forked from crowdsecurity/hub
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.index.json
4360 lines (4360 loc) · 358 KB
/
.index.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
{
"collections": {
"Dominic-Wagner/vaultwarden": {
"path": "collections/Dominic-Wagner/vaultwarden.yml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "41f537b7985ef168a1d31c7cb10a49672925313724d523fba8389714c4222742",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbVmF1bHR3YXJkZW5dKGh0dHBzOi8vZ2l0aHViLmNvbS9kYW5pLWdhcmNpYS92YXVsdHdhcmRlbikgaW5zdGFuY2UgYWdhaW5zdCBjb21tb24gYXR0YWNrcyA6CiAtIFZhdWx0d2FyZGVuIHBhcnNlcgogLSBWYXVsdHdhcmRlbiBicnV0ZWZvcmNlICYgZW51bWVyYXRpb24gZGV0ZWN0aW9uCgojIyBBY3F1aXNpdGlvbiB0ZW1wbGF0ZQoKRXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIDoKCklmIHVzaW5nIExPR19GSUxFIGVudmlyb25tZW50IHZhcmlhYmxlOgpgYGB5YW1sCi0tLQpmaWxlbmFtZXM6CiAtIC92YXIvbG9nL3ZhdWx0d2FyZGVuLmxvZwpsYWJlbHM6CiAgdHlwZTogVmF1bHR3YXJkZW4KYGBgCklmIHJ1bm5pbmcgdmlhIHN5c3RlbWQ6CmBgYHlhbWwKLS0tCnNvdXJjZTogam91cm5hbGN0bApqb3VybmFsY3RsX2ZpbHRlcjoKICAtICJTWVNMT0dfSURFTlRJRkVSPVZhdWx0d2FyZGVuIgpsYWJlbHM6CiAgdHlwZTogVmF1bHR3YXJkZW4KYGBgCg==",
"content": "cGFyc2VyczoKICAtIERvbWluaWMtV2FnbmVyL3ZhdWx0d2FyZGVuLWxvZ3MKc2NlbmFyaW9zOgogIC0gRG9taW5pYy1XYWduZXIvdmF1bHR3YXJkZW4tYmYKZGVzY3JpcHRpb246ICJWYXVsdHdhcmRlbiBzdXBwb3J0IDogcGFyc2VyIGFuZCBicnV0ZS1mb3JjZSBkZXRlY3Rpb24iCmF1dGhvcjogRG9taW5pYy1XYWduZXIKdGFnczoKICAtIGxpbnV4CiAgLSBicnV0ZS1mb3JjZQogIC0gdmF1bHR3YXJkZW4K",
"description": "Vaultwarden support : parser and brute-force detection",
"author": "Dominic-Wagner",
"labels": null,
"parsers": [
"Dominic-Wagner/vaultwarden-logs"
],
"scenarios": [
"Dominic-Wagner/vaultwarden-bf"
]
},
"LePresidente/authelia": {
"path": "collections/LePresidente/authelia.yml",
"version": "0.2",
"versions": {
"0.1": {
"digest": "483d6a415e6649614ce28efbc2f87cf35664d989469e97cbd1f4d8b8ab7916ed",
"deprecated": false
},
"0.2": {
"digest": "24800ff1ae7b37bf343bc7dfc9053c0130e75c832826782fa422b182b787e0d5",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbQXV0aGVsaWFdKGh0dHBzOi8vd3d3LmF1dGhlbGlhLmNvbSkgaW5zdGFuY2UgYWdhaW5zdCBjb21tb24gYXR0YWNrcyA6CiAtIEF1dGhlbGlhIHBhcnNlcgogLSBBdXRoZWxpYSBicnV0ZWZvcmNlIGRldGVjdGlvbgoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCkV4YW1wbGUgYWNxdWlzaXRpb24gZm9yIHRoaXMgY29sbGVjdGlvbiA6CgpJZiB1c2luZyBMT0dfRklMRSBlbnZpcm9ubWVudCB2YXJpYWJsZToKYGBgeWFtbAotLS0KZmlsZW5hbWVzOgogLSAvdmFyL2xvZy9BdXRoZWxpYS5sb2cKbGFiZWxzOgogIHR5cGU6IGF1dGhlbGlhCmBgYA==",
"content": "cGFyc2VyczoKICAtIExlUHJlc2lkZW50ZS9hdXRoZWxpYS1sb2dzCnNjZW5hcmlvczoKICAtIExlUHJlc2lkZW50ZS9hdXRoZWxpYS1iZgpkZXNjcmlwdGlvbjogIkF1dGhlbGlhIFN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlLWZvcmNlIGRldGVjdGlvbiIKYXV0aG9yOiBMZVByZXNpZGVudGUKdGFnczoKICAtIGxpbnV4CiAgLSBicnV0ZS1mb3JjZQogIC0gYXV0aGVsaWE=",
"description": "Authelia Support : parser and brute-force detection",
"author": "LePresidente",
"labels": null,
"parsers": [
"LePresidente/authelia-logs"
],
"scenarios": [
"LePresidente/authelia-bf"
]
},
"LePresidente/emby": {
"path": "collections/LePresidente/emby.yml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "53801da28b3557ad39bc8672d0db62d845cc401bbfcde36f6f4b7f0d8a749fe9",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbRW1ieV0oaHR0cHM6Ly9lbWJ5Lm1lZGlhKSBpbnN0YW5jZSBhZ2FpbnN0IGNvbW1vbiBhdHRhY2tzIDoKIC0gRW1ieSBwYXJzZXIKIC0gRW1ieSBicnV0ZWZvcmNlIGRldGVjdGlvbgoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCkV4YW1wbGUgYWNxdWlzaXRpb24gZm9yIHRoaXMgY29sbGVjdGlvbiA6CgpJZiB1c2luZyBMT0dfRklMRSBlbnZpcm9ubWVudCB2YXJpYWJsZToKYGBgeWFtbAotLS0KZmlsZW5hbWVzOgogLSAvdmFyL2xvZy9lbWJ5c2VydmVyLnR4dApsYWJlbHM6CiAgdHlwZTogZW1ieQpgYGA=",
"content": "cGFyc2VyczoKICAtIExlUHJlc2lkZW50ZS9lbWJ5LWxvZ3MKc2NlbmFyaW9zOgogIC0gTGVQcmVzaWRlbnRlL2VtYnktYmYKZGVzY3JpcHRpb246ICJFbWJ5IHN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlLWZvcmNlIGRldGVjdGlvbiIKYXV0aG9yOiBMZVByZXNpZGVudGUKdGFnczoKICAtIGxpbnV4CiAgLSBicnV0ZS1mb3JjZQogIC0gZW1ieQ==",
"description": "Emby support : parser and brute-force detection",
"author": "LePresidente",
"labels": null,
"parsers": [
"LePresidente/emby-logs"
],
"scenarios": [
"LePresidente/emby-bf"
]
},
"LePresidente/gitea": {
"path": "collections/LePresidente/gitea.yml",
"version": "0.2",
"versions": {
"0.1": {
"digest": "1282681d69e45e64050a497ac8f17bfb67ba55a0c494743e3f5b33c2f3cee97d",
"deprecated": false
},
"0.2": {
"digest": "f5098f91736d1c3b835dfb741c271cad33a21ffb78e0554357950313ecdfe037",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbR2l0ZWFdKGh0dHBzOi8vZ2l0ZWEuaW8pIGluc3RhbmNlIGFnYWluc3QgY29tbW9uIGF0dGFja3M6CiAtIEdpdGVhIHBhcnNlcgogLSBHaXRlYSBicnV0ZWZvcmNlIGRldGVjdGlvbgoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCkV4YW1wbGUgYWNxdWlzaXRpb24gZm9yIHRoaXMgY29sbGVjdGlvbiA6CgpgYGB5YW1sCi0tLQpmaWxlbmFtZXM6CiAtIC92YXIvbG9nL2dpdGVhLmxvZwpsYWJlbHM6CiAgdHlwZTogZ2l0ZWEKYGBg",
"content": "cGFyc2VyczoKICAtIExlUHJlc2lkZW50ZS9naXRlYS1sb2dzCnNjZW5hcmlvczoKICAtIExlUHJlc2lkZW50ZS9naXRlYS1iZgpkZXNjcmlwdGlvbjogIkdpdGVhIFN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlLWZvcmNlIGRldGVjdGlvbiIKYXV0aG9yOiBMZVByZXNpZGVudGUKdGFnczoKICAtIGxpbnV4CiAgLSBicnV0ZS1mb3JjZQogIC0gZ2l0ZWE=",
"description": "Gitea Support : parser and brute-force detection",
"author": "LePresidente",
"labels": null,
"parsers": [
"LePresidente/gitea-logs"
],
"scenarios": [
"LePresidente/gitea-bf"
]
},
"LePresidente/ombi": {
"path": "collections/LePresidente/ombi.yml",
"version": "0.2",
"versions": {
"0.1": {
"digest": "e9d9d297381904e0a1cc418bc8474969bca3f37acde631e7ed84529bd7e7f1f4",
"deprecated": false
},
"0.2": {
"digest": "fa7cf1b7df176ab36a30f56f863949f204ffea11ba93ab2d31e63c88a716725c",
"deprecated": false
}
},
"long_description": "RXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIDoKCmBgYHlhbWwKLS0tCmZpbGVuYW1lczoKIC0gL3Zhci9sb2cvb21iaS9sb2ctKi50eHQKbGFiZWxzOgogIHR5cGU6IG9tYmkKYGBg",
"content": "cGFyc2VyczoKICAtIExlUHJlc2lkZW50ZS9vbWJpLWxvZ3MKc2NlbmFyaW9zOgogIC0gTGVQcmVzaWRlbnRlL29tYmktYmYKZGVzY3JpcHRpb246ICJPbWJpIFN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlLWZvcmNlIGRldGVjdGlvbiIKYXV0aG9yOiBMZVByZXNpZGVudGUKdGFnczoKICAtIGxpbnV4CiAgLSBicnV0ZS1mb3JjZQogIC0gb21iaQ==",
"description": "Ombi Support : parser and brute-force detection",
"author": "LePresidente",
"labels": null,
"parsers": [
"LePresidente/ombi-logs"
],
"scenarios": [
"LePresidente/ombi-bf"
]
},
"baudneo/gotify": {
"path": "collections/baudneo/gotify.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "9d3c0d0e2271d560f5aa45601cca9dd1d4f5722e7f1ca8198f21acc1231bca34",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRldGVjdCBicnV0ZWZvcmNlIGF0dGVtcHRzIG9uIEdvdGlmeSBzZXJ2ZXIu",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvc3lzbG9nLWxvZ3MKICAtIGJhdWRuZW8vZ290aWZ5LWxvZ3MKc2NlbmFyaW9zOgogIC0gYmF1ZG5lby9nb3RpZnktYmYKZGVzY3JpcHRpb246ICJHb3RpZnkgYnJ1dGVmb3JjZSBsb2dpbiBwcm90ZWN0aW9uIgphdXRob3I6IGJhdWRuZW8KdGFnczoKICAtIEdvdGlmeQogIC0gYnJ1dGVmb3JjZQo=",
"description": "Gotify bruteforce login protection",
"author": "baudneo",
"labels": null,
"parsers": [
"crowdsecurity/syslog-logs",
"baudneo/gotify-logs"
],
"scenarios": [
"baudneo/gotify-bf"
]
},
"baudneo/zoneminder": {
"path": "collections/baudneo/zoneminder.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "2ea1b2b8b5b7f1f6fe3c23300c08f0e6df8afea45ad94cb4cf6af36cdf489174",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRldGVjdCBicnV0ZWZvcmNlIGxvZ2lucyBvbiBab25lTWluZGVyLg==",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvc3lzbG9nLWxvZ3MKICAtIGJhdWRuZW8vem9uZW1pbmRlci1sb2dzCiAgLSBjcm93ZHNlY3VyaXR5L2RhdGVwYXJzZS1lbnJpY2gKc2NlbmFyaW9zOgogIC0gYmF1ZG5lby96b25lbWluZGVyLWJmCmRlc2NyaXB0aW9uOiAiWm9uZU1pbmRlciBicnV0ZWZvcmNlIGxvZ2luIHByb3RlY3Rpb24iCmF1dGhvcjogYmF1ZG5lbwp0YWdzOgogIC0gWm9uZU1pbmRlcgogIC0gYnJ1dGVmb3JjZQo=",
