Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / Bert-JanP/Hunting-Queries-Detection-Rules issues and pull requests

#49 - Update Mapping.md

Pull Request - State: closed - Opened by BaderAlrowaiei 3 months ago - 1 comment

#49 - Update Mapping.md

Pull Request - State: closed - Opened by BaderAlrowaiei 3 months ago - 1 comment

#48 - Missing "Timestamp" and "union" in TheArtOfKnowingYourData.md

Pull Request - State: closed - Opened by ep3p 3 months ago - 1 comment

#48 - Missing "Timestamp" and "union" in TheArtOfKnowingYourData.md

Pull Request - State: closed - Opened by ep3p 3 months ago - 1 comment

#46 - Update nf_ransomware_leaksite_monitoring.md

Pull Request - State: closed - Opened by m4nbat 3 months ago - 2 comments

#46 - Update nf_ransomware_leaksite_monitoring.md

Pull Request - State: closed - Opened by m4nbat 3 months ago - 2 comments

#45 - Create nf_ransomware_leaksite_monitoring.md

Pull Request - State: closed - Opened by m4nbat 4 months ago - 1 comment

#45 - Create nf_ransomware_leaksite_monitoring.md

Pull Request - State: closed - Opened by m4nbat 4 months ago - 1 comment

#43 - Microsoft Defender Issue

Issue - State: closed - Opened by taremooo 4 months ago - 1 comment

#43 - Microsoft Defender Issue

Issue - State: closed - Opened by taremooo 4 months ago - 1 comment

#42 - Update ttp_t1127-001_suspNetworkConnMSBuild.md

Pull Request - State: closed - Opened by BaderAlrowaiei 4 months ago - 1 comment

#42 - Update ttp_t1127-001_suspNetworkConnMSBuild.md

Pull Request - State: closed - Opened by BaderAlrowaiei 4 months ago - 1 comment

#41 - Update Mapping.md

Pull Request - State: closed - Opened by BaderAlrowaiei 4 months ago - 1 comment

#41 - Update Mapping.md

Pull Request - State: closed - Opened by BaderAlrowaiei 4 months ago - 1 comment

#40 - Add monitoring for cloud break glass accounts

Pull Request - State: closed - Opened by erikgruetter 4 months ago - 3 comments

#40 - Add monitoring for cloud break glass accounts

Pull Request - State: closed - Opened by erikgruetter 4 months ago - 3 comments

#39 - Create UrlClickEvents.me

Pull Request - State: closed - Opened by guys1444 5 months ago - 1 comment

#39 - Create UrlClickEvents.me

Pull Request - State: closed - Opened by guys1444 5 months ago - 1 comment

#38 - `MonitorDelegations` Added

Pull Request - State: closed - Opened by babakmhz 6 months ago - 1 comment

#38 - `MonitorDelegations` Added

Pull Request - State: closed - Opened by babakmhz 6 months ago - 1 comment

#37 - Create NTDSDitFileModifications.md

Pull Request - State: closed - Opened by inodee 6 months ago - 1 comment

#37 - Create NTDSDitFileModifications.md

Pull Request - State: closed - Opened by inodee 6 months ago - 1 comment

#36 - URL and Spelling

Pull Request - State: closed - Opened by BaderAlrowaiei 6 months ago - 1 comment

#36 - URL and Spelling

Pull Request - State: closed - Opened by BaderAlrowaiei 6 months ago - 1 comment

#34 - Create nf_ttp_t1547-001_yellowcockatoo_powershell_create_link_in_startup

Pull Request - State: closed - Opened by m4nbat 8 months ago - 1 comment

#34 - Create nf_ttp_t1547-001_yellowcockatoo_powershell_create_link_in_startup

Pull Request - State: closed - Opened by m4nbat 8 months ago - 1 comment

#33 - Update and rename nf_ttp_t1543_scattered-spider_azure_arc_persistence…

Pull Request - State: closed - Opened by m4nbat 8 months ago - 1 comment

#33 - Update and rename nf_ttp_t1543_scattered-spider_azure_arc_persistence…

Pull Request - State: closed - Opened by m4nbat 8 months ago - 1 comment

#32 - Create nf_ttp_t1543_peach-sandstorm_azure_arc_persistence.md

Pull Request - State: closed - Opened by m4nbat 8 months ago - 1 comment

#32 - Create nf_ttp_t1543_peach-sandstorm_azure_arc_persistence.md

Pull Request - State: closed - Opened by m4nbat 8 months ago - 1 comment

#30 - Create nf_ttp_t1566-001_ipfs_phishing.md

