infosecn1nja
/
DeTTECT
mirror of https://github.com/infosecn1nja/DeTTECT.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
432 Commits
1 Branch
17 Tags
12 MiB
Commit Graph

32 Commits (master)

Author SHA1 Message Date
Marcus Bakker b3705c782e Added new data sources 2020-10-31 11:14:02 +01:00
Marcus Bakker 1a0453d9e9 Added techniques in the ransomware campaign 2020-09-10 20:05:18 +02:00
Marcus Bakker 8b65550af2 Updated the visibility scores and a few modifications on detections. 2020-07-10 11:20:32 +02:00
Marcus Bakker 19c9c10971 Merge branch 'development' of https://github.com/marcusbakker/DeTTECT-private into development 2020-07-10 09:43:15 +02:00
Marcus Bakker ef95d3daef migrated to sub-techniques 2020-07-10 09:43:12 +02:00
Ruben Bouman affbeea44b Updated upgrade function based on latest MITRE's crosswalk file. Updated own YAML files. 2020-07-10 09:36:59 +02:00
Ruben Bouman f77aed3ef0 Functionality to update to sub-techniques, including an option to provide a local stix path. Also updated sample YAML file. 2020-06-29 15:52:26 +02:00
Marcus Bakker 4df0887070 Changed the platform and/or added some comments 2020-02-10 07:39:11 +01:00
Marcus Bakker 743ba247aa Replaced "products: [None]" with an empty array 2020-02-04 13:38:14 +01:00
Marcus Bakker b3cca244d6 Added a 'platform' key-value pair 2019-12-12 15:07:56 +01:00
Marcus Bakker b185de70e4 Fixed the 'date_connected' for the source 'Office 365 audit logs'. 2019-12-05 10:35:53 +01:00
Marcus Bakker 74bba89627 Added the platforms from the October update. 2019-11-15 20:51:51 +01:00
Marcus Bakker 6dd96dff72 Added the new ATT&CK data sources from the October update. 2019-11-05 08:50:46 +01:00
Ruben Bouman 1130c5ec44 Platform attribute with right casing due to ATT&CK October update. 2019-11-04 15:46:04 +01:00
Ruben Bouman 3d657bd4bf Added new data sources of ATT&CK October update to sample-data file. 2019-11-04 14:30:59 +01:00
Marcus Bakker 6d17208387 Fixed the metadata for the data source "Process command-line parameters" 2019-09-19 15:48:38 +02:00
Marcus Bakker 9f160a262c Removed null from the YAML file lines 2019-08-02 11:29:50 +02:00
Marcus Bakker 539611dac7 - Updated to version 1.2 of the tech. administration file. 
- Improved visibility scores due to the new data source: Process use of network.
 2019-07-31 10:05:44 +02:00
Marcus Bakker 6a23aae605 Added the data source as available (with a high DQ): Process use of network 2019-07-30 20:51:18 +02:00
Marcus Bakker 1ea3547728 Added an empty data source administration YAML file 2019-07-30 14:41:06 +02:00
Marcus Bakker 223b7801d2 fixed a typo in T1171 2019-05-22 10:00:27 +02:00
Marcus Bakker bdb57f0270 Fixed some errors 2019-05-17 14:05:48 +02:00
Ruben Bouman 4b94efa651 Moved threat actor info from redcanary to new folder "threat-actor-data". 2019-05-16 08:24:14 +02:00
Ruben Bouman 9a9aa01355 Provided a groups YAML file for the Red Canary threat detection 2019 report, listing all frequently used techniques including lists per sector. Adjusted functionality in DeTT&CT to support the use of 'weight' in group files. 2019-05-15 14:43:25 +02:00
Ruben Bouman 62eccabe2d Corrections on double spaces 2019-05-07 15:28:34 +02:00
Marcus Bakker 35b85b6ddb Re-added multiple visibilities and detections to T1171 2019-05-01 12:06:39 +02:00
Marcus Bakker 34073234dc Added new examples for the new tactic "Impact" 2019-05-01 12:04:59 +02:00
Marcus Bakker 7b2d711c87 Added multiple visibilities and detections to T1171 2019-05-01 11:25:40 +02:00
Marcus Bakker a94191b81c Added example multiline comment using | 2019-04-29 14:29:51 +02:00
Ruben b3a8ba2a4f Changed name field in techniques administration sample file. 2019-04-23 14:57:11 +02:00
Marcus Bakker e55e597e34 Updated to version 1.1 2019-04-23 13:51:46 +02:00
Marcus Bakker 8b5b397ebc initial commit 2019-03-29 15:26:25 +01:00