frack113
|
fb80b35141
|
fix condition
|
2021-08-16 09:21:38 +02:00 |
|
frack113
|
5b09dff1fb
|
cleanup win_malware_conti_shadowcopy.yml
|
2021-08-16 09:21:04 +02:00 |
|
frack113
|
ed424c55c8
|
fix selection
|
2021-08-16 09:20:25 +02:00 |
|
frack113
|
26d632bf05
|
fix condition
|
2021-08-16 09:19:46 +02:00 |
|
frack113
|
e8723e892a
|
clean-up powershell_invoke_nightmare.yml
|
2021-08-16 09:19:10 +02:00 |
|
Max Altgelt
|
5b60e0ea5a
|
feat: Add some rules to detect Conti behaviour
Add rules based on the leaks from the Conti group to detect
malicious behaviour.
|
2021-08-16 09:13:51 +02:00 |
|
frack113
|
c57ded1ecd
|
Merge pull request #1852 from austinsonger/gcp_dns_zone_modified_or_deleted.yml
gcp_dns_zone_modified_or_deleted.yml
|
2021-08-16 07:37:28 +02:00 |
|
frack113
|
d710818eb2
|
Merge pull request #1851 from austinsonger/gcp_dlp_re-identifies_sensitive_information.yml
gcp_dlp_re-identifies_sensitive_information.yml
|
2021-08-16 07:37:02 +02:00 |
|
frack113
|
0973c51ef5
|
Merge pull request #1850 from austinsonger/aws_efs_fileshare_modified_or_deleted.yml
aws_efs_fileshare_modified_or_deleted.yml
|
2021-08-16 07:36:43 +02:00 |
|
frack113
|
20fd75e18e
|
Merge pull request #1849 from austinsonger/aws_efs_fileshare_mount_modified_or_deleted.yml
aws_efs_fileshare_mount_modified_or_deleted.yml
|
2021-08-16 07:36:24 +02:00 |
|
frack113
|
37b8040e76
|
cleanup gcp_dlp_re-identifies_sensitive_information
Remove list with only 1 value
|
2021-08-16 06:28:40 +02:00 |
|
Austin Songer
|
ae12f1f328
|
Update gcp_dlp_re-identifies_sensitive_information.yml
|
2021-08-15 22:57:54 -05:00 |
|
Austin Songer
|
2524adc6ca
|
Update aws_efs_fileshare_mount_modified_or_deleted.yml
|
2021-08-15 22:54:11 -05:00 |
|
Austin Songer
|
fb117d5714
|
Update aws_efs_fileshare_mount_modified_or_deleted.yml
|
2021-08-15 22:52:53 -05:00 |
|
Austin Songer
|
5a22d07392
|
Update aws_efs_fileshare_modified_or_deleted.yml
|
2021-08-15 22:52:41 -05:00 |
|
Austin Songer
|
ebf2b7a313
|
Update aws_efs_fileshare_modified_or_deleted.yml
|
2021-08-15 22:49:01 -05:00 |
|
Austin Songer
|
85dc62070b
|
Update gcp_dlp_re-identifies_sensitive_information.yml
|
2021-08-15 16:02:12 -05:00 |
|
Austin Songer
|
219be99847
|
Update gcp_dns_zone_modified_or_deleted.yml
|
2021-08-15 16:02:04 -05:00 |
|
Austin Songer
|
e4314aa4b8
|
Update gcp_dns_zone_modified_or_deleted.yml
|
2021-08-15 16:01:10 -05:00 |
|
Austin Songer
|
3c770c6e4d
|
Update gcp_dlp_re-identifies_sensitive_information.yml
|
2021-08-15 15:55:46 -05:00 |
|
Austin Songer
|
a37ec60f76
|
Update gcp_dlp_re-identifies_sensitive_information.yml
|
2021-08-15 15:44:20 -05:00 |
|
Austin Songer
|
dae3d3b446
|
Update gcp_dlp_re-identifies_sensitive_information.yml
|
2021-08-15 15:42:15 -05:00 |
|
Austin Songer
|
28f6cbe2b8
|
Update aws_efs_fileshare_modified_or_deleted.yml
|
2021-08-15 15:37:07 -05:00 |
|
Austin Songer
|
b5766f8804
|
Update aws_efs_fileshare_modified_or_deleted.yml
|
2021-08-15 15:36:34 -05:00 |
|
Austin Songer
|
db7d2958d3
|
Update aws_efs_fileshare_mount_modified_or_deleted.yml
