issues
search
sans-blue-team
/
DeepBlueCLI
GNU General Public License v3.0
2.18k
stars
355
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Ingest into Security Onion
#35
PowerPress
opened
12 months ago
0
Nterl0k forwarded eventlog update
#34
nterl0k
opened
1 year ago
0
DeepBlue.ps1 not Found.
#33
Idro575
opened
1 year ago
2
Update DeepBlue.py
#32
ghost
closed
2 years ago
1
Logic error 3, should not reach here..
#31
ManuelBerrueta
opened
2 years ago
1
Need to Forward Logs of DeepblueCLI to a Syslog Server
#30
therajvira
closed
2 years ago
5
s/DeepWhite/DeepBlueHash
#29
eric-conrad
closed
2 years ago
0
Small typographical error in output
#28
n3tl0kr
closed
2 years ago
0
Fixed windows event log check.
#27
TheNiv
closed
1 year ago
1
Inclusive language update
#26
eric-conrad
closed
3 years ago
0
Wmi events
#25
netscylla
closed
1 year ago
0
Blocked by WinDefender - Powersploit
#24
m-nelly
closed
3 years ago
1
Defender detecting zip as vir us
#23
danieljnait
closed
3 years ago
1
Update System EID 104 parsing output to correctly reflect the cleared log name
#22
zmbf0r3ns1cs
closed
3 years ago
0
Update System EID 104 parsing output to correctly reflect the cleared log name
#21
zmbf0r3ns1cs
closed
3 years ago
0
ConvertTo-Json - login failures not output correctly
#20
dhammond22222
opened
3 years ago
0
DeepWhite-collector
#19
GlennGuillot
opened
3 years ago
0
Add Event ID 1102
#18
Shady-2012
closed
4 years ago
1
Errors on Application.evtx
#17
RandyRandleman
closed
4 years ago
3
README.md correction for Examples
#16
holisticinfosec
closed
4 years ago
1
Porting password spray attack detection in Python
#15
mfred488
opened
4 years ago
4
deepbluecli for siem
#14
TheHmadQureshi
closed
5 years ago
2
Powershell local (-log) or remote (-file) arguments shows no results
#13
tsale
opened
5 years ago
1
typo: fixed "event 4013" to be "event 4103"
#12
itpropaul
closed
5 years ago
0
Add more Mimikatz detection, focusing on token::elevate as a non-admin user
#11
joswr1ght
closed
5 years ago
0
Add password spray detection, sample evtx
#10
joswr1ght
closed
5 years ago
1
Add Event ID 4673 Sensitive Privilege Use detection for Mimikatz
#9
joswr1ght
closed
5 years ago
0
Add detector and event log to watch for Event Log Service stop/start …
#8
joswr1ght
closed
5 years ago
0
Update eventid 1 to handle sysmon v8.00 schema
#7
tomstott
opened
6 years ago
1
Adding option to grab events logs from a remote computer
#6
buhlertheruler
opened
6 years ago
0
allow for json type input
#5
ssi0202
opened
6 years ago
0
Added ability to output to CSV
#4
Robicus
opened
7 years ago
0
Add All option and stuff
#3
giMini
opened
8 years ago
0
Convert text output to PSCustomObject output
#2
infosec-intern
opened
8 years ago
5
Check-Service function
#1
masters274
closed
7 years ago
1