17 Commits

Author	SHA1	Message	Date
sn0w0tter	fbcac39414	URL to subtechniques fixed	2020-10-07 00:26:25 +02:00
sn0w0tter	0f871c7d72	rules with subtechniques	2020-09-23 00:53:06 +02:00
sn0w0tter	82846bdf0d	#192 for markdown, added powershell to default targets	2020-05-15 03:15:48 +02:00
Yugoslavskiy Daniil	4d79a25830	fix #173	2020-04-05 08:17:52 +02:00
Yugoslavskiy Daniil	f101bb07fd	update confluence and md kb	2020-03-23 04:13:43 +01:00
yugoslavskiy	6aab9a3e07	fix #159	2020-02-17 00:22:47 +03:00
Yugoslavskiy Daniil	3dae842b40	update DN md template, fix #153	2020-01-14 10:12:24 +03:00
yugoslavskiy	f278b6e4a0	- updated sysmon eid 1, 7, 17 and 18 (new fields) ... - updated dn calculation to take enrichments to account - updated dr class and template for both md and confluence to print enrichments (finally sigma has a rule with a link to our enrichment, I've submitted PR it a month ago) - updated dr temlates for both md and confluence to be more verbose — if there is no info, we put some info messsage, not just empty field	2019-07-09 10:11:01 +03:00
yugoslavskiy	b15925d3a0	sysmon event id 22 (dns queries) added	2019-06-24 04:37:21 +02:00
Wydra Mateusz	d99f01b773	get rid of dot workaround for markdown, missing analitics added	2019-05-01 23:43:17 +02:00
Wydra Mateusz	80e29c836b	refresh of analytics	2019-04-29 23:10:03 +02:00
Wydra Mateusz	f4006e03bc	Makefile updated, yamls2csv changed to work with customer entities, md files and analytics regenerated	2019-03-27 02:22:01 +01:00
Wydra Mateusz	fd90abb3ca	cleanup	2019-03-25 22:59:09 +01:00
Wydra Mateusz	21e41e45a5	fixes for triggers, techniques url for markdown fixed	2019-02-13 01:04:13 +01:00
Wydra Mateusz	dfe08e01a3	technique name added to techniques in detection rules, attack_mapping.py used to store mappings to attack	2019-02-13 00:27:50 +01:00
yugoslavskiy	f79f50bec3	changed directories names	2019-02-12 04:55:11 +01:00
Wydra Mateusz	1e806591f0	code de-hardcoding, powershell events groundwork	2019-02-11 23:28:16 +01:00