committing changes in /etc made by "-bash"

Package changes:
2023-06-12 09:31:52 +03:00
parent c0fa2707f8
commit f7af00565c
146 changed files with 10641 additions and 0 deletions
--- a/crowdsec/hub/scenarios/ltsich/http-w00tw00t.yaml
+++ b/crowdsec/hub/scenarios/ltsich/http-w00tw00t.yaml
@@ -0,0 +1,12 @@
+#contributed by ltsich
+type: trigger
+name: ltsich/http-w00tw00t
+description: "detect w00tw00t"
+debug: false
+filter: "evt.Meta.log_type == 'http_access-log' && evt.Parsed.file_name contains 'w00tw00t.at.ISC.SANS.DFind'"
+groupby: evt.Meta.source_ip
+blackhole: 5m
+labels:
+ service: http
+ type: scan
+ remediation: true