forked from crowdsecurity/hub
-
Notifications
You must be signed in to change notification settings - Fork 1
/
.index.json
7394 lines (7394 loc) · 646 KB
/
.index.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
{
"collections": {
"Dominic-Wagner/vaultwarden": {
"path": "collections/Dominic-Wagner/vaultwarden.yml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "41f537b7985ef168a1d31c7cb10a49672925313724d523fba8389714c4222742",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbVmF1bHR3YXJkZW5dKGh0dHBzOi8vZ2l0aHViLmNvbS9kYW5pLWdhcmNpYS92YXVsdHdhcmRlbikgaW5zdGFuY2UgYWdhaW5zdCBjb21tb24gYXR0YWNrcyA6CiAtIFZhdWx0d2FyZGVuIHBhcnNlcgogLSBWYXVsdHdhcmRlbiBicnV0ZWZvcmNlICYgZW51bWVyYXRpb24gZGV0ZWN0aW9uCgojIyBBY3F1aXNpdGlvbiB0ZW1wbGF0ZQoKRXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIDoKCklmIHVzaW5nIExPR19GSUxFIGVudmlyb25tZW50IHZhcmlhYmxlOgpgYGB5YW1sCi0tLQpmaWxlbmFtZXM6CiAtIC92YXIvbG9nL3ZhdWx0d2FyZGVuLmxvZwpsYWJlbHM6CiAgdHlwZTogVmF1bHR3YXJkZW4KYGBgCklmIHJ1bm5pbmcgdmlhIHN5c3RlbWQ6CmBgYHlhbWwKLS0tCnNvdXJjZTogam91cm5hbGN0bApqb3VybmFsY3RsX2ZpbHRlcjoKICAtICJTWVNMT0dfSURFTlRJRkVSPVZhdWx0d2FyZGVuIgpsYWJlbHM6CiAgdHlwZTogVmF1bHR3YXJkZW4KYGBgCg==",
"content": "cGFyc2VyczoKICAtIERvbWluaWMtV2FnbmVyL3ZhdWx0d2FyZGVuLWxvZ3MKc2NlbmFyaW9zOgogIC0gRG9taW5pYy1XYWduZXIvdmF1bHR3YXJkZW4tYmYKZGVzY3JpcHRpb246ICJWYXVsdHdhcmRlbiBzdXBwb3J0IDogcGFyc2VyIGFuZCBicnV0ZS1mb3JjZSBkZXRlY3Rpb24iCmF1dGhvcjogRG9taW5pYy1XYWduZXIKdGFnczoKICAtIGxpbnV4CiAgLSBicnV0ZS1mb3JjZQogIC0gdmF1bHR3YXJkZW4K",
"description": "Vaultwarden support : parser and brute-force detection",
"author": "Dominic-Wagner",
"labels": null,
"parsers": [
"Dominic-Wagner/vaultwarden-logs"
],
"scenarios": [
"Dominic-Wagner/vaultwarden-bf"
]
},
"LePresidente/adguardhome": {
"path": "collections/LePresidente/adguardhome.yml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "3ab656c2d2be80019f8b6c63a5ea46d7400593cb50c946cde89b05d1878229e5",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbQWRHdWFyZEhvbWVdKGh0dHBzOi8vZ2l0aHViLmNvbS9BZGd1YXJkVGVhbS9BZEd1YXJkSG9tZSkgaW5zdGFuY2UgYWdhaW5zdCBjb21tb24gYXR0YWNrcyA6CiAtIEFkR3VhcmRIb21lIHBhcnNlcgogLSBBZEd1YXJkSG9tZSBicnV0ZWZvcmNlIGRldGVjdGlvbgoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCkV4YW1wbGUgYWNxdWlzaXRpb24gZm9yIHRoaXMgY29sbGVjdGlvbiA6CgpJZiB1c2luZyBMT0dfRklMRSBlbnZpcm9ubWVudCB2YXJpYWJsZToKYGBgeWFtbAotLS0KZmlsZW5hbWVzOgogLSAvdmFyL2xvZy9BZEd1YXJkSG9tZS5sb2cKbGFiZWxzOgogIHR5cGU6IGFkZ3VhcmRob21lCmBgYAoKRGlyZWN0bHkgbW9uaXRvcmluZyBEb2NrZXIKYGBgeWFtbAotLS0Kc291cmNlOiBkb2NrZXIKY29udGFpbmVyX25hbWU6CiAtIEFkR3VhcmRIb21lCiNjb250YWluZXJfaWQ6CiMgLSA4NDNlZTkyZDIzMWIKbGFiZWxzOgogIHR5cGU6IGFkZ3VhcmRob21lCmBgYAoKCgoK",
