paulmataruso/main
1
0
Fork 0
mirror of https://github.com/socfortress/Wazuh-Rules.git synced 2025-11-02 04:43:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
381 Commits 1 Branch 1 Tag
c353b4a7ace58ae7d7e9d62a9e031fca7ce2efc4
Commit Graph

381 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
taylor_socfortress
c353b4a7ac Update README.md 2023-02-04 08:43:13 -06:00
taylor_socfortress
f61b1fa38c Create 400200-open-audit.xml 2023-02-04 08:40:57 -06:00
taylor_socfortress
e84bebc6e6 Create README.md 2023-02-04 08:40:31 -06:00
taylor_socfortress
f49539001e Update README.md 2023-01-14 06:02:45 -06:00
taylor_socfortress
69ecb60995 Update README.md 2023-01-14 05:37:00 -06:00
taylor_socfortress
446e62ff62 Update README.md 2023-01-14 05:34:14 -06:00
taylor_socfortress
688f2c1efa Update 200700-sophos.xml 2023-01-06 13:31:54 -06:00
taylor_socfortress
a896f2342a Merge pull request #4 from alicangnll/patch-1 
AbuseIPDB Integration File
 2023-01-03 05:14:35 -08:00
taylor_socfortress
6b5e186efa Update wazuh_socfortress_rules.sh 2023-01-03 07:10:09 -06:00
Taylor
886d3bcca2 Addition of auditd decoders 2023-01-03 06:54:29 -06:00
taylor_socfortress
722b0ca144 Delete Auditd/decoders directory 2023-01-03 06:54:01 -06:00
taylor_socfortress
47e4b66215 Update README.md 2023-01-03 06:53:50 -06:00
taylor_socfortress
9862f23d5f Create auditd_decoders.xml 2023-01-03 06:53:06 -06:00
taylor_socfortress
1c1f1727b7 Update 200300-packetbeat_rules.xml 2022-12-30 11:11:48 -06:00
taylor_socfortress
4cdc9485bd Update 200200-osquery.xml 2022-12-30 11:00:25 -06:00
taylor_socfortress
b4e473510e Delete 200600-osquery.xml 2022-12-30 08:35:13 -06:00
taylor_socfortress
02c94dd410 Create 200200-osquery.xml 2022-12-30 08:35:02 -06:00
taylor_socfortress
f115246703 Bumping up to 109203 to resolve duplicate rule id 2022-12-29 11:33:37 -06:00
taylor_socfortress
b101bcbbc1 Create bash_profile 2022-12-29 10:45:43 -06:00
taylor_socfortress
aec30d7a32 Create auditd-user_and_cred.xml 2022-12-29 10:45:00 -06:00
taylor_socfortress
a4fcfd5822 Create auditd-syscall.xml 2022-12-29 10:44:46 -06:00
taylor_socfortress
5dd807bb41 Create auditd-path.xml 2022-12-29 10:44:35 -06:00
taylor_socfortress
ebf1d731c1 Create auditd-execve.xml 2022-12-29 10:44:23 -06:00
taylor_socfortress
696f141300 Create auditd-config_change.xml 2022-12-29 10:44:11 -06:00
taylor_socfortress
833dee66df Create README.md 2022-12-29 10:43:55 -06:00
taylor_socfortress
4b4f777865 Update README.md 2022-12-29 10:41:22 -06:00
taylor_socfortress
5443e8e6bc Create auditd.conf 2022-12-29 10:41:02 -06:00
taylor_socfortress
d92de0ec47 Create 200110-auditd.xml 2022-12-29 10:39:48 -06:00
taylor_socfortress
1b12d2bcfc Create README.md 2022-12-29 10:39:27 -06:00
Ali Can Gönüllü
f252d7c518 AbuseIPDB Integration File 
AbuseIPDB Integration File
 2022-12-07 16:37:58 +03:00
taylor_socfortress
38747cbbe3 Update MITRE_TECHNIQUES_FROM_SYSMON_EVENT1.xml 2022-12-01 11:17:54 -06:00
taylor_socfortress
5fe8d5c6f1 Update MITRE_TECHNIQUES_FROM_SYSMON_EVENT1.xml 2022-11-30 13:23:02 -06:00
taylor_socfortress
59d1c5d41e Update MITRE_TECHNIQUES_FROM_SYSMON_EVENT12.xml 2022-11-30 13:20:52 -06:00
taylor_socfortress
45fdb0ec21 Update MITRE_TECHNIQUES_FROM_SYSMON_EVENT11.xml 2022-11-30 13:14:57 -06:00
taylor_socfortress
19eec1606e Update MITRE_TECHNIQUES_FROM_SYSMON_EVENT1.xml 2022-11-30 12:49:37 -06:00
Taylor
73bb441151 Merge remote-tracking branch 'origin/main' into main 2022-11-26 12:46:25 -06:00
Taylor
a37f3c0b26 d 2022-11-26 12:46:05 -06:00
taylor_socfortress
23fbc10650 Update 100535-win_powershell_rules.xml 1.0 2022-11-07 08:27:21 -06:00
taylor_socfortress
b44f48c796 Update 109100-win_sysmon_new_events.xml 2022-11-04 17:05:38 -05:00
taylor_socfortress
f81bf4b1e2 Update MITRE_TECHNIQUES_FROM_SYSMON_EVENT13.xml 2022-11-04 09:30:24 -05:00
taylor_socfortress
87dc25a9e2 Update MITRE_TECHNIQUES_FROM_SYSMON_EVENT13.xml 2022-11-04 08:45:21 -05:00
taylor_socfortress
33e7d9c3be Update office_365.py 2022-10-31 07:54:28 -05:00
taylor_socfortress
7c89ce5711 Update defender_for_endpoint_alerts.py 
changed filterTime = datetime.now() - timedelta(hours = 1) to filterTime = datetime.utcnow() - timedelta(hours = 1)
 2022-10-25 13:00:45 -05:00
taylor_socfortress
a6a8a496ee Create packetbeat.yml 2022-10-22 09:19:21 -05:00
taylor_socfortress
ee87bc65c0 Update wazuh_socfortress_rules.sh 2022-10-04 14:44:31 -05:00
taylor_socfortress
4290a8a590 Update 100535-win_powershell_rules.xml 
Added exclustion to rule 100542
 2022-09-30 09:06:10 -05:00
taylor_socfortress
966887b5e3 Create malicious-powershell 2022-09-30 09:01:29 -05:00
taylor_socfortress
3b40c74da5 Update 100535-win_powershell_rules.xml 
Adding malicious powershell commands list
 2022-09-30 09:00:41 -05:00
taylor_socfortress
fd67055c6d Update README.md 2022-09-20 10:12:52 -05:00
taylor_socfortress
a469cfeac2 Update ar.conf 2022-09-20 10:12:25 -05:00