"description": "ZoneMinder bruteforce login protection",
"author": "baudneo",
"labels": null,
"parsers": [
"crowdsecurity/syslog-logs",
"baudneo/zoneminder-logs",
"crowdsecurity/dateparse-enrich"
],
"scenarios": [
"baudneo/zoneminder-bf"
]
},
"crowdsecurity/apache2": {
"path": "collections/crowdsecurity/apache2.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "3601f38e187479724e830e0182f51468c980f661e6eedc6d2e586f622e3b48ea",
"deprecated": false
}
},
"long_description": "IyMgQXBhY2hlMiBjb2xsZWN0aW9uCgpBIGNvbGxlY3Rpb24gZm9yIGFwYWNoZTIgOgogLSBhcGFjaGUyIHBhcnNlcgogLSBiYXNlIGh0dHAgc2NlbmFyaW9zIGZvciBjcmF3bCwgc2NhbiBldGMuCgojIyBBY3F1aXNpdGlvbiB0ZW1wbGF0ZQoKRXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIDoKCmBgYHlhbWwKZmlsZW5hbWVzOgogIC0gL3Zhci9sb2cvYXBhY2hlMi8qLmxvZwogIC0gL3Zhci9sb2cvKmh0dHBkKi5sb2cKICAtIC92YXIvbG9nL2h0dHBkLypsb2cKbGFiZWxzOgogIHR5cGU6IGFwYWNoZTIKYGBgCgoKbm90ZXMgOgogLSAgSWYgeW91IGFyZSB1c2luZyBgc3lzbG9nYCwgc2V0IHR5cGUgdG8gYHN5c2xvZ2AgaW5zdGVhZAogLSAgRGVwZW5kaW5nIG9uIHlvdXIgZGlzdHJpYnV0aW9uL09TLCBwYXRocyB0byBsb2cgZmlsZXMgbWlnaHQgY2hhbmdlCiAtICBPbmx5IHJlbGV2YW50IGlmIHlvdSBhcmUgbWFudWFsbHkgaW5zdGFsbGluZyBjb2xsZWN0aW9uCg==",
"content": "cGFyc2VyczoKI2dlbmVyaWMgcG9zdC1wYXJzaW5nIG9mIGh0dHAgc3R1ZmYKICAtIGNyb3dkc2VjdXJpdHkvYXBhY2hlMi1sb2dzCmNvbGxlY3Rpb25zOgogIC0gY3Jvd2RzZWN1cml0eS9iYXNlLWh0dHAtc2NlbmFyaW9zCmRlc2NyaXB0aW9uOiAiYXBhY2hlMiBzdXBwb3J0IDogcGFyc2VyIGFuZCBnZW5lcmljIGh0dHAgc2NlbmFyaW9zICIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSBsaW51eAogIC0gYXBhY2hlMgogIC0gY3Jhd2wKICAtIHNjYW4KCg==",
"description": "apache2 support : parser and generic http scenarios ",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/apache2-logs"
],
"collections": [
"crowdsecurity/base-http-scenarios"
]
},
"crowdsecurity/asterisk": {
"path": "collections/crowdsecurity/asterisk.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "4dcfaad1205510572bc715811b4f70a4ab12ad2a54a7ceac202ce9f2517502cd",
"deprecated": false
}
},
"long_description": "IyMgQXN0ZXJpc2sgY29sbGVjdGlvbgoKQSBjb2xsZWN0aW9uIGZvciBhc3RlcmlzayA6CiAtIGFzdGVyaXNrIGxvZyBwYXJzZXIKIC0gYXN0ZXJpc2sgdXNlciBlbnVtZXJhdGlvbiBzY2VuYXJpbwogLSBhc3RlcmlzayBicnV0ZWZvcmNlIHNjZW5hcmlvCgoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCkV4YW1wbGUgYWNxdWlzaXRpb24gZm9yIHRoaXMgY29sbGVjdGlvbiA6CgpgYGB5YW1sCmZpbGVuYW1lczoKICAtIC92YXIvbG9nL2FzdGVyaXNrLyoubG9nCiAgdHlwZTogYXN0ZXJpc2sKYGBgCgoKbm90ZXMgOgogLSAgSWYgeW91IGFyZSB1c2luZyBgc3lzbG9nYCwgc2V0IHR5cGUgdG8gYHN5c2xvZ2AgaW5zdGVhZAogLSAgRGVwZW5kaW5nIG9uIHlvdXIgZGlzdHJpYnV0aW9uL09TLCBwYXRocyB0byBsb2cgZmlsZXMgbWlnaHQgY2hhbmdlCiAtICBPbmx5IHJlbGV2YW50IGlmIHlvdSBhcmUgbWFudWFsbHkgaW5zdGFsbGluZyBjb2xsZWN0aW9uCgo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvYXN0ZXJpc2stbG9ncwpzY2VuYXJpb3M6CiAgLSBjcm93ZHNlY3VyaXR5L2FzdGVyaXNrX2JmCiAgLSBjcm93ZHNlY3VyaXR5L2FzdGVyaXNrX3VzZXJfZW51bQpkZXNjcmlwdGlvbjogImFzdGVyaXNrIHN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlZm9yY2UvdXNlciBlbnVtZXJhdGlvbiBzY2VuYXJpb3MgIgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIGFzdGVyaXNrCiAgLSBicnV0ZWZvcmNlCgo=",
"description": "asterisk support : parser and bruteforce/user enumeration scenarios ",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/asterisk-logs"
],
"scenarios": [
"crowdsecurity/asterisk_bf",
"crowdsecurity/asterisk_user_enum"
]
},
"crowdsecurity/base-http-scenarios": {
"path": "collections/crowdsecurity/base-http-scenarios.yaml",
"version": "0.6",
"versions": {
"0.1": {
"digest": "7ee043a9d2e063cad751e6ce5d048f02518a76d39ec81aebed3bae736b0ced9e",
"deprecated": false
},
"0.2": {
"digest": "affdb706e66ffd924086b24e94734589672fb531f80fe366ab06a8c3228962e2",
"deprecated": false
},
"0.3": {
"digest": "543df5abb020afb51f3ab9d83cdc031e95572983e72f32a59b9f6f75cac990c3",
"deprecated": false
},
"0.4": {
"digest": "15018789eeb01f907fad18a16a1bfd3dc4be972455b22b86c73fd95ef334a072",
"deprecated": false
},
"0.5": {
"digest": "98c63493ca04367acd2d889d54141f9bcf22573301b161d6d268ca053159e94e",
"deprecated": false
},
"0.6": {
"digest": "2d70781df8c630d36e5f4800bde77dd7e130481e9c658aa0b3aae7ae95e15271",
"deprecated": false
}
},
"long_description": "Kipjb250YWlucyBubyBwYXJzZXIsIG1lYW50IHRvIGJlIGVtYmVkZGVkKioKCkEgY29sbGVjdGlvbiBvZiBkZWZlbnNpdmUgKGltcGxlbWVudGF0aW9uIGluZGVwZW5kZW50KSBzY2VuYXJpb3MgZm9yIGh0dHAgc2VydmljZXMgOgogLSBhZ2dyZXNzaXZlIGNyYXdsIGRldGVjdGlvbgogLSBzY2FubmluZy9wcm9iaW5nIGRldGVjdGlvbgogLSBiYWQgdXNlci1hZ2VudCBkZXRlY3Rpb24KIC0gcGF0aCB0cmF2ZXJzYWwgZGV0ZWN0aW9uCiAtIHNlbnNpdGl2ZSBkYXRhIGFjY2VzcyBhdHRlbXB0cyBkZXRlY3Rpb24KIC0gU1FMIGluamVjdGlvbiBkZXRlY3Rpb24KCjp3YXJuaW5nOiBUaGlzIGNvbGxlY3Rpb24gaXMgX25vdF8gYSBXQUYgYW5kIHRoaXMgc2NlbmFyaW8gZG9lcyBfbm90XyBhaW1zIGF0IHJlcGxhY2luZyBhIFdBRi4KCgoK",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvaHR0cC1sb2dzCnNjZW5hcmlvczoKICAtIGNyb3dkc2VjdXJpdHkvaHR0cC1jcmF3bC1ub25fc3RhdGljcwogIC0gY3Jvd2RzZWN1cml0eS9odHRwLXByb2JpbmcKICAtIGNyb3dkc2VjdXJpdHkvaHR0cC1iYWQtdXNlci1hZ2VudAogIC0gY3Jvd2RzZWN1cml0eS9odHRwLXBhdGgtdHJhdmVyc2FsLXByb2JpbmcKICAtIGNyb3dkc2VjdXJpdHkvaHR0cC1zZW5zaXRpdmUtZmlsZXMKICAtIGNyb3dkc2VjdXJpdHkvaHR0cC1zcWxpLXByb2JpbmcKICAtIGNyb3dkc2VjdXJpdHkvaHR0cC14c3MtcHJvYmluZwogIC0gY3Jvd2RzZWN1cml0eS9odHRwLWJhY2tkb29ycy1hdHRlbXB0cwogIC0gbHRzaWNoL2h0dHAtdzAwdHcwMHQKICAtIGNyb3dkc2VjdXJpdHkvaHR0cC1nZW5lcmljLWJmCiAgLSBjcm93ZHNlY3VyaXR5L2h0dHAtb3Blbi1wcm94eQpjb2xsZWN0aW9uczoKICAtIGNyb3dkc2VjdXJpdHkvaHR0cC1jdmUKCmRlc2NyaXB0aW9uOiAiaHR0cCBjb21tb24gOiBzY2FubmVycyBkZXRlY3Rpb24iCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gbGludXgKICAtIGh0dHAKICAtIGNyYXdsCiAgLSBzY2FuCgo=",
"description": "http common : scanners detection",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/http-logs"
],
"scenarios": [
"crowdsecurity/http-crawl-non_statics",
"crowdsecurity/http-probing",
"crowdsecurity/http-bad-user-agent",
"crowdsecurity/http-path-traversal-probing",
"crowdsecurity/http-sensitive-files",
"crowdsecurity/http-sqli-probing",
"crowdsecurity/http-xss-probing",
"crowdsecurity/http-backdoors-attempts",
"ltsich/http-w00tw00t",
"crowdsecurity/http-generic-bf",
"crowdsecurity/http-open-proxy"
],
"collections": [
"crowdsecurity/http-cve"
]
},
"crowdsecurity/caddy": {
"path": "collections/crowdsecurity/caddy.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "3501cb76beba2ec7f0ed44cf10e249e4db279903813e8b659c1d731c3a66ab2f",
"deprecated": false
}
},
"long_description": "IyMgQ2FkZHkgY29sbGVjdGlvbgoKQSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBjYWRkeSBhZ2FpbnN0IGNvbW1vbiBodHRwIGF0dGFja3MgOgogLSBjYWRkeSBwYXJzZXIKIC0gYmFzZS1odHRwLXNjZW5hcmlvcyBjb2xsZWN0aW9uIHRvIGRldGVjdCBodHRwIGJhZCBiZWhhdmlvcnMKCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbApmaWxlbmFtZXM6CiAgLSAvdmFyL2xvZy9jYWRkeS8qLmxvZwogIHR5cGU6IGNhZGR5CmBgYAoKCm5vdGVzIDoKIC0gIElmIHlvdSBhcmUgdXNpbmcgYHN5c2xvZ2AsIHNldCB0eXBlIHRvIGBzeXNsb2dgIGluc3RlYWQKIC0gIERlcGVuZGluZyBvbiB5b3VyIGRpc3RyaWJ1dGlvbi9PUywgcGF0aHMgdG8gbG9nIGZpbGVzIG1pZ2h0IGNoYW5nZQogLSAgT25seSByZWxldmFudCBpZiB5b3UgYXJlIG1hbnVhbGx5IGluc3RhbGxpbmcgY29sbGVjdGlvbgo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvY2FkZHktbG9ncwpjb2xsZWN0aW9uczoKICAtIGNyb3dkc2VjdXJpdHkvYmFzZS1odHRwLXNjZW5hcmlvcwpkZXNjcmlwdGlvbjogImNhZGR5IHN1cHBvcnQgOiBwYXJzZXIgYW5kIGdlbmVyaWMgaHR0cCBzY2VuYXJpb3MiCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gbGludXgKICAtIGNhZGR5CiAgLSBjcmF3bAogIC0gc2Nhbgo=",
"description": "caddy support : parser and generic http scenarios",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/caddy-logs"
],
"collections": [
"crowdsecurity/base-http-scenarios"