"content": "cGFyc2VyczoKICAtIExlUHJlc2lkZW50ZS9hZGd1YXJkaG9tZS1sb2dzCnNjZW5hcmlvczoKICAtIExlUHJlc2lkZW50ZS9hZGd1YXJkaG9tZS1iZgpkZXNjcmlwdGlvbjogIkFkR3VhcmRIb21lIFN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlLWZvcmNlIGRldGVjdGlvbiIKYXV0aG9yOiBMZVByZXNpZGVudGUKdGFnczoKICAtIGxpbnV4CiAgLSBicnV0ZS1mb3JjZQogIC0gQWRHdWFyZEhvbWU=",
"description": "AdGuardHome Support : parser and brute-force detection",
"author": "LePresidente",
"labels": null,
"parsers": [
"LePresidente/adguardhome-logs"
],
"scenarios": [
"LePresidente/adguardhome-bf"
]
},
"LePresidente/authelia": {
"path": "collections/LePresidente/authelia.yml",
"version": "0.2",
"versions": {
"0.1": {
"digest": "483d6a415e6649614ce28efbc2f87cf35664d989469e97cbd1f4d8b8ab7916ed",
"deprecated": false
},
"0.2": {
"digest": "24800ff1ae7b37bf343bc7dfc9053c0130e75c832826782fa422b182b787e0d5",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbQXV0aGVsaWFdKGh0dHBzOi8vd3d3LmF1dGhlbGlhLmNvbSkgaW5zdGFuY2UgYWdhaW5zdCBjb21tb24gYXR0YWNrcyA6CiAtIEF1dGhlbGlhIHBhcnNlcgogLSBBdXRoZWxpYSBicnV0ZWZvcmNlIGRldGVjdGlvbgoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCkV4YW1wbGUgYWNxdWlzaXRpb24gZm9yIHRoaXMgY29sbGVjdGlvbiA6CgpJZiB1c2luZyBMT0dfRklMRSBlbnZpcm9ubWVudCB2YXJpYWJsZToKYGBgeWFtbAotLS0KZmlsZW5hbWVzOgogLSAvdmFyL2xvZy9BdXRoZWxpYS5sb2cKbGFiZWxzOgogIHR5cGU6IGF1dGhlbGlhCmBgYA==",
"content": "cGFyc2VyczoKICAtIExlUHJlc2lkZW50ZS9hdXRoZWxpYS1sb2dzCnNjZW5hcmlvczoKICAtIExlUHJlc2lkZW50ZS9hdXRoZWxpYS1iZgpkZXNjcmlwdGlvbjogIkF1dGhlbGlhIFN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlLWZvcmNlIGRldGVjdGlvbiIKYXV0aG9yOiBMZVByZXNpZGVudGUKdGFnczoKICAtIGxpbnV4CiAgLSBicnV0ZS1mb3JjZQogIC0gYXV0aGVsaWE=",
"description": "Authelia Support : parser and brute-force detection",
"author": "LePresidente",
"labels": null,
"parsers": [
"LePresidente/authelia-logs"
],
"scenarios": [
"LePresidente/authelia-bf"
]
},
"LePresidente/emby": {
"path": "collections/LePresidente/emby.yml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "53801da28b3557ad39bc8672d0db62d845cc401bbfcde36f6f4b7f0d8a749fe9",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbRW1ieV0oaHR0cHM6Ly9lbWJ5Lm1lZGlhKSBpbnN0YW5jZSBhZ2FpbnN0IGNvbW1vbiBhdHRhY2tzIDoKIC0gRW1ieSBwYXJzZXIKIC0gRW1ieSBicnV0ZWZvcmNlIGRldGVjdGlvbgoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCkV4YW1wbGUgYWNxdWlzaXRpb24gZm9yIHRoaXMgY29sbGVjdGlvbiA6CgpJZiB1c2luZyBMT0dfRklMRSBlbnZpcm9ubWVudCB2YXJpYWJsZToKYGBgeWFtbAotLS0KZmlsZW5hbWVzOgogLSAvdmFyL2xvZy9lbWJ5c2VydmVyLnR4dApsYWJlbHM6CiAgdHlwZTogZW1ieQpgYGA=",
