8e44d7
Update rules titles 2020-02-12 23:09:16 +02:00
faloker
1b15dba712
Correct the indentation 2020-02-12 22:48:46 +02:00
faloker
f387cf0c37
Add the rule to detect changes to startup scripts 2020-02-12 22:23:18 +02:00
faloker
01d2f9f99d
Add the rule to detect backdooring of users keys 2020-02-12 22:22:38 +02:00