https://github.com/mandiant/pulsesecure_exploitation_countermeasures

https://github.com/mandiant/pulsesecure_exploitation_countermeasures

Last synced: about 1 year ago
JSON representation

• Host: GitHub
• URL: https://github.com/mandiant/pulsesecure_exploitation_countermeasures
• Owner: mandiant
• License: bsd-2-clause
• Archived: true
• Created: 2021-04-16T17:20:13.000Z (about 5 years ago)
• Default Branch: main
• Last Pushed: 2023-06-01T13:30:37.000Z (about 3 years ago)
• Last Synced: 2025-02-24T20:59:41.875Z (over 1 year ago)
• Language: YARA
• Size: 56.6 KB
• Stars: 23
• Watchers: 7
• Forks: 15
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE.txt

Awesome Lists containing this project

README

          
# FireEye Mandiant PulseSecure Exploitation Countermeasures

These rules are provided freely to the community without warranty. We provide zero guarantees with these free best effort rules and these do not reflect the same process we follow for paying customers.

In this GitHub repository you will find rules in multiple languages:

- Snort

- Yara

As well as a listing of known filehashes, filenames, and Mitre ATT&CK techniques used by the attacker. For additional information and context please review our blog at: https://www.fireeye.com/blog/threat-research/2021/04/suspected-apt-actors-leverage-bypass-techniques-pulse-secure-zero-day.html