"content": "cGFyc2VyczoKICAtIExlUHJlc2lkZW50ZS9lbWJ5LWxvZ3MKc2NlbmFyaW9zOgogIC0gTGVQcmVzaWRlbnRlL2VtYnktYmYKZGVzY3JpcHRpb246ICJFbWJ5IHN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlLWZvcmNlIGRldGVjdGlvbiIKYXV0aG9yOiBMZVByZXNpZGVudGUKdGFnczoKICAtIGxpbnV4CiAgLSBicnV0ZS1mb3JjZQogIC0gZW1ieQ==",
"description": "Emby support : parser and brute-force detection",
"author": "LePresidente",
"labels": null,
"parsers": [
"LePresidente/emby-logs"
],
"scenarios": [
"LePresidente/emby-bf"
]
},
"LePresidente/gitea": {
"path": "collections/LePresidente/gitea.yml",
"version": "0.2",
"versions": {
"0.1": {
"digest": "1282681d69e45e64050a497ac8f17bfb67ba55a0c494743e3f5b33c2f3cee97d",
"deprecated": false
},
"0.2": {
"digest": "f5098f91736d1c3b835dfb741c271cad33a21ffb78e0554357950313ecdfe037",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbR2l0ZWFdKGh0dHBzOi8vZ2l0ZWEuaW8pIGluc3RhbmNlIGFnYWluc3QgY29tbW9uIGF0dGFja3M6CiAtIEdpdGVhIHBhcnNlcgogLSBHaXRlYSBicnV0ZWZvcmNlIGRldGVjdGlvbgoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCkV4YW1wbGUgYWNxdWlzaXRpb24gZm9yIHRoaXMgY29sbGVjdGlvbiA6CgpgYGB5YW1sCi0tLQpmaWxlbmFtZXM6CiAtIC92YXIvbG9nL2dpdGVhLmxvZwpsYWJlbHM6CiAgdHlwZTogZ2l0ZWEKYGBg",
"content": "cGFyc2VyczoKICAtIExlUHJlc2lkZW50ZS9naXRlYS1sb2dzCnNjZW5hcmlvczoKICAtIExlUHJlc2lkZW50ZS9naXRlYS1iZgpkZXNjcmlwdGlvbjogIkdpdGVhIFN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlLWZvcmNlIGRldGVjdGlvbiIKYXV0aG9yOiBMZVByZXNpZGVudGUKdGFnczoKICAtIGxpbnV4CiAgLSBicnV0ZS1mb3JjZQogIC0gZ2l0ZWE=",
"description": "Gitea Support : parser and brute-force detection",
"author": "LePresidente",
"labels": null,
"parsers": [
"LePresidente/gitea-logs"
],
"scenarios": [
"LePresidente/gitea-bf"
]
},
"LePresidente/grafana": {
"path": "collections/LePresidente/grafana.yml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "ab0e0fd9a6a3b424af7ef5c162ae1d99e3adf0d5f166c0179acf57b8b3428ff0",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbR3JhZmFuYV0oaHR0cHM6Ly9ncmFmYW5hLmNvbSkgaW5zdGFuY2UgYWdhaW5zdCBjb21tb24gYXR0YWNrcyA6CiAtIEdyYWZhbmEgcGFyc2VyCiAtIEdyYWZhbmEgYnJ1dGVmb3JjZSBkZXRlY3Rpb24KCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKSWYgdXNpbmcgTE9HX0ZJTEUgZW52aXJvbm1lbnQgdmFyaWFibGU6CmBgYHlhbWwKLS0tCmZpbGVuYW1lczoKIC0gL3Zhci9sb2cvZ3JhZmFuYS9ncmFmYW5hLmxvZwpsYWJlbHM6CiAgdHlwZTogZ3JhZmFuYQpgYGAKCkRpcmVjdGx5IG1vbml0b3JpbmcgRG9ja2VyCmBgYHlhbWwKLS0tCnNvdXJjZTogZG9ja2VyCmNvbnRhaW5lcl9uYW1lOgogLSBncmFmYW5hCiNjb250YWluZXJfaWQ6CiMgLSA4NDNlZTkyZDIzMWIKbGFiZWxzOgogIHR5cGU6IGdyYWZhbmEKLS0tCg==",