]
},
"crowdsecurity/cpanel": {
"path": "collections/crowdsecurity/cpanel.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "708cb00f74feff6b8bc5109ba0dea0ed646229adbbb2174288ea7bd185b31e53",
"deprecated": false
}
},
"long_description": "IyMgQ3BhbmVsIGNvbGxlY3Rpb24KCkEgY29sbGVjdGlvbiBmb3IgY3BhbmVsLiBDb250YWluczoKICogY3BhbmVsIGxvZyBwYXJzZXIKICogY3BhbmVsIHNjZW5hcmlvIHRvIGRldGVjdCBicnV0ZWZvcmNlCgojIyBBY3F1aXNpdGlvbiB0ZW1wbGF0ZQoKRXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIDoKCmBgYHlhbWwKZmlsZW5hbWVzOgogIC0gL2hvbWUvPHVzZXJuYW1lPi9sb2dzL2NwYW5lbC9sb2dpbl9sb2cKbGFiZWxzOgogIHR5cGU6IGNwYW5lbApgYGAKCgpub3RlcyA6CiAtICBJZiB5b3UgYXJlIHVzaW5nIGBzeXNsb2dgLCBzZXQgdHlwZSB0byBgc3lzbG9nYCBpbnN0ZWFkCiAtICBEZXBlbmRpbmcgb24geW91ciBkaXN0cmlidXRpb24vT1MsIHBhdGhzIHRvIGxvZyBmaWxlcyBtaWdodCBjaGFuZ2UKIC0gIE9ubHkgcmVsZXZhbnQgaWYgeW91IGFyZSBtYW51YWxseSBpbnN0YWxsaW5nIGNvbGxlY3Rpb24K",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvY3BhbmVsLWxvZ3MKc2NlbmFyaW9zOgogIC0gY3Jvd2RzZWN1cml0eS9jcGFuZWwtYmYKZGVzY3JpcHRpb246ICJjcGFuZWwgc3VwcG9ydCA6IHBhcnNlciBhbmQgYnJ1dGVmb3JjZSBkZXRlY3Rpb24iCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gbGludXgKICAtIGNwYW5lbAogIC0gYnJ1dGVmb3JjZQo=",
"description": "cpanel support : parser and bruteforce detection",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/cpanel-logs"
],
"scenarios": [
"crowdsecurity/cpanel-bf"
]
},
"crowdsecurity/dovecot": {
"path": "collections/crowdsecurity/dovecot.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "7990a4b855273b5ceaa379d2979d796e070c96a398caeefbfa1933cc36f690be",
"deprecated": false
}
},
"long_description": "IyMgRG92ZWNvdCBjb2xsZWN0aW9uCgpBIGNvbGxlY3Rpb24gZm9yIGRvdmVjb3QKICogZG92ZWNvdCBsb2cgcGFyc2VycwogKiBkb3ZlY290IHNjZW5hcmlvIGJydXRlZm9yY2Ugc3BhbSBhdHRlbXB0CgpUaGlzIGNvbGxlY3Rpb24gbW9zdGx5IGFpbXMgYXQgZ2V0dGluZyBzaW1pbGFyIHNwYW0gcHJvdGVjdGlvbiBhcwp0aGUgbm9ybWFsIGZhaWwyYmFuIGRvdmVjb3QgY29uZmlndXJhdGlvbi4KCj4gQ29udHJpYnV0aW9uIGJ5IGh0dHBzOi8vZ2l0aHViLmNvbS9MdFNpY2gKCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbApmaWxlbmFtZXM6CiAgLSAvdmFyL2xvZy9tYWlsLmxvZwpsYWJlbHM6CiAgdHlwZTogc3lzbG9nCmBgYAoKCm5vdGVzIDoKIC0gIERlcGVuZGluZyBvbiB5b3VyIGRpc3RyaWJ1dGlvbi9PUywgcGF0aHMgdG8gbG9nIGZpbGVzIG1pZ2h0IGNoYW5nZQogLSAgT25seSByZWxldmFudCBpZiB5b3UgYXJlIG1hbnVhbGx5IGluc3RhbGxpbmcgY29sbGVjdGlvbgo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvZG92ZWNvdC1sb2dzCnNjZW5hcmlvczoKICAtIGNyb3dkc2VjdXJpdHkvZG92ZWNvdC1zcGFtCmRlc2NyaXB0aW9uOiAiZG92ZWNvdCBzdXBwb3J0IDogcGFyc2VyIGFuZCBzcGFtbWVyIGRldGVjdGlvbiIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSBsaW51eAogIC0gc3BhbQogIC0gYnJ1dGVmb3JjZQo=",
"description": "dovecot support : parser and spammer detection",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/dovecot-logs"
],
"scenarios": [
"crowdsecurity/dovecot-spam"
]
},
"crowdsecurity/endlessh": {
"path": "collections/crowdsecurity/endlessh.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "43b070a6e5c49f66dc970d4a8cc8fb37cef90c5da5aa6276c012e343ba06f0e5",
"deprecated": false
}
},
"long_description": "IyMgRW5kbGVzc2ggY29sbGVjdGlvbgoKQSBjb2xsZWN0aW9uIGZvciBbRW5kbGVzc2hdKGh0dHBzOi8vZ2l0aHViLmNvbS9za2VldG8vZW5kbGVzc2gpCiAqIGxvZyBwYXJzZXIKICogYnJ1dGUtZm9yY2Ugc2NlbmFyaW8KCj4gQ29udHJpYnV0aW9uIGJ5IGh0dHBzOi8vZ2l0aHViLmNvbS9iYW14MjMKCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb246CgpgYGB5YW1sCmZpbGVuYW1lczoKICAtIC92YXIvbG9nL2VuZGxlc3NoLmxvZwpsYWJlbHM6CiAgdHlwZTogZW5kbGVzc2gKYGBgCgpZb3UgbmVlZCB0byBjb25maWd1cmUgRW5kbGVzc2ggdG8gd3JpdGUgbG9ncyB0byB0aGlzIHBhdGguCkkuZS4gYnkgaGF2aW5nIHRoaXMgbGluZSBpbiBgL3Vzci9saWIvc3lzdGVtZC9zeXN0ZW0vZW5kbGVzc2guc2VydmljZWA6CgpgYGAKU3RhbmRhcmRPdXRwdXQ9ZmlsZTovdmFyL2xvZy9lbmRsZXNzaC5sb2cKYGBgCg==",
"content": "I3RoZSBsaXN0IG9mIHBhcnNlcnMgaXQgY29udGFpbnMKcGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvZW5kbGVzc2gtbG9ncwogIC0gY3Jvd2RzZWN1cml0eS9kYXRlcGFyc2UtZW5yaWNoCnNjZW5hcmlvczoKICAtIGNyb3dkc2VjdXJpdHkvZW5kbGVzc2gtYmYKZGVzY3JpcHRpb246ICJlbmRsZXNzaCBzdXBwb3J0IDogbG9ncyBwYXJzZXIgYW5kIGJydXRlLWZvcmNlIGRldGVjdGlvbiIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSBsaW51eAogIC0gc3NoCiAgLSBlbmRsZXNzaAogIC0gYnJ1dGVmb3JjZQo=",
"description": "endlessh support : logs parser and brute-force detection",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/endlessh-logs",
"crowdsecurity/dateparse-enrich"
],
"scenarios": [
"crowdsecurity/endlessh-bf"
]
},
"crowdsecurity/fastly": {
"path": "collections/crowdsecurity/fastly.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "6bac9453d3b274fc310b558fe41672ff09ac910463e3bea982b4f14cb3a7bf61",
"deprecated": false
}
},
"long_description": "IyMgRmFzdGx5IGNvbGxlY3Rpb24KCkEgY29sbGVjdGlvbiB0byBkZWZlbmQgZmFzdGx5IGFnYWluc3QgY29tbW9uIGh0dHAgYXR0YWNrcyA6CiAtIGZhc3RseSBkZWZhdWx0IGxvZyBmb3JtYXQgcGFyc2VyCiAtIGJhc2UgaHR0cCBzY2VuYXJpb3MgKGNyYXdsLCA0MDQgc2NhbiwgYmYgZXRjLikKCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbApmaWxlbmFtZXM6CiAgLSAvdmFyL2xvZy9mYXN0bHkvKi5sb2cKbGFiZWxzOgogIHR5cGU6IHN5c2xvZwogIGV4dGVybmFsX2Zvcm1hdDogZmFzdGx5CmBgYAoKbm90ZXMgOgogLSAgSWYgeW91IGFyZSB1c2luZyBgc3lzbG9nYCwgc2V0IHR5cGUgdG8gYHN5c2xvZ2AgaW5zdGVhZAogLSAgRGVwZW5kaW5nIG9uIHlvdXIgZGlzdHJpYnV0aW9uL09TLCBwYXRocyB0byBsb2cgZmlsZXMgbWlnaHQgY2hhbmdlCiAtICBPbmx5IHJlbGV2YW50IGlmIHlvdSBhcmUgbWFudWFsbHkgaW5zdGFsbGluZyBjb2xsZWN0aW9uCg==",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvZmFzdGx5LWxvZ3MKY29sbGVjdGlvbnM6CiAgLSBjcm93ZHNlY3VyaXR5L2Jhc2UtaHR0cC1zY2VuYXJpb3MKZGVzY3JpcHRpb246ICJmYXN0bHkgc3VwcG9ydCA6IHBhcnNlciBhbmQgZ2VuZXJpYyBodHRwIHNjZW5hcmlvcyIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSBmYXN0bHkKICAtIGh0dHAKICAtIGNyYXdsCiAgLSBzY2Fu",
"description": "fastly support : parser and generic http scenarios",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/fastly-logs"
],
"collections": [
"crowdsecurity/base-http-scenarios"
]
},
"crowdsecurity/freebsd": {
"path": "collections/crowdsecurity/freebsd.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "f2969de2e7c76a12e9c9f6a7797a62f184df6a2c188db2ac6b1e0914e342b59f",
"deprecated": false
}
},
"long_description": "Kipjb3JlIHBhY2thZ2UgZm9yIGZyZWVic2QqKgoKY29udGFpbnMgc3VwcG9ydCBmb3Igc3lzbG9nLCBkbyBub3QgcmVtb3ZlLgo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvc3lzbG9nLWxvZ3MKICAtIGNyb3dkc2VjdXJpdHkvZ2VvaXAtZW5yaWNoCiAgLSBjcm93ZHNlY3VyaXR5L2RhdGVwYXJzZS1lbnJpY2gKY29sbGVjdGlvbnM6CiAgLSBjcm93ZHNlY3VyaXR5L3NzaGQKZGVzY3JpcHRpb246ICJjb3JlIGZyZWVic2Qgc3VwcG9ydCA6IHN5c2xvZytnZW9pcCtzc2giCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gZnJlZWJzZCAKCg==",
"description": "core freebsd support : syslog+geoip+ssh",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/syslog-logs",
"crowdsecurity/geoip-enrich",
"crowdsecurity/dateparse-enrich"
],
"collections": [
"crowdsecurity/sshd"
]
},
"crowdsecurity/haproxy": {
"path": "collections/crowdsecurity/haproxy.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "41d5394188f55956e017cb3f851e93411dbf078b0176a0968dd7760b1ad5b2e5",
"deprecated": false
}
},
"long_description": "IyMgSGFwcm94eSBjb2xsZWN0aW9uCgpBIGNvbGxlY3Rpb24gdG8gZGVmZW5kIGhhcHJveHkgaHR0cCBhZ2FpbnN0IGNvbW1vbiBhdHRhY2tzIDoKIC0gaGFwcm94eSBodHRwIHBhcnNlcgogLSBiYXNlIGh0dHAgc2NlbmFyaW9zIChjcmF3bCwgNDA0IHNjYW4sIGJmIGV0Yy4pCgoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCkV4YW1wbGUgYWNxdWlzaXRpb24gZm9yIHRoaXMgY29sbGVjdGlvbiA6CgpgYGB5YW1sCmZpbGVuYW1lczoKICAtIC92YXIvbG9nL2hhcHJveHkvKi5sb2cKbGFiZWxzOgogIHR5cGU6IGhhcHJveHkKYGBgCgoKbm90ZXMgOgogLSAgSWYgeW91IGFyZSB1c2luZyBgc3lzbG9nYCwgc2V0IHR5cGUgdG8gYHN5c2xvZ2AgaW5zdGVhZAogLSAgRGVwZW5kaW5nIG9uIHlvdXIgZGlzdHJpYnV0aW9uL09TLCBwYXRocyB0byBsb2cgZmlsZXMgbWlnaHQgY2hhbmdlCiAtICBPbmx5IHJlbGV2YW50IGlmIHlvdSBhcmUgbWFudWFsbHkgaW5zdGFsbGluZyBjb2xsZWN0aW9uCg==",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvaGFwcm94eS1sb2dzCmNvbGxlY3Rpb25zOgogIC0gY3Jvd2RzZWN1cml0eS9iYXNlLWh0dHAtc2NlbmFyaW9zCmRlc2NyaXB0aW9uOiAiaGFwcm94eSBzdXBwb3J0IDogcGFyc2VyIGFuZCBnZW5lcmljIGh0dHAgc2NlbmFyaW9zIgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIGxpbnV4CiAgLSBoYXByb3h5CiAgLSBjcmF3bAogIC0gc2NhbgoK",