|
2021-08-15 15:04:24 -05:00 |
|
Austin Songer
|
7605795a9f
|
Create gcp_dns_zone_modified_or_deleted.yml
|
2021-08-15 14:30:23 -05:00 |
|
Austin Songer
|
ba8e9c9fcb
|
Create gcp_dlp_re-identifies_sensitive_information.yml
|
2021-08-15 14:28:10 -05:00 |
|
Austin Songer
|
bde91611a9
|
Create aws_efs_fileshare_modified_or_deleted.yml
|
2021-08-15 14:27:22 -05:00 |
|
Austin Songer
|
a0df8ce84c
|
Create aws_efs_fileshare_mount_modified_or_deleted.yml
|
2021-08-15 14:26:48 -05:00 |
|
frack113
|
5390ff85c7
|
Merge pull request #1846 from austinsonger/gcp_service_account_modified.yml
gcp_service_account_modified.yml
|
2021-08-15 08:34:47 +02:00 |
|
frack113
|
17fa9f87cc
|
Merge pull request #1847 from austinsonger/gcp_service_account_disabled_or_deleted.yml
gcp_service_account_disabled_or_deleted.yml
|
2021-08-15 08:30:57 +02:00 |
|
frack113
|
39fe9c4525
|
Merge pull request #1840 from austinsonger/gcp_firewall_rule_modified_or_deleted.yml
gcp_firewall_rule_modified_or_deleted.yml
|
2021-08-15 08:09:04 +02:00 |
|
frack113
|
88e8fea1b7
|
Merge pull request #1841 from austinsonger/gcp_full_network_traffic_packet_capture.yml
gcp_full_network_traffic_packet_capture.yml
|
2021-08-15 08:08:53 +02:00 |
|
frack113
|
f34c3ef9fd
|
remove disable as in another rule
|
2021-08-15 08:08:16 +02:00 |
|
frack113
|
d940417e58
|
fix error
|
2021-08-15 08:05:03 +02:00 |
|
frack113
|
db3eda51dd
|
fix errors
|
2021-08-15 08:02:51 +02:00 |
|
frack113
|
5d22d3ea19
|
Merge pull request #1848 from austinsonger/gcp_bucket_enumeration.yml
gcp_bucket_enumeration.yml
|
2021-08-15 07:52:15 +02:00 |
|
frack113
|
c1aa1b0476
|
Merge pull request #1845 from austinsonger/gcp_bucket_modified_or_deleted.yml
gcp_bucket_modified_or_deleted.yml
|
2021-08-15 07:51:32 +02:00 |
|
Austin Songer
|
3e151410ca
|
Update gcp_service_account_modified.yml
|
2021-08-14 22:31:47 -05:00 |
|
Austin Songer
|
552e1544e4
|
Update gcp_service_account_modified.yml
|
2021-08-14 22:30:10 -05:00 |
|
Austin Songer
|
d0e08aa78b
|
Create gcp_service_account_disabled_or_deleted.yml
|
2021-08-14 22:26:21 -05:00 |
|
Austin Songer
|
68087b80f5
|
Create gcp_service_account_modified.yml
|
2021-08-14 22:25:41 -05:00 |
|
Austin Songer
|
b5270ddce1
|
Update gcp_bucket_modified_or_deleted.yml
|
2021-08-14 22:07:50 -05:00 |
|
Austin Songer
|
28d3e3f6b9
|
Update gcp_bucket_enumeration.yml
|
2021-08-14 22:07:25 -05:00 |
|
Austin Songer
|
eaf1bd8962
|
Update gcp_bucket_enumeration.yml
|
2021-08-14 21:58:06 -05:00 |
|
Austin Songer
|
dc386a2ead
|
Create gcp_bucket_enumeration.yml
|
2021-08-14 21:56:29 -05:00 |
|
Austin Songer
|
980954751e
|
Create gcp_bucket_modified_or_deleted.yml
|
2021-08-14 21:53:56 -05:00 |
|
Austin Songer
|
872c54bc0c
|
Update gcp_full_network_traffic_packet_capture.yml
|
2021-08-14 16:50:11 -05:00 |
|
Austin Songer
|
d407a3dd4f
|
Update gcp_firewall_rule_modified_or_deleted.yml
|
2021-08-14 16:24:50 -05:00 |
|
Austin Songer
|
885bbefe73
|
Update gcp_full_network_traffic_packet_capture.yml
|
2021-08-14 16:21:16 -05:00 |
|