Pull Request - State: closed - Opened by m4nbat 8 months ago - 1 comment

#30 - Create nf_ttp_t1566-001_ipfs_phishing.md

Pull Request - State: closed - Opened by m4nbat 8 months ago - 1 comment

#29 - Update Email - ExecutableFileRecieved.md

Pull Request - State: closed - Opened by cyb3rmik3 8 months ago - 1 comment

#29 - Update Email - ExecutableFileRecieved.md

Pull Request - State: closed - Opened by cyb3rmik3 8 months ago - 1 comment

#28 - Create ttp_t1562-001_disabledefender.md

Pull Request - State: closed - Opened by m4nbat 8 months ago

#28 - Create ttp_t1562-001_disabledefender.md

Pull Request - State: closed - Opened by m4nbat 8 months ago

#27 - Create ttp_t1219_netsupportrat_fin7.md

Pull Request - State: closed - Opened by m4nbat 8 months ago

#27 - Create ttp_t1219_netsupportrat_fin7.md

Pull Request - State: closed - Opened by m4nbat 8 months ago

#26 - Create ttp_t1127-001_suspNetworkConnMSBuild.md

Pull Request - State: closed - Opened by m4nbat 8 months ago

#26 - Create ttp_t1127-001_suspNetworkConnMSBuild.md

Pull Request - State: closed - Opened by m4nbat 8 months ago

#25 - Create ttp_t1059-001_powershell_windowsappsdir_fin7.md

Pull Request - State: closed - Opened by m4nbat 8 months ago

#24 - Create ttp_t1027-010_powershellEncodedCommand.md

Pull Request - State: closed - Opened by m4nbat 8 months ago - 2 comments

#23 - Create Detect_Known_RAT_RMM_Process_Patterns.md

Pull Request - State: closed - Opened by inodee 9 months ago - 1 comment

#22 - Adding `Webshell Detection`

Pull Request - State: closed - Opened by babakmhz 9 months ago - 4 comments

#21 - Create Rare_Outgoing_IPv4_Connections.md

Pull Request - State: closed - Opened by inodee 11 months ago - 1 comment

#20 - Fixed a typo in README.md

Pull Request - State: closed - Opened by saakshii12 11 months ago

#19 - Update README.md

Pull Request - State: closed - Opened by mishrasamiksha 11 months ago

#18 - Fixed a Typo in README.md

Pull Request - State: closed - Opened by prajjwalyd 11 months ago

#17 - geo_info_from_ip_address not available in MDE AH

Issue - State: closed - Opened by mezzofix 11 months ago - 1 comment

#16 - Update Curl-CVE-2023-38545.md

Pull Request - State: closed - Opened by fklapper 12 months ago - 1 comment

#15 - Update Behavior - InboundConnectionFromMaliciousIP.md

Pull Request - State: closed - Opened by Lodewyk-Git about 1 year ago - 6 comments

#14 - custom rules fails to decode base64 encoded string

Issue - State: closed - Opened by mezzofix about 1 year ago - 3 comments

#13 - Update LocalAccountCreated.md

Pull Request - State: closed - Opened by cyb3rmik3 over 1 year ago - 1 comment

#12 - Azure

Issue - State: closed - Opened by dazeez over 1 year ago - 2 comments

#11 - Update TI Feed - AbuseCHIPBlacklistFeed.md

Pull Request - State: closed - Opened by WesSec over 1 year ago - 1 comment

#10 - Update Email - ExecutableFileRecieved.md

Pull Request - State: closed - Opened by Subratam over 1 year ago - 2 comments

#9 - Flips comparison operator in time filters

Pull Request - State: closed - Opened by Korving-F over 1 year ago - 2 comments

#8 - improve context for each result

Pull Request - State: closed - Opened by lawndoc over 1 year ago - 2 comments

#7 - fix logic and add context

Pull Request - State: closed - Opened by lawndoc over 1 year ago - 1 comment

#6 - fix device count

Pull Request - State: closed - Opened by lawndoc over 1 year ago - 1 comment

#5 - Change principle to principal CloudPersistenceActivityByUserAtRisk.md

Pull Request - State: closed - Opened by ep3p over 1 year ago - 1 comment

#4 - Create Impersonate Execution.md

Pull Request - State: closed - Opened by prashanthpulisetti over 1 year ago - 1 comment

#3 - Update README.md

Pull Request - State: closed - Opened by rod-trent almost 2 years ago

#2 - Remove space in MS Exchange Zero Day Sept 2022.md

Pull Request - State: closed - Opened by ep3p almost 2 years ago - 1 comment