"description": "haproxy support : parser and generic http scenarios",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/haproxy-logs"
],
"collections": [
"crowdsecurity/base-http-scenarios"
]
},
"crowdsecurity/home-assistant": {
"path": "collections/crowdsecurity/home-assistant.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "4af5665511aa35371d1abf2007505863c4e166a1637a51a47c5f7db49f2bdf76",
"deprecated": false
}
},
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvaG9tZS1hc3Npc3RhbnQtbG9ncwpzY2VuYXJpb3M6CiAgLSBjcm93ZHNlY3VyaXR5L2hvbWUtYXNzaXN0YW50LWJmCmRlc2NyaXB0aW9uOiAiSG9tZSBhc3Npc3RhbnQgc3VwcG9ydCA6IGxvZ3MgYW5kIGJydXRlLWZvcmNlIHNjZW5hcmlvIgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIGhvbWUtYXNzaXN0YW50CiAgLSBicnV0ZWZvcmNlCg==",
"description": "Home assistant support : logs and brute-force scenario",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/home-assistant-logs"
],
"scenarios": [
"crowdsecurity/home-assistant-bf"
]
},
"crowdsecurity/http-cve": {
"path": "collections/crowdsecurity/http-cve.yaml",
"version": "1.0",
"versions": {
"0.1": {
"digest": "30748e051a470c1bc91506ae63e8784cd054564f90ccc23eb655823fc30e3019",
"deprecated": false
},
"0.2": {
"digest": "bc244c864674e59cd36ec4781bb85b5f94f77562a28a65e6bb64da789cf97379",
"deprecated": false
},
"0.3": {
"digest": "8a33f5787f19100add139f53ae98978a2c265badaf99b09365a47d686baeb5b2",
"deprecated": false
},
"0.4": {
"digest": "f5a38fc37ff6a5aa80a1411fe75ba27d9691ebf3da96b6d169d2fecc052fb528",
"deprecated": false
},
"0.5": {
"digest": "f9be2b19b2c12d4b0d4fc10de95b3138c4ae19ccaa04975d1e6a242e1fc2abf4",
"deprecated": false
},
"0.6": {
"digest": "d385131b7c0763a6fe71d6544599e69d79e6ff97c92b2b253470b9b1632bb71a",
"deprecated": false
},
"0.7": {
"digest": "33d997a205be7dad55f5fadb1b56da3cd7a22b6333037af83132a948a6cc063f",
"deprecated": false
},
"0.8": {
"digest": "9a6f6b6afb19f4ecafa4cb195d96c3380d9f2b5621424a1ee296ae34dc29f814",
"deprecated": false
},
"0.9": {
"digest": "ff8e1e8b942d229cbe6de261b864fef4052b3c83018fe389b5441bd62c824d38",
"deprecated": false
},
"1.0": {
"digest": "c10453ceeb22dcdf11fa386fe072c9aa6ede4a76e7cc9940caa429d8ec8814d5",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIG9mIGh0dHAgc3BlY2lmaWMgQ1ZFcyA6CgogLSBbQXBhY2hlIENWRS0yMDIxLTQxNzczXShodHRwczovL2N2ZS5jaXJjbC5sdS9jdmUvQ1ZFLTIwMjEtNDE3NzMpCiAtIFtBcGFjaGUgQ1ZFLTIwMjEtNDIwMTNdKGh0dHBzOi8vY3ZlLmNpcmNsLmx1L2N2ZS9DVkUtMjAyMS00MjAxMykKIC0gW0dyYWZhbmEgQ1ZFLTIwMjEtNDM3OThdKGh0dHBzOi8vY3ZlLmNpcmNsLmx1L2N2ZS9DVkUtMjAyMS00Mzc5OCkKIC0gW0ZvcnRpbmV0IENWRS0yMDE4LTEzMzc5XShodHRwczovL2N2ZS5jaXJjbC5sdS9jdmUvQ1ZFLTIwMTgtMTMzNzkpCiAtIFtQdWxzZSBTZWN1cmUgQ1ZFLTIwMTktMTE1MTBdKGh0dHBzOi8vY3ZlLmNpcmNsLmx1L2N2ZS9DVkUtMjAxOS0xMTUxMCkKIC0gW0Y1IEJJRy1JUCBDVkUtMjAyMC01OTAyXShodHRwczovL2N2ZS5jaXJjbC5sdS9jdmUvQ1ZFLTIwMjAtNTkwMikKIC0gW1RoaW5rUEhQIENWRS0yMDE4LTIwMDYyXShodHRwczovL2N2ZS5jaXJjbC5sdS9jdmUvQ1ZFLTIwMTgtMjAwNjIpCiAtIFtBcGFjaGUgTG9nNGoyIENWRS0yMDIxLTQ0MjI4XShodHRwczovL2N2ZS5jaXJjbC5sdS9jdmUvQ1ZFLTIwMjEtNDQyMjgpCiAtIFtWTXdhcmUgVk1TQS0yMDIxLTAwMjddKGh0dHBzOi8vd3d3LnZtd2FyZS5jb20vc2VjdXJpdHkvYWR2aXNvcmllcy9WTVNBLTIwMjEtMDAyNy5odG1sKQogLSBbQXRsYXNzaWFuIEppcmEgQ1ZFLTIwMjEtMjYwODZdKGh0dHBzOi8vY3ZlLmNpcmNsLmx1L2N2ZS9DVkUtMjAyMS0yNjA4NikKIC0gW1NwcmluZzRTaGVsbCBDVkUtMjAyMi0yMjk2NV0oaHR0cHM6Ly9jdmUubWl0cmUub3JnL2NnaS1iaW4vY3ZlbmFtZS5jZ2k/bmFtZT1DVkUtMjAyMi0yMjk2NSkKIC0gW1ZNd2FyZSBDVkUtMjAyMi0yMjk1NF0oaHR0cHM6Ly93d3cudm13YXJlLmNvbS9zZWN1cml0eS9hZHZpc29yaWVzL1ZNU0EtMjAyMi0wMDExLmh0bWwpCgoKOndhcm5pbmc6IFRoaXMgY29sbGVjdGlvbiBpcyBfbm90XyBhIFdBRiBhbmQgdGhpcyBjb2xsZWN0aW9uIGRvZXMgX25vdF8gYWltcyBhdCByZXBsYWNpbmcgYSBXQUYuCgpBcyBzdWNoLCBhbiBhdHRhY2tlciBtaWdodCBiZSBhYmxlIHRvIGJ5cGFzcyB0aG9zZSBzaWduYXR1cmVzLgoK",
"content": "c2NlbmFyaW9zOgogIC0gY3Jvd2RzZWN1cml0eS9odHRwLWN2ZS0yMDIxLTQxNzczCiAgLSBjcm93ZHNlY3VyaXR5L2h0dHAtY3ZlLTIwMjEtNDIwMTMKICAtIGNyb3dkc2VjdXJpdHkvZ3JhZmFuYS1jdmUtMjAyMS00Mzc5OAogIC0gY3Jvd2RzZWN1cml0eS92bXdhcmUtdmNlbnRlci12bXNhLTIwMjEtMDAyNwogIC0gY3Jvd2RzZWN1cml0eS9mb3J0aW5ldC1jdmUtMjAxOC0xMzM3OQogIC0gY3Jvd2RzZWN1cml0eS9wdWxzZS1zZWN1cmUtc3NsdnBuLWN2ZS0yMDE5LTExNTEwCiAgLSBjcm93ZHNlY3VyaXR5L2Y1LWJpZy1pcC1jdmUtMjAyMC01OTAyCiAgLSBjcm93ZHNlY3VyaXR5L3RoaW5rcGhwLWN2ZS0yMDE4LTIwMDYyCiAgLSBjcm93ZHNlY3VyaXR5L2FwYWNoZV9sb2c0ajJfY3ZlLTIwMjEtNDQyMjgKICAtIGNyb3dkc2VjdXJpdHkvamlyYV9jdmUtMjAyMS0yNjA4NgogIC0gY3Jvd2RzZWN1cml0eS9zcHJpbmc0c2hlbGxfY3ZlLTIwMjItMjI5NjUKICAtIGNyb3dkc2VjdXJpdHkvdm13YXJlLWN2ZS0yMDIyLTIyOTU0CmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gd2ViCiAgLSBleHBsb2l0CiAgLSBjdmUKICAtIGh0dHAK",
"author": "crowdsecurity",
"labels": null,
"scenarios": [
"crowdsecurity/http-cve-2021-41773",
"crowdsecurity/http-cve-2021-42013",
"crowdsecurity/grafana-cve-2021-43798",
"crowdsecurity/vmware-vcenter-vmsa-2021-0027",
"crowdsecurity/fortinet-cve-2018-13379",
"crowdsecurity/pulse-secure-sslvpn-cve-2019-11510",
"crowdsecurity/f5-big-ip-cve-2020-5902",
"crowdsecurity/thinkphp-cve-2018-20062",
"crowdsecurity/apache_log4j2_cve-2021-44228",
"crowdsecurity/jira_cve-2021-26086",
"crowdsecurity/spring4shell_cve-2022-22965",
"crowdsecurity/vmware-cve-2022-22954"
]
},
"crowdsecurity/iis": {
"path": "collections/crowdsecurity/iis.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "045c579c8cbb0e1e15f76c22b6465d6113df4117e48ae018043c2c1c01cd4b42",
"deprecated": false
}
},
"long_description": "IyMgSUlTIGNvbGxlY3Rpb24KCkEgY29sbGVjdGlvbiBmb3IgSUlTIDoKIC0gSVNTIHBhcnNlciAob25seSBXM0MgZm9ybWF0IGlzIHN1cHBvcnRlZCwgd2l0aCB0aGUgZGVmYXVsdCBmb3JtYXQpCiAtIGJhc2UgaHR0cCBzY2VuYXJpb3MgZm9yIGNyYXdsLCBzY2FuIGV0Yy4KCk5vdGU6CiAtIElJUyB3aWxsIGJ1ZmZlciB0aGUgbG9ncyBpbiBtZW1vcnkgYmVmb3JlIHdyaXRpbmcgdGhlbSB0byB0aGUgbG9nIGZpbGUgKG9yIHRoZSBldmVudCBsb2cpLiBUaGUgZmx1c2ggaXMgZG9uZSBldmVyeSBtaW51dGUgb3IgZXZlcnkgNjRrQiBieSBkZWZhdWx0LCB0aGlzIGNhbiBsZWFkIHRvIHNvbWUgZmFsc2UgcG9zaXRpdmVzIG9uIGxvdyB0cmFmZmljIHdlYnNpdGVzLCBhcyBjcm93ZHNlYyB3aWxsIGJlIGEgc3VyZ2Ugb2YgbG9ncyBldmVyeSBtaW51dGUuIFRoaXMgY2FuIGJlIG1pdGlnYXRlZCBieSBzZXR0aW5nIHRoZSBgdXNlX3RpbWVfbWFjaGluZWAgc2V0dGluZ3MgdG8gdHJ1ZSBpbiB0aGUgcmVsZXZhbnQgc2VjdGlvbiBvZiB5b3VyIGFjcXVpc2l0aW9uIGNvbmZpZy4KCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gaWYgeW91IGxvZyB0byBhIGZpbGU6CgpgYGB5YW1sCnVzZV90aW1lX21hY2hpbmU6IHRydWUgI1Byb2Nlc3MgbG9ncyBhcyBpZiB3ZSB3ZXJlIHJlcGxheWluZyB0aGVtIHRvIGdldCB0aGUgdGltZXN0YW1wIGZyb20gdGhlIApmaWxlbmFtZXM6CiAgLSBDOlxcaW5ldHB1YlxcbG9nc1xcTG9nRmlsZXNcXCpcXCoubG9nCmxhYmVsczoKICB0eXBlOiBpaXMKYGBgCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gaWYgeW91IGxvZyB0byB3aW5kb3dzIGV2ZW50czoKYGBgeWFtbApzb3VyY2U6IHdpbmV2ZW50bG9nCmV2ZW50X2NoYW5uZWw6IE1pY3Jvc29mdC1JSVMtTG9nZ2luZy9Mb2dzCmV2ZW50X2lkczoKIC0gNjIwMApldmVudF9sZXZlbDogaW5mb3JtYXRpb24KbGFiZWxzOgogdHlwZTogaWlzCmBgYAo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvaWlzLWxvZ3MKY29sbGVjdGlvbnM6CiAgLSBjcm93ZHNlY3VyaXR5L2Jhc2UtaHR0cC1zY2VuYXJpb3MKZGVzY3JpcHRpb246ICJJSVMgc3VwcG9ydCA6IHBhcnNlciBhbmQgZ2VuZXJpYyBodHRwIHNjZW5hcmlvcyAiCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gd2luZG93cwogIC0gaWlzCiAgLSBjcmF3bAogIC0gc2NhbgoK",
"description": "IIS support : parser and generic http scenarios ",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/iis-logs"
],
"collections": [
"crowdsecurity/base-http-scenarios"
]
},
"crowdsecurity/iptables": {