"content": "cGFyc2VyczoKICAtIExlUHJlc2lkZW50ZS9ncmFmYW5hLWxvZ3MKc2NlbmFyaW9zOgogIC0gTGVQcmVzaWRlbnRlL2dyYWZhbmEtYmYKZGVzY3JpcHRpb246ICJHcmFmYW5hIFN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlLWZvcmNlIGRldGVjdGlvbiIKYXV0aG9yOiBMZVByZXNpZGVudGUKdGFnczoKICAtIGxpbnV4CiAgLSBicnV0ZS1mb3JjZQogIC0gZ3JhZmFuYQ==",
"description": "Grafana Support : parser and brute-force detection",
"author": "LePresidente",
"labels": null,
"parsers": [
"LePresidente/grafana-logs"
],
"scenarios": [
"LePresidente/grafana-bf"
]
},
"LePresidente/jellyfin": {
"path": "collections/LePresidente/jellyfin.yml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "4aba23304b8de2d269e4223a64e418b23154461af1862ef6b67239033e1bef43",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbSmVsbHlmaW5dKGh0dHBzOi8vamVsbHlmaW4ub3JnKSBpbnN0YW5jZSBhZ2FpbnN0IGNvbW1vbiBhdHRhY2tzIDoKIC0gSmVsbHlmaW4gcGFyc2VyCiAtIEplbGx5ZmluIGJydXRlZm9yY2UgZGV0ZWN0aW9uCgojIyBBY3F1aXNpdGlvbiB0ZW1wbGF0ZQoKRXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIDoKCklmIHVzaW5nIExPR19GSUxFIGVudmlyb25tZW50IHZhcmlhYmxlOgpgYGB5YW1sCi0tLQpmaWxlbmFtZXM6CiAtIC92YXIvbG9nL2plbGx5ZmluL2xvZ18qLmxvZwpsYWJlbHM6CiAgdHlwZTogamVsbHlmaW4KYGBgCgpGb3IgRG9ja2VyIGRpcmVjdGx5CmBgYHlhbWwKLS0tCnNvdXJjZTogZG9ja2VyCmNvbnRhaW5lcl9uYW1lOgogLSBqZWxseWZpbgojY29udGFpbmVyX2lkOgojIC0gODQzZWU5MmQyMzFiCmxhYmVsczoKICB0eXBlOiBqZWxseWZpbgpgYGA=",
"content": "cGFyc2VyczoKICAtIExlUHJlc2lkZW50ZS9qZWxseWZpbi1sb2dzCnNjZW5hcmlvczoKICAtIExlUHJlc2lkZW50ZS9qZWxseWZpbi1iZgpkZXNjcmlwdGlvbjogIkplbGx5ZmluIHN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlLWZvcmNlIGRldGVjdGlvbiIKYXV0aG9yOiBMZVByZXNpZGVudGUKdGFnczoKICAtIGxpbnV4CiAgLSBicnV0ZS1mb3JjZQogIC0gamVsbHlmaW4=",
"description": "Jellyfin support : parser and brute-force detection",
"author": "LePresidente",
"labels": null,
"parsers": [
"LePresidente/jellyfin-logs"
],
"scenarios": [
"LePresidente/jellyfin-bf"
]
},
"LePresidente/jellyseerr": {
"path": "collections/LePresidente/jellyseerr.yml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "aca16e29cb6b48379195cc5a945d40ec50839728ad57bfeaca2002cb74c4e942",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbSmVsbHlTZWVycl0oaHR0cHM6Ly9naXRodWIuY29tL0ZhbGxlbmJhZ2VsL2plbGx5c2VlcnIpIGluc3RhbmNlIGFnYWluc3QgY29tbW9uIGF0dGFja3M6CiAtIEplbGx5U2VlcnIgcGFyc2VyCiAtIEplbGx5U2VlcnIgYnJ1dGVmb3JjZSBkZXRlY3Rpb24KCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbAotLS0Kc291cmNlOiBkb2NrZXIKY29udGFpbmVyX25hbWU6CiAtIGplbGx5c2VlcnIKI2NvbnRhaW5lcl9pZDoKIyAtIDg0M2VlOTJkMjMxYgpsYWJlbHM6CiAgdHlwZTogamVsbHlzZWVycgpgYGA=",
"content": "cGFyc2VyczoKICAtIExlUHJlc2lkZW50ZS9qZWxseXNlZXJyLWxvZ3MