Skip to content

Commit

Permalink
Branch was auto-updated.
Browse files Browse the repository at this point in the history
  • Loading branch information
patel-bhavin authored Jul 9, 2024
2 parents 2b004e0 + 65b0cd5 commit 52840cd
Show file tree
Hide file tree
Showing 6 changed files with 6 additions and 9 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/unit-testing.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ jobs:
with:
ref: develop

- uses: actions/setup-python@v4
- uses: actions/setup-python@v5
with:
python-version: '3.11' #Available versions here - https://github.com/actions/python-versions/releases easy to change/make a matrix/use pypy
architecture: 'x64' # optional x64 or x86. Defaults to x64 if not specified
Expand Down
5 changes: 1 addition & 4 deletions .github/workflows/validate-and-build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,14 +11,11 @@ jobs:
steps:
- name: Check out the repository code
uses: actions/checkout@v3
with:
node-version: '20'

- uses: actions/setup-python@v4
- uses: actions/setup-python@v5
with:
python-version: '3.11' #Available versions here - https://github.com/actions/python-versions/releases easy to change/make a matrix/use pypy
architecture: 'x64' # optional x64 or x86. Defaults to x64 if not specified
node-version: '20'

- name: Install System Packages
run: |
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
name: Access LSASS Memory for Dump Creation
id: fb4c31b0-13e8-4155-8aa5-24de4b8d6717
version: 4
version: 3
date: '2024-05-13'
author: Patrick Bareiss, Splunk
status: production
Expand Down
2 changes: 1 addition & 1 deletion detections/endpoint/account_discovery_with_net_app.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
name: Account Discovery With Net App
id: 339805ce-ac30-11eb-b87d-acde48001122
version: 6
version: 5
date: '2024-05-22'
author: Teoderick Contreras, Splunk, TheLawsOfChaos, Github Community
status: production
Expand Down
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
name: Access to Vulnerable Ivanti Connect Secure Bookmark Endpoint
id: 15838756-f425-43fa-9d88-a7f88063e81a
version: 3
version: 2
date: '2024-05-14'
author: Michael Haag, Splunk
status: production
Expand Down
2 changes: 1 addition & 1 deletion detections/web/adobe_coldfusion_access_control_bypass.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ description: The following analytic detects potential exploitation attempts agai
unauthorized access to ColdFusion administration endpoints. If confirmed malicious,
this could result in data theft, brute force attacks, or further exploitation of
other vulnerabilities, posing a serious security risk to the environment.
search: 'x| tstats count min(_time) as firstTime max(_time) as lastTime from datamodel=Web
search: '| tstats count min(_time) as firstTime max(_time) as lastTime from datamodel=Web
where Web.url IN ("//restplay*", "//CFIDE/restplay*", "//CFIDE/administrator*",
"//CFIDE/adminapi*", "//CFIDE/main*", "//CFIDE/componentutils*", "//CFIDE/wizards*",
"//CFIDE/servermanager*","/restplay*", "/CFIDE/restplay*", "/CFIDE/administrator*",
Expand Down

0 comments on commit 52840cd

Please sign in to comment.