"path": "collections/crowdsecurity/iptables.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "ba5c8e97c06b19e4c075e0285e6b60c1da3b86381c88c4bfea4b374378ced10a",
"deprecated": false
}
},
"long_description": "IyMgSXB0YWJsZXMvTmZ0YWJsZXMgY29sbGVjdGlvbgoKQSBjb2xsZWN0aW9uIGZvciBwb3J0c2NhbiBkZXRlY3Rpb24gdmlhIGlwdGFibGVzL25mdGFibGVzIDoKIC0gaXB0YWJsZXMvbmZ0YWJsZXMgcGFyc2VyIChsaWtlIGluIGAtaiBMT0dgKQogLSBtdWx0aSBwb3J0IHNjYW4gZGV0ZWN0aW9uCgojIyBBY3F1aXNpdGlvbiB0ZW1wbGF0ZQoKRXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIDoKCmBgYHlhbWwKZmlsZW5hbWVzOgogIC0gL3Zhci9sb2cva2Vybi5sb2cKbGFiZWxzOgogIHR5cGU6IHN5c2xvZwpgYGAKCm5vdGVzIDoKIC0gIERlcGVuZGluZyBvbiB5b3VyIGRpc3RyaWJ1dGlvbi9PUywgcGF0aHMgdG8gbG9nIGZpbGVzIG1pZ2h0IGNoYW5nZQogLSAgT25seSByZWxldmFudCBpZiB5b3UgYXJlIG1hbnVhbGx5IGluc3RhbGxpbmcgY29sbGVjdGlvbgo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvaXB0YWJsZXMtbG9ncwpzY2VuYXJpb3M6CiAgLSBjcm93ZHNlY3VyaXR5L2lwdGFibGVzLXNjYW4tbXVsdGlfcG9ydHMKZGVzY3JpcHRpb246ICJpcHRhYmxlcyBzdXBwb3J0IDogbG9ncyBhbmQgcG9ydC1zY2FucyBkZXRlY3Rpb24gc2NlbmFyaW9zIgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIGxpbnV4CiAgLSBwb3J0c2NhbgogIC0gaXB0YWJsZXMKCg==",
"description": "iptables support : logs and port-scans detection scenarios",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/iptables-logs"
],
"scenarios": [
"crowdsecurity/iptables-scan-multi_ports"
]
},
"crowdsecurity/linux": {
"path": "collections/crowdsecurity/linux.yaml",
"version": "0.2",
"versions": {
"0.1": {
"digest": "8d16483218a979b84549fb020b0342feea3d1f4951294b6994d33a9b7214842f",
"deprecated": false
},
"0.2": {
"digest": "baaa37b12b4d734fab81ae01ff81c58ceb7a99304f21e6bb6ff86b871ed6d5eb",
"deprecated": false
}
},
"long_description": "Kipjb3JlIHBhY2thZ2UgZm9yIGxpbnV4KioKCmNvbnRhaW5zIHN1cHBvcnQgZm9yIHN5c2xvZywgZG8gbm90IHJlbW92ZS4K",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvc3lzbG9nLWxvZ3MKICAtIGNyb3dkc2VjdXJpdHkvZ2VvaXAtZW5yaWNoCiAgLSBjcm93ZHNlY3VyaXR5L2RhdGVwYXJzZS1lbnJpY2gKY29sbGVjdGlvbnM6CiAgLSBjcm93ZHNlY3VyaXR5L3NzaGQKZGVzY3JpcHRpb246ICJjb3JlIGxpbnV4IHN1cHBvcnQgOiBzeXNsb2crZ2VvaXArc3NoIgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIGxpbnV4Cgo=",
"description": "core linux support : syslog+geoip+ssh",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/syslog-logs",
"crowdsecurity/geoip-enrich",
"crowdsecurity/dateparse-enrich"
],
"collections": [
"crowdsecurity/sshd"
]
},
"crowdsecurity/linux-lpe": {
"path": "collections/crowdsecurity/linux-lpe.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "a68ef0b517c988b50b3cdc0d84702b2f70e621d29378b9782b2e037bf6663458",
"deprecated": false
}
},
"long_description": "IyMgTG9jYWwgUHJpdmlsZWdlIEVzY2FsYXRpb24gRGV0ZWN0aW9uCgpUaGlzIGNvbGxlY3Rpb24gYWltcyBhdCBkZXRlY3RpbmcgKHdoZW4gcG9zc2libGUpIGxvY2FsIHByaXZpbGVnZSBlc2NhbGF0aW9uIGF0dGFja3MuCgogLSBDVkUtMjAyMS00MDM0IDogRGV0ZWN0IGV4cGxvaXRhdGlvbiBvZiBwa2V4ZWMgdnVsbmVyYWJpbGl0eQoKOndhcm5pbmc6IFBsZWFzZSBub3RlIHRob3NlIHNjZW5hcmlvcyBhcmUgZGV0ZWN0aW9uIG9ubHksIGFuZCBhcmUgdmVyeSBsaWtlbHkgdG8gYmUgYnlwYXNzZWQgYnkgc21hcnQgYXR0YWNrZXJzLCBkbyBub3QgcmVseSBzb2xlbHkgb24gdGhlbSA6d2FybmluZzoKCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbApmaWxlbmFtZXM6CiAgLSAvdmFyL2xvZy9hdXRoLmxvZwpsYWJlbHM6CiAgdHlwZTogc3lzbG9nCmBgYAoKbm90ZXMgOgogLSAgRGVwZW5kaW5nIG9uIHlvdXIgZGlzdHJpYnV0aW9uL09TLCBwYXRocyB0byBsb2cgZmlsZXMgbWlnaHQgY2hhbmdlCiAtICBPbmx5IHJlbGV2YW50IGlmIHlvdSBhcmUgbWFudWFsbHkgaW5zdGFsbGluZyBjb2xsZWN0aW9uCgo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvcGtleGVjLWxvZ3MKc2NlbmFyaW9zOgogIC0gY3Jvd2RzZWN1cml0eS9DVkUtMjAyMS00MDM0CmNvbGxlY3Rpb25zOgogIC0gY3Jvd2RzZWN1cml0eS9saW51eApkZXNjcmlwdGlvbjogIkxpbnV4IExvY2FsIFByaXZpbGVnZSBFc2NhbGF0aW9uIGNvbGxlY3Rpb24gOiBkZXRlY3QgdHJpdmlhbCBMUEVzIgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIGxpbnV4CiAgLSBwcml2c2VjCiAgLSBscGUKCgo=",
"description": "Linux Local Privilege Escalation collection : detect trivial LPEs",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/pkexec-logs"
],
"scenarios": [
"crowdsecurity/CVE-2021-4034"
],
"collections": [
"crowdsecurity/linux"
]
},
"crowdsecurity/litespeed": {
"path": "collections/crowdsecurity/litespeed.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "c3bfb3dea73e8880ca0598b4ede129f0468361cadabd7ce214f92598348da97e",
"deprecated": false
}
},
"long_description": "IyMgTGl0ZXNwZWVkIGNvbGxlY3Rpb24KCkEgY29sbGVjdGlvbiB0byBkZWZlbmQgbGl0ZXNwZWVkIGFnYWluc3QgY29tbW9uIGF0dGFja3MgOgogLSBsaXRlc3BlZWQgcGFyc2VyCiAtIGJhc2UgaHR0cCBzY2VuYXJpb3MgKGNyYXdsLCA0MDQgc2NhbiwgYmYpCiAtIEJydXRlZm9yY2UgYWdhaW5zdCBsaXRlc3BlZWQgYWRtaW4gVUkKCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbApmaWxlbmFtZXM6CiAgLSAvdXNyL2xvY2FsL2xzd3MvWU9VUlZIT1NUL2xvZ3MvKi5sb2cKICAtIC91c3IvbG9jYWwvbHN3cy9hZG1pbi9sb2dzLyoubG9nCiAgLSAvdXNyL2xvY2FsL2xzd3MvbG9ncy8qLmxvZwpsYWJlbHM6CiAgdHlwZTogbGl0ZXNwZWVkCmBgYAoKCm5vdGVzIDoKIC0gIElmIHlvdSBhcmUgdXNpbmcgYHN5c2xvZ2AsIHNldCB0eXBlIHRvIGBzeXNsb2dgIGluc3RlYWQKIC0gIERlcGVuZGluZyBvbiB5b3VyIGRpc3RyaWJ1dGlvbi9PUywgcGF0aHMgdG8gbG9nIGZpbGVzIG1pZ2h0IGNoYW5nZQogLSAgT25seSByZWxldmFudCBpZiB5b3UgYXJlIG1hbnVhbGx5IGluc3RhbGxpbmcgY29sbGVjdGlvbgo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvbGl0ZXNwZWVkLWxvZ3MKY29sbGVjdGlvbnM6CiAgLSBjcm93ZHNlY3VyaXR5L2Jhc2UtaHR0cC1zY2VuYXJpb3MKc2NlbmFyaW9zOgogIC0gY3Jvd2RzZWN1cml0eS9saXRlc3BlZWQtYWRtaW4tYmYKZGVzY3JpcHRpb246ICJsaXRlc3BlZWQgc3VwcG9ydCA6IHBhcnNlciBhbmQgZ2VuZXJpYyBodHRwIHNjZW5hcmlvcyIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSBsaXRlc3BlZWQKICAtIGNyYXdsCiAgLSBzY2FuCgo=",
"description": "litespeed support : parser and generic http scenarios",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/litespeed-logs"
],
"scenarios": [
"crowdsecurity/litespeed-admin-bf"
],
"collections": [
"crowdsecurity/base-http-scenarios"
]
},
"crowdsecurity/mariadb": {
"path": "collections/crowdsecurity/mariadb.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "88ec0daef18bbbce68c6ae2c0593cf152973221efb630a745f7cbb34feb80ff8",
"deprecated": false
}
},
"long_description": "IyMgTWFyaWFEQiBjb2xsZWN0aW9uCgpBIGNvbGxlY3Rpb24gZm9yIG1hcmlhZGIgc2VydmljZSA6CiAtIG1hcmlhZGIgbG9ncyBwYXJzZXIKIC0gYnJ1dGVmb3JjZSBkZXRlY3Rpb24KCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbApmaWxlbmFtZXM6CiAgLSAvdmFyL2xvZy9teXNxbC9lcnJvci5sb2cKbGFiZWxzOgogIHR5cGU6IG15c3FsCmBgYAoKbm90ZXMgOgogLSAgSWYgeW91IGFyZSB1c2luZyBgc3lzbG9nYCwgc2V0IHR5cGUgdG8gYHN5c2xvZ2AgaW5zdGVhZAogLSAgRGVwZW5kaW5nIG9uIHlvdXIgZGlzdHJpYnV0aW9uL09TLCBwYXRocyB0byBsb2cgZmlsZXMgbWlnaHQgY2hhbmdlCiAtICBPbmx5IHJlbGV2YW50IGlmIHlvdSBhcmUgbWFudWFsbHkgaW5zdGFsbGluZyBjb2xsZWN0aW9uCg==",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvbWFyaWFkYi1sb2dzCnNjZW5hcmlvczoKICAtIGNyb3dkc2VjdXJpdHkvbWFyaWFkYi1iZgpkZXNjcmlwdGlvbjogIm1hcmlhZGIgc3VwcG9ydCA6IGxvZ3MgYW5kIGJydXRlLWZvcmNlIHNjZW5hcmlvcyIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSBsaW51eAogIC0gbWFyaWFkYgogIC0gYnJ1dGVmb3JjZQo=",
"description": "mariadb support : logs and brute-force scenarios",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/mariadb-logs"
],
"scenarios": [
"crowdsecurity/mariadb-bf"
]
},
"crowdsecurity/modsecurity": {
"path": "collections/crowdsecurity/modsecurity.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "530454a9dbdb3800f62de4b8ba7d6ed2160b4e533d577c52393f5f286df2b615",
"deprecated": false
}
},
