attack_data icon indicating copy to clipboard operation
attack_data copied to clipboard

verified publisher icon splunk

Metadata

A repository of curated datasets from various attacks

Results 33 attack_data issues
Sort by recently updated
recently updated
newest added

wrong sourcetypes for some datasets

eg datasets/suspicious_behaviour/crowdstrike_stream/admin_weak_password_policy/admin_weak_password_policy.yml is marked with sourcetypes: - 'XmlWinEventLog:Microsoft-Windows-Sysmon/Operational' should be crowdstrike:identities there are others besides this example. all the ones I found so far are in the crowdstrike stream folder,...

pong-rearc avatar pong-rearc

Create active-directory-as-rep-roasting-detection.log

4 comment

create as-rep roasting log data for detection rule

thegreatmhn avatar thegreatmhn

Update executables_suspicious_file_path_old.yml

fix formatting issues that causes "no valid data found" error

HaniTidafi avatar HaniTidafi

Metadata

506
Stars
86
Forks
Watchers

Owner

verified publisher icon splunk

Metadata

A repository of curated datasets from various attacks

Back