"long_description": "IyMgTW9kc2VjdXJpdHkgY29sbGVjdGlvbgoKQSBjb2xsZWN0aW9uIGZvciBtb2RzZWN1cml0eSAodGVzdGVkIG9ubHkgd2l0aCBBcGFjaGUpOgogLSBtb2RzZWN1cml0eSBwYXJzZXI6IGBjcm93ZHNlY3VyaXR5L21vZHNlY3VyaXR5YAogLSBtb2RzZWN1cml0eSBzY2VuYXJpbzogYGNyb3dkc2VjdXJpdHkvbW9kc2VjdXJpdHkKCgojIyBBY3F1aXNpdGlvbiB0ZW1wbGF0ZQoKRXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIDoKCmBgYHlhbWwKZmlsZW5hbWVzOgogIC0gL3Zhci9sb2cvYXBhY2hlMi8qLmxvZwogIC0gL3Zhci9sb2cvbmdpbngvKi5sb2cKbGFiZWxzOgogIHR5cGU6IG1vZHNlY3VyaXR5CmBgYAoKCm5vdGVzIDoKIC0gIElmIHlvdSBhcmUgdXNpbmcgYHN5c2xvZ2AsIHNldCB0eXBlIHRvIGBzeXNsb2dgIGluc3RlYWQKIC0gIERlcGVuZGluZyBvbiB5b3VyIGRpc3RyaWJ1dGlvbi9PUywgcGF0aHMgdG8gbG9nIGZpbGVzIG1pZ2h0IGNoYW5nZQogLSAgT25seSByZWxldmFudCBpZiB5b3UgYXJlIG1hbnVhbGx5IGluc3RhbGxpbmcgY29sbGVjdGlvbgo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvbW9kc2VjdXJpdHkKc2NlbmFyaW9zOgogIC0gY3Jvd2RzZWN1cml0eS9tb2RzZWN1cml0eQpkZXNjcmlwdGlvbjogIm1vZHNlY3VyaXR5IHN1cHBvcnQgOiBtb2RzZWN1cml0eSBwYXJzZXIgYW5kIHNjZW5hcmlvIgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIGxpbnV4CiAgLSB3ZWIKICAtIHdhZg==",
"description": "modsecurity support : modsecurity parser and scenario",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/modsecurity"
],
"scenarios": [
"crowdsecurity/modsecurity"
]
},
"crowdsecurity/mssql": {
"path": "collections/crowdsecurity/mssql.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "109bf56d5781fca733b958588338370d2196a2c3e490eccb94c56df6341a3ba8",
"deprecated": false
}
},
"long_description": "IyMgTVNTUUwgQ29sbGVjdGlvbgoKQSBjb2xsZWN0aW9uIGZvciBNU1NRTCA6CiAtIG1zc3FsIGxvZ3MgcGFyc2VyCiAtIGJydXRlZm9yY2UgZGV0ZWN0aW9uCiAKICMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbApzb3VyY2U6IHdpbmV2ZW50bG9nCmV2ZW50X2NoYW5uZWw6IEFwcGxpY2F0aW9uCmV2ZW50X2lkczoKIC0gMTg0NTYKZXZlbnRfbGV2ZWw6IGluZm9ybWF0aW9uCmxhYmVsczoKIHR5cGU6IGV2ZW50bG9nCmBgYAoKbm90ZXM6CiAtICBZb3UgbmVlZCB0byBlbmFibGUgZmFpbGVkIGxvZ2luIGxvZ3MgKHdoaWNoIHNob3VsZCBiZSBvbiBieSBkZWZhdWx0KQ==",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvbXNzcWwtbG9ncwpzY2VuYXJpb3M6CiAgLSBjcm93ZHNlY3VyaXR5L21zc3FsLWJmCmRlc2NyaXB0aW9uOiAibXNzcWwgc3VwcG9ydCA6IGxvZ3MgYW5kIGJydXRlLWZvcmNlIHNjZW5hcmlvcyIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSB3aW5kb3dzCiAgLSBtc3NxbAogIC0gYnJ1dGVmb3JjZQo=",
"description": "mssql support : logs and brute-force scenarios",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/mssql-logs"
],
"scenarios": [
"crowdsecurity/mssql-bf"
]
},
"crowdsecurity/mysql": {
"path": "collections/crowdsecurity/mysql.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "77e63a6deedaedc15457691e8631633c15663e796f9e896331d64aa3614fdafc",
"deprecated": false
}
},
"long_description": "IyMgTXlTUUwgQ29sbGVjdGlvbgoKQSBjb2xsZWN0aW9uIGZvciBteXNxbCBzZXJ2aWNlcyA6CiAtIG15c3FsIGxvZ3MgcGFyc2VyCiAtIGJydXRlZm9yY2UgZGV0ZWN0aW9uCiAKICMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbApmaWxlbmFtZXM6CiAgLSAvdmFyL2xvZy9teXNxbC9lcnJvci5sb2cKbGFiZWxzOgogIHR5cGU6IG15c3FsCmBgYAoKbm90ZXMgOgogLSAgSWYgeW91IGFyZSB1c2luZyBgc3lzbG9nYCwgc2V0IHR5cGUgdG8gYHN5c2xvZ2AgaW5zdGVhZAogLSAgRGVwZW5kaW5nIG9uIHlvdXIgZGlzdHJpYnV0aW9uL09TLCBwYXRocyB0byBsb2cgZmlsZXMgbWlnaHQgY2hhbmdlCiAtICBPbmx5IHJlbGV2YW50IGlmIHlvdSBhcmUgbWFudWFsbHkgaW5zdGFsbGluZyBjb2xsZWN0aW9uCg==",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvbXlzcWwtbG9ncwpzY2VuYXJpb3M6CiAgLSBjcm93ZHNlY3VyaXR5L215c3FsLWJmCmRlc2NyaXB0aW9uOiAibXlzcWwgc3VwcG9ydCA6IGxvZ3MgYW5kIGJydXRlLWZvcmNlIHNjZW5hcmlvcyIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSBsaW51eAogIC0gbXlzcWwKICAtIGJydXRlZm9yY2UK",
"description": "mysql support : logs and brute-force scenarios",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/mysql-logs"
],
"scenarios": [
"crowdsecurity/mysql-bf"
]
},
"crowdsecurity/naxsi": {
"path": "collections/crowdsecurity/naxsi.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "cd093e3b26795e8ae86898a585ef77509dc988c4841ea49ba61795a7c849b06e",
"deprecated": false
}
},
"long_description": "IyMgTmF4c2kgY29sbGVjdGlvbgoKQSBjb2xsZWN0aW9uIHRvIGRldGVjdCB2aXJ0dWFsIHBhdGNoIHZpb2xhdGlvbnMgOgogLSBuYXhzaSBsb2dzIHBhcnNlcgogLSB2cGF0Y2ggaGlnaCBpZCAoPjk5OTkpIHRyaWdnZXIgcnVsZQoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCkV4YW1wbGUgYWNxdWlzaXRpb24gZm9yIHRoaXMgY29sbGVjdGlvbiA6CgpgYGB5YW1sCmZpbGVuYW1lczoKICAtIC92YXIvbG9nL25naW54LyoubG9nCmxhYmVsczoKICB0eXBlOiBuZ2lueApgYGAKCm5vdGVzIDoKIC0gIElmIHlvdSBhcmUgdXNpbmcgYHN5c2xvZ2AsIHNldCB0eXBlIHRvIGBzeXNsb2dgIGluc3RlYWQKIC0gIERlcGVuZGluZyBvbiB5b3VyIGRpc3RyaWJ1dGlvbi9PUywgcGF0aHMgdG8gbG9nIGZpbGVzIG1pZ2h0IGNoYW5nZQogLSAgT25seSByZWxldmFudCBpZiB5b3UgYXJlIG1hbnVhbGx5IGluc3RhbGxpbmcgY29sbGVjdGlvbgo=",
"content": "cGFyc2VyczoKI2dlbmVyaWMgcG9zdC1wYXJzaW5nIG9mIGh0dHAgc3R1ZmYKICAtIGNyb3dkc2VjdXJpdHkvbmdpbngtbG9ncwogIC0gY3Jvd2RzZWN1cml0eS9uYXhzaS1sb2dzCnNjZW5hcmlvczoKICAtIGNyb3dkc2VjdXJpdHkvbmF4c2ktZXhwbG9pdC12cGF0Y2gKZGVzY3JpcHRpb246ICJuYXhzaSBzdXBwb3J0IDogcGFyc2VyIGFuZCB2cGF0Y2ggc2NlbmFyaW8iCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gbGludXgKICAtIG5naW54CiAgLSBuYXhzaQogIC0gZXhwbG9pdAoK",
"description": "naxsi support : parser and vpatch scenario",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/nginx-logs",
"crowdsecurity/naxsi-logs"
],
"scenarios": [
"crowdsecurity/naxsi-exploit-vpatch"
]
},
"crowdsecurity/nextcloud": {
"path": "collections/crowdsecurity/nextcloud.yaml",
"version": "0.2",
"versions": {
"0.1": {
"digest": "970735016eb78b0d0c722d7ed426b0edc1efd603547bf8cd5d68c57484e7a855",
"deprecated": false
},
"0.2": {
"digest": "a60b9e37b9f440f290632cdc20832b5a53ce9b59b3ce1d926b4ef40b49776c34",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbTmV4dGNsb3VkXShodHRwczovL25leHRjbG91ZC5jb20pIGluc3RhbmNlIGFnYWluc3QgY29tbW9uIGF0dGFja3MgOgogLSBOZXh0Y2xvdWQgcGFyc2VyCiAtIE5leHRjbG91ZCBicnV0ZWZvcmNlICYgZW51bWVyYXRpb24gZGV0ZWN0aW9uCgo+IENvbnRyaWJ1dGVkIGJ5IEjDpXZhcmQgTW9lbgoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCgogRXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIDoKCmBgYHlhbWwKLS0tCmZpbGVuYW1lczoKIC0gL3Zhci93d3cvbmV4dGNsb3VkL2RhdGEvbmV4dGNsb3VkLmxvZwpsYWJlbHM6CiAgdHlwZTogTmV4dGNsb3VkCmBgYAoKYGBgeWFtbAotLS0Kc291cmNlOiBqb3VybmFsY3RsCmpvdXJuYWxjdGxfZmlsdGVyOgogIC0gIlNZU0xPR19JREVOVElGSUVSPU5leHRjbG91ZCIKbGFiZWxzOgogIHR5cGU6IHN5c2xvZwpgYGAKLSBVc2UgdGhlIGZpbGVuYW1lIHZlcnNpb24gaWYgeW91IGhhdmUgdGhlIGRlZmF1bHQgW3NldHRpbmddKGh0dHBzOi8vZG9jcy5uZXh0Y2xvdWQuY29tL3NlcnZlci9zdGFibGUvYWRtaW5fbWFudWFsL2NvbmZpZ3VyYXRpb25fc2VydmVyL2NvbmZpZ19zYW1wbGVfcGhwX3BhcmFtZXRlcnMuaHRtbD9oaWdobGlnaHQ9bG9nbGV2ZWwjbG9nZ2luZykgb2YgbG9nZ2luZyB0byBmaWxlCi0gVXNlIHRoZSBqb3VybmFsY3RsIHZlcnNpb24gaWYgeW91IGFyZSBzZW5kaW5nIGxvZ3MgdG8gc3lzbG9nIG9yIHN5c3RlbWQgYW5kIHJlYWQgdGhlIGxvZ3MgZnJvbSBqb3VybmFsZAo=",
"content": "LS0tCnBhcnNlcnM6CiAgLSBjcm93ZHNlY3VyaXR5L25leHRjbG91ZC1sb2dzCnNjZW5hcmlvczoKICAtIGNyb3dkc2VjdXJpdHkvbmV4dGNsb3VkLWJmCmRlc2NyaXB0aW9uOiAiTmV4dGNsb3VkIHN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlLWZvcmNlIGRldGVjdGlvbiIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSBsaW51eAogIC0gYnJ1dGVmb3JjZQogIC0gbmV4dGNsb3VkCg==",
"description": "Nextcloud support : parser and brute-force detection",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/nextcloud-logs"
],
"scenarios": [
"crowdsecurity/nextcloud-bf"
]
},
"crowdsecurity/nginx": {
"path": "collections/crowdsecurity/nginx.yaml",
"version": "0.2",
"versions": {
"0.1": {
"digest": "5ef06c9a84fbea5b01d901a6a23d5de8de811da5036e5ec4f6a8d00fb096805b",
"deprecated": false
},
"0.2": {
"digest": "334f7e5626a83c576af2dec1360b760991d09b6f418590a174748a4ca00bd1e4",
"deprecated": false
}
},
"long_description": "IyMgTmdpbnggY29sbGVjdGlvbgoKQSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBuZ2lueCBhZ2FpbnN0IGNvbW1vbiBhdHRhY2tzIDoKIC0gbmdpbnggcGFyc2VyIChzdXBwb3J0IGFsc28gaW5ncmVzcyBuZ2lueCBjb250cm9sbGVyIGRlZmF1bHQgW2xvZ19mb3JtYXRdKGh0dHBzOi8va3ViZXJuZXRlcy5naXRodWIuaW8vaW5ncmVzcy1uZ2lueC91c2VyLWd1aWRlL25naW54LWNvbmZpZ3VyYXRpb24vbG9nLWZvcm1hdC8pKQogLSBiYXNlIGh0dHAgc2NlbmFyaW9zIChjcmF3bCwgNDA0IHNjYW4sIGJmKQoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCkV4YW1wbGUgYWNxdWlzaXRpb24gZm9yIHRoaXMgY29sbGVjdGlvbiA6CgpgYGB5YW1sCmZpbGVuYW1lczoKICAtIC92YXIvbG9nL25naW54LyoubG9nCmxhYmVsczoKICB0eXBlOiBuZ2lueApgYGAKCgpub3RlcyA6CiAtICBJZiB5b3UgYXJlIHVzaW5nIGBzeXNsb2dgLCBzZXQgdHlwZSB0byBgc3lzbG9nYCBpbnN0ZWFkCiAtICBEZXBlbmRpbmcgb24geW91ciBkaXN0cmlidXRpb24vT1MsIHBhdGhzIHRvIGxvZyBmaWxlcyBtaWdodCBjaGFuZ2UKIC0gIE9ubHkgcmVsZXZhbnQgaWYgeW91IGFyZSBtYW51YWxseSBpbnN0YWxsaW5nIGNvbGxlY3Rpb24K",
"content": "cGFyc2VyczoKI2dlbmVyaWMgcG9zdC1wYXJzaW5nIG9mIGh0dHAgc3R1ZmYKICAtIGNyb3dkc2VjdXJpdHkvbmdpbngtbG9ncwpjb2xsZWN0aW9uczoKICAtIGNyb3dkc2VjdXJpdHkvYmFzZS1odHRwLXNjZW5hcmlvcwpzY2VuYXJpb3M6CiAgLSBjcm93ZHNlY3VyaXR5L25naW54LXJlcS1saW1pdC1leGNlZWRlZApkZXNjcmlwdGlvbjogIm5naW54IHN1cHBvcnQgOiBwYXJzZXIgYW5kIGdlbmVyaWMgaHR0cCBzY2VuYXJpb3MiCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gbGludXgKICAtIG5naW54CiAgLSBjcmF3bAogIC0gc2NhbgoK",
"description": "nginx support : parser and generic http scenarios",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/nginx-logs"
],
"scenarios": [
"crowdsecurity/nginx-req-limit-exceeded"
],
"collections": [
"crowdsecurity/base-http-scenarios"
]
},
"crowdsecurity/nginx-proxy-manager": {
"path": "collections/crowdsecurity/nginx-proxy-manager.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "fcde72227c4fc913f5472fff55e041aef913a0a4a0143f0ad8ef29bdc2e4e7f9",
"deprecated": false
}
},
"long_description": "IyMgTmdpbnggUHJveHkgTWFuYWdlciBjb2xsZWN0aW9uCgpBIGNvbGxlY3Rpb24gdG8gZGVmZW5kIG5naW54IGFnYWluc3QgY29tbW9uIGF0dGFja3MgOgogLSBbTmdpbnggUHJveHkgTWFuYWdlcl0oaHR0cHM6Ly9naXRodWIuY29tL05naW54UHJveHlNYW5hZ2VyL25naW54LXByb3h5LW1hbmFnZXIpIHBhcnNlcgogLSBiYXNlIGh0dHAgc2NlbmFyaW9zIChjcmF3bCwgNDA0IHNjYW4sIGJmKQoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCkV4YW1wbGUgYWNxdWlzaXRpb24gZm9yIHRoaXMgY29sbGVjdGlvbiA6CgpgYGB5YW1sCmZpbGVuYW1lczoKICAtIH4vZGF0YS9sb2dzLyoubG9nCmxhYmVsczoKICB0eXBlOiBuZ2lueC1wcm94eS1tYW5hZ2VyCmBgYAoKCm5vdGVzIDoKIC0gIElmIHlvdSBhcmUgdXNpbmcgYHN5c2xvZ2AsIHNldCB0eXBlIHRvIGBzeXNsb2dgIGluc3RlYWQKIC0gIERlcGVuZGluZyBvbiB5b3VyIGNvbmZpZ3VyYXRpb24sIHBhdGhzIHRvIGxvZyBmaWxlcyBtaWdodCBjaGFuZ2UKIC0gIE9ubHkgcmVsZXZhbnQgaWYgeW91IGFyZSBtYW51YWxseSBpbnN0YWxsaW5nIGNvbGxlY3Rpb24=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvbmdpbngtcHJveHktbWFuYWdlci1sb2dzCmNvbGxlY3Rpb25zOgogIC0gY3Jvd2RzZWN1cml0eS9iYXNlLWh0dHAtc2NlbmFyaW9zCmRlc2NyaXB0aW9uOiAiTmdpbnggUHJveHkgTWFuYWdlciBzdXBwb3J0IDogcGFyc2VyIGFuZCBnZW5lcmljIGh0dHAgc2NlbmFyaW9zIgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIGxpbnV4CiAgLSBuZ2lueAogIC0gbmdpbngtcHJveHkKICAtIGNyYXdsCiAgLSBzY2Fu",
"description": "Nginx Proxy Manager support : parser and generic http scenarios",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/nginx-proxy-manager-logs"
],
"collections": [
"crowdsecurity/base-http-scenarios"
]
},
"crowdsecurity/odoo": {
"path": "collections/crowdsecurity/odoo.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "7b9b2323ffda7ffd8a48aea52b8424bc12a58d0047bb9bebb2cf030c5fa088c9",
"deprecated": false
}
},
"long_description": "IyMgT2RvbyBjb2xsZWN0aW9uCgpBIGNvbGxlY3Rpb24gdG8gZGVmZW5kIE9kb28gYWdhaW5zdCBjb21tb24gYXR0YWNrczoKIC0gT2RvbyBhdXRoZW50aWNhdGlvbiBmYWlsdXJlcyBwYXJzZXIKIC0gZGV0ZWN0IGJydXRlZm9yY2UKIC0gZGV0ZWN0IHVzZXIgZW51bWVyYXRpb24KCgojIyBBY3F1aXNpdGlvbiB0ZW1wbGF0ZQoKRXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIDoKCmBgYHlhbWwKZmlsZW5hbWVzOgogIC0gL3Zhci9sb2cvb2Rvby8qLmxvZwpsYWJlbHM6CiAgdHlwZTogb2RvbwpgYGAKCgpub3RlcyA6CiAtICBJZiB5b3UgYXJlIHVzaW5nIGBzeXNsb2dgLCBzZXQgdHlwZSB0byBgc3lzbG9nYCBpbnN0ZWFkCiAtICBEZXBlbmRpbmcgb24geW91ciBkaXN0cmlidXRpb24vT1MsIHBhdGhzIHRvIGxvZyBmaWxlcyBtaWdodCBjaGFuZ2UKIC0gIE9ubHkgcmVsZXZhbnQgaWYgeW91IGFyZSBtYW51YWxseSBpbnN0YWxsaW5nIGNvbGxlY3Rpb24K",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvb2Rvby1sb2dzCnNjZW5hcmlvczoKICAtIGNyb3dkc2VjdXJpdHkvb2Rvby1iZl91c2VyLWVudW0KZGVzY3JpcHRpb246ICJPZG9vIHN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlLWZvcmNlL3VzZXIgZW51bWVyYXRpb24gZGV0ZWN0aW9uIgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIGVycAogIC0gb2RvbwogIC0gYnJ1dGVmb3JjZQo=",
"description": "Odoo support : parser and brute-force/user enumeration detection",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/odoo-logs"
],
"scenarios": [
"crowdsecurity/odoo-bf_user-enum"
]
},
"crowdsecurity/opnsense": {
"path": "collections/crowdsecurity/opnsense.yaml",
"version": "0.3",
"versions": {
"0.1": {
"digest": "2e389ca4cda774d45d19657579cee7bd735b62147875f333b8cd072ed4b91a04",
"deprecated": false
},
"0.2": {
"digest": "bfac0c94acc89565c80ed1be59b655d8ba718b0b0097bf9da378ee4f24a4d02d",
"deprecated": false
},
"0.3": {
"digest": "754157043e75342b8d6f4e0ae195657027473055072f7d22720d557a2f2e1c0d",
"deprecated": false
}
},
"long_description": "IyMgT1BOU2Vuc2UgY29sbGVjdGlvbgoKVGhpcyBPUE5TZW5zZSBjb2xsZWN0aW9uIHN1cHBvcnRzIDoKIC0gc3NoIHBhcnNlcnMgJiBicnV0ZWZvcmNlIGRldGVjdGlvbgogLSB3ZWIgYXV0aGVudGljYXRpb24gYnJ1dGVmb3JjZSBkZXRlY3Rpb24K",
"content": "Y29sbGVjdGlvbnM6CiAgLSBjcm93ZHNlY3VyaXR5L2ZyZWVic2QKICAtIGNyb3dkc2VjdXJpdHkvb3Buc2Vuc2UtZ3VpCmRlc2NyaXB0aW9uOiAiY29yZSBvcG5zZW5zZSBzdXBwb3J0IgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIGZyZWVic2QK",
"description": "core opnsense support",
"author": "crowdsecurity",
"labels": null,
"collections": [
"crowdsecurity/freebsd",
"crowdsecurity/opnsense-gui"
]
},
"crowdsecurity/opnsense-gui": {
"path": "collections/crowdsecurity/opnsense-gui.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "91be3b0655e3de8a1c82787dadf1521c1ad1489e5798b5b9e2cdf3df0fc7cd1d",
"deprecated": false
}
},
"long_description": "IyMgT1BOU2Vuc2Ugd2ViIGF1dGhlbnRpY2F0aW9uIGNvbGxlY3Rpb24KClN1cHBvcnQgdG8gZGV0ZWN0IGJydXRlZm9yY2Ugb24gdGhlIE9QTlNlbnNlIHdlYiBwb3J0YWwK",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvb3Buc2Vuc2UtZ3VpLWxvZ3MKc2NlbmFyaW9zOgogIC0gY3Jvd2RzZWN1cml0eS9vcG5zZW5zZS1ndWktYmYKZGVzY3JpcHRpb246ICJPUE5TZW5zZSB3ZWIgYXV0aGVudGljYXRpb24gc3VwcG9ydCIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSBmcmVlYnNkCiAgLSBvcG5zZW5zZQogIC0gYnJ1dGVmb3JjZQogIC0gc2NhbgoKCg==",
"description": "OPNSense web authentication support",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/opnsense-gui-logs"
],
"scenarios": [
"crowdsecurity/opnsense-gui-bf"
]
},
"crowdsecurity/pgsql": {
"path": "collections/crowdsecurity/pgsql.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "78408615dfdfa97075b37dc7533b3d682b57293053aae5522ee3cd7b5825be02",
"deprecated": false
}
},
"long_description": "IyMgUG9zdGdyZVNRTCBjb2xsZWN0aW9uCgpBIGNvbGxlY3Rpb24gZm9yIHBvc3RncmVzcWwgc2VydmljZXMgOgogLSBwZ3NxbCBsb2dzIHBhcnNlcgogLSBicnV0ZWZvcmNlIGRldGVjdGlvbgoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCkV4YW1wbGUgYWNxdWlzaXRpb24gZm9yIHRoaXMgY29sbGVjdGlvbiA6CgpgYGB5YW1sCmZpbGVuYW1lczoKICAtIC92YXIvbG9nL3Bvc3RncmVzcWwvKi5sb2cKbGFiZWxzOgogIHR5cGU6IHBvc3RncmVzCmBgYAoKCm5vdGVzIDoKIC0gIElmIHlvdSBhcmUgdXNpbmcgYHN5c2xvZ2AsIHNldCB0eXBlIHRvIGBzeXNsb2dgIGluc3RlYWQKIC0gIERlcGVuZGluZyBvbiB5b3VyIGRpc3RyaWJ1dGlvbi9PUywgcGF0aHMgdG8gbG9nIGZpbGVzIG1pZ2h0IGNoYW5nZQogLSAgT25seSByZWxldmFudCBpZiB5b3UgYXJlIG1hbnVhbGx5IGluc3RhbGxpbmcgY29sbGVjdGlvbgo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvcGdzcWwtbG9ncwpzY2VuYXJpb3M6CiAgLSBjcm93ZHNlY3VyaXR5L3Bnc3FsLWJmCmRlc2NyaXB0aW9uOiAicG9zdGdyZXMgc3VwcG9ydCA6IGxvZ3MgYW5kIGJydXRlLWZvcmNlIHNjZW5hcmlvcyIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSBsaW51eAogIC0gcGdzcWwKICAtIHBvc3RncmVzCiAgLSBicnV0ZWZvcmNlCg==",
"description": "postgres support : logs and brute-force scenarios",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/pgsql-logs"
],
"scenarios": [
"crowdsecurity/pgsql-bf"
]
},
"crowdsecurity/postfix": {
"path": "collections/crowdsecurity/postfix.yaml",
"version": "0.2",
"versions": {
"0.1": {
"digest": "81767bab91a7a071d8d32f3227f2391744eef5ba6a4cf916a96ec8183d050ae0",
"deprecated": false
},
"0.2": {
"digest": "b4cceea527807a9fe70f673ef34e0d7d4372267d665fbbe164f0d6a1a3531a2e",
"deprecated": false
}
},
"long_description": "IyMgUG9zdGZpeCBjb2xsZWN0aW9uCgpBIGNvbGxlY3Rpb24gZm9yIHBvc3RmaXgKICogcG9zdGZpeCBsb2cgcGFyc2VycwogKiBwb3N0c2NyZWVuIGxvZyBwYXJzZXIKICogcG9zdGZpeCBzY2VuYXJpbyBicnV0ZWZvcmNlIHNwYW0gYXR0ZW1wdAogKiBwb3N0c2NyZWVuIHJiIGF0dGVtcHQgYmxhY2tsaXN0CgpUaGlzIGNvbGxlY3Rpb24gbW9zdGx5IGFpbXMgYXQgZ2V0dGluZyBhIHNpbWlsYXIgc3BhbSBwcm90ZWN0aW9uIGFzCnRoZSBub3JtYWwgZmFpbDJiYW4gcG9zdGZpeCBjb25maWd1cmF0aW9uIGFsdGhvdWdoIHBvc3RjcmVlbiBsb2cKbWFuYWdlbWVudCBpc24ndCBpbmNsdWRlZCBieSBkZWZhdWx0IGJ5IGZhaWwyYmFuLgoKCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbApmaWxlbmFtZXM6CiAgLSAvdmFyL2xvZy9tYWlsLmxvZwpsYWJlbHM6CiAgdHlwZTogc3lzbG9nCmBgYAoKCm5vdGVzIDoKIC0gIElmIHlvdSBhcmUgdXNpbmcgYHN5c2xvZ2AsIHNldCB0eXBlIHRvIGBzeXNsb2dgIGluc3RlYWQKIC0gIERlcGVuZGluZyBvbiB5b3VyIGRpc3RyaWJ1dGlvbi9PUywgcGF0aHMgdG8gbG9nIGZpbGVzIG1pZ2h0IGNoYW5nZQogLSAgT25seSByZWxldmFudCBpZiB5b3UgYXJlIG1hbnVhbGx5IGluc3RhbGxpbmcgY29sbGVjdGlvbgo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvcG9zdGZpeC1sb2dzCiAgLSBjcm93ZHNlY3VyaXR5L3Bvc3RzY3JlZW4tbG9ncwpzY2VuYXJpb3M6CiAgLSBjcm93ZHNlY3VyaXR5L3Bvc3RmaXgtc3BhbQpkZXNjcmlwdGlvbjogInBvc3RmaXggc3VwcG9ydCA6IHBhcnNlciBhbmQgc3BhbW1lciBkZXRlY3Rpb24iCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gbGludXgKICAtIHNwYW0KICAtIGJydXRlZm9yY2UK",
"description": "postfix support : parser and spammer detection",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/postfix-logs",
"crowdsecurity/postscreen-logs"
],
"scenarios": [
"crowdsecurity/postfix-spam"
]
},
"crowdsecurity/proftpd": {
"path": "collections/crowdsecurity/proftpd.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "6f98f64784109c356578bf50c7b296c5936bddfd5a206f25d39f92f504ea04ad",
"deprecated": false
}
},
"long_description": "IyMgUHJvRlRQRCBjb2xsZWN0aW9uCgpBIGNvbGxlY3Rpb24gdG8gZGVmZW5kIHByb2Z0cGQgYWdhaW5zdCBjb21tb24gYXR0YWNrczoKIC0gcHJvZnRwZCBwYXJzZXIKIC0gZGV0ZWN0IGJydXRlZm9yY2UKIC0gZGV0ZWN0IHVzZXIgZW51bWVyYXRpb24KCgojIyBBY3F1aXNpdGlvbiB0ZW1wbGF0ZQoKRXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIDoKCmBgYHlhbWwKZmlsZW5hbWVzOgogIC0gL3Zhci9sb2cvcHJvZnRwZC8qLmxvZwpsYWJlbHM6CiAgdHlwZTogcHJvZnRwZApgYGAKCgpub3RlcyA6CiAtICBJZiB5b3UgYXJlIHVzaW5nIGBzeXNsb2dgLCBzZXQgdHlwZSB0byBgc3lzbG9nYCBpbnN0ZWFkCiAtICBEZXBlbmRpbmcgb24geW91ciBkaXN0cmlidXRpb24vT1MsIHBhdGhzIHRvIGxvZyBmaWxlcyBtaWdodCBjaGFuZ2UKIC0gIE9ubHkgcmVsZXZhbnQgaWYgeW91IGFyZSBtYW51YWxseSBpbnN0YWxsaW5nIGNvbGxlY3Rpb24K",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvcHJvZnRwZC1sb2dzCnNjZW5hcmlvczoKICAtIGNyb3dkc2VjdXJpdHkvcHJvZnRwZC1iZgogIC0gY3Jvd2RzZWN1cml0eS9wcm9mdHBkLWJmX3VzZXItZW51bQpkZXNjcmlwdGlvbjogInByb2Z0cGQgc3VwcG9ydCA6IHBhcnNlciBhbmQgYnJ1dGUtZm9yY2UvdXNlciBlbnVtZXJhdGlvbiBkZXRlY3Rpb24iCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gbGludXgKICAtIHByb2Z0cGQKICAtIGJydXRlZm9yY2UKCg==",
"description": "proftpd support : parser and brute-force/user enumeration detection",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/proftpd-logs"
],
"scenarios": [
"crowdsecurity/proftpd-bf",
"crowdsecurity/proftpd-bf_user-enum"
]
},
"crowdsecurity/sshd": {
"path": "collections/crowdsecurity/sshd.yaml",
"version": "0.2",
"versions": {
"0.1": {
"digest": "21159aeb87529efcf1a5033f720413d5321a6451bab679a999f7f01a7aa972b3",
"deprecated": false
},
"0.2": {
"digest": "72f6329808fafbb42da52cc6476a6e794d0a1ae5b3847e0060cf23593dd40352",
"deprecated": false
}
},
"long_description": "IyMgU1NIRCBjb2xsZWN0aW9uCgpBIGNvbGxlY3Rpb24gdG8gZGVmZW5kIHNzaGQgYWdhaW5zdCBjb21tb24gYXR0YWNrcyA6CiAtIHNzaCBwYXJzZXIKIC0gc3NoIGJydXRlZm9yY2UgJiBlbnVtZXJhdGlvbiBkZXRlY3Rpb24KIC0gc3NoICdzbG93JyBicnV0ZWZvcmNlICYgZW51bWVyYXRpb24gZGV0ZWN0aW9uCgojIyBBY3F1aXNpdGlvbiB0ZW1wbGF0ZQoKRXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIDoKCmBgYHlhbWwKZmlsZW5hbWVzOgogIC0gL3Zhci9sb2cvYXV0aC5sb2cKbGFiZWxzOgogIHR5cGU6IHN5c2xvZwpgYGAKCgpub3RlcyA6CiAtICBJZiB5b3UgYXJlIHVzaW5nIGBzeXNsb2dgLCBzZXQgdHlwZSB0byBgc3lzbG9nYCBpbnN0ZWFkCiAtICBEZXBlbmRpbmcgb24geW91ciBkaXN0cmlidXRpb24vT1MsIHBhdGhzIHRvIGxvZyBmaWxlcyBtaWdodCBjaGFuZ2UKIC0gIE9ubHkgcmVsZXZhbnQgaWYgeW91IGFyZSBtYW51YWxseSBpbnN0YWxsaW5nIGNvbGxlY3Rpb24KCg==",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvc3NoZC1sb2dzCnNjZW5hcmlvczoKICAtIGNyb3dkc2VjdXJpdHkvc3NoLWJmCiAgLSBjcm93ZHNlY3VyaXR5L3NzaC1zbG93LWJmCmRlc2NyaXB0aW9uOiAic3NoZCBzdXBwb3J0IDogcGFyc2VyIGFuZCBicnV0ZS1mb3JjZSBkZXRlY3Rpb24iCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gbGludXgKICAtIHNzaAogIC0gYnJ1dGVmb3JjZQoK",
"description": "sshd support : parser and brute-force detection",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/sshd-logs"
],
"scenarios": [
"crowdsecurity/ssh-bf",
"crowdsecurity/ssh-slow-bf"
]
},
"crowdsecurity/synology-dsm": {
"path": "collections/crowdsecurity/synology-dsm.yaml",
"version": "0.2",
"versions": {
"0.1": {
"digest": "cdd3722569d65100a93620001b867e7932407410b7de78b56f88c7a721f61ac6",
"deprecated": false
},
"0.2": {
"digest": "6a2b5e562f0b6a4b9f1c03a05c73985e5326b7fa6d910f74a698fe182a951004",
"deprecated": false
}
},
"long_description": "IyMgU3lub2xvZ3kgRFNNIGNvbGxlY3Rpb24KClRoaXMgU3lub2xvZ3kgRFNNIGNvbGxlY3Rpb24gc3VwcG9ydHMgOgogLSB3ZWIgYXV0aGVudGljYXRpb24gYnJ1dGVmb3JjZSBkZXRlY3Rpb24KCg==",
"content": "IyBTeW5vbG9neSBEU00gcGFyc2VycwpwYXJzZXJzOgogIC0gY3Jvd2RzZWN1cml0eS9zeW5vbG9neS1kc20tbG9ncwojIFN5bm9sb2d5IERTTSBjb2xsZWN0aW9ucwojY29sbGVjdGlvbnM6CiMgIC0gCiMgdGhlIGxpc3Qgb2YgcG9zdG92ZXJmbG93cyBpdCBjb250YWlucwojIHBvc3RvdmVyZmxvd3M6CiMgICAtIGNyb3dkc2VjdXJpdHkvc2VvLWJvdHMtd2hpdGVsaXN0CiMgdGhlIGxpc3Qgb2Ygc2NlbmFyaW9zIGl0IGNvbnRhaW5zCnNjZW5hcmlvczoKICAtIGNyb3dkc2VjdXJpdHkvc3lub2xvZ3ktZHNtLWJmCmRlc2NyaXB0aW9uOiAiU3lub2xvZ3kgRFNNIHdlYiBhdXRoZW50aWNhdGlvbiBzdXBwb3J0IgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIGxpbnV4CiAgLSBzeW5vbG9neQogIC0gYnJ1dGVmb3JjZQogIC0gc2Nhbgo=",
"description": "Synology DSM web authentication support",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/synology-dsm-logs"
],
"scenarios": [
"crowdsecurity/synology-dsm-bf"
]
},
"crowdsecurity/traefik": {
"path": "collections/crowdsecurity/traefik.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "b7b9feedcd49009ce80e4ab12c2642e68054222a7e7bb8611f2f45d5d3600ef2",
"deprecated": false
}
},
"long_description": "IyMgVHJhZWZpayBjb2xsZWN0aW9uCgo+IENvLWF1dGhvcmVkIHdpdGggKGh0dHBzOi8vZ2l0aHViLmNvbS9nbWVsb2RpZSkKCkEgY29sbGVjdGlvbiB0byBkZWZlbmQgdHJhZWZpayBhZ2FpbnN0IGNvbW1vbiBhdHRhY2tzOgogLSB0cmFlZmlrIHBhcnNlciAoc3VwcG9ydHMgQ0xGIGFuZCBKU09OKQogLSBiYXNlIGh0dHAgc2NlbmFyaW9zIChjcmF3bCwgNDA0IHNjYW4sIGJmKQoKCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbApmaWxlbmFtZXM6CiAgLSAvdmFyL2xvZy90cmFlZmlrLyoubG9nCmxhYmVsczoKICB0eXBlOiB0cmFlZmlrCmBgYAoKCm5vdGVzIDoKIC0gIElmIHlvdSBhcmUgdXNpbmcgYHN5c2xvZ2AsIHNldCB0eXBlIHRvIGBzeXNsb2dgIGluc3RlYWQKIC0gIERlcGVuZGluZyBvbiB5b3VyIGRpc3RyaWJ1dGlvbi9PUywgcGF0aHMgdG8gbG9nIGZpbGVzIG1pZ2h0IGNoYW5nZQogLSAgT25seSByZWxldmFudCBpZiB5b3UgYXJlIG1hbnVhbGx5IGluc3RhbGxpbmcgY29sbGVjdGlvbgo=",
"content": "IyBjby1hdXRob3JlZCB3aXRoIGdtZWxvZGllIChodHRwczovL2dpdGh1Yi5jb20vZ21lbG9kaWUpCnBhcnNlcnM6CiAgLSBjcm93ZHNlY3VyaXR5L3RyYWVmaWstbG9ncwpjb2xsZWN0aW9uczoKICAtIGNyb3dkc2VjdXJpdHkvYmFzZS1odHRwLXNjZW5hcmlvcwpkZXNjcmlwdGlvbjogInRyYWVmaWsgc3VwcG9ydDogcGFyc2VyIGFuZCBnZW5lcmljIGh0dHAgc2NlbmFyaW9zIgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIHRyYWVmaWsKICAtIGh0dHAKICAtIGJydXRlZm9yY2UKCg==",
"description": "traefik support: parser and generic http scenarios",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/traefik-logs"
],
"collections": [
"crowdsecurity/base-http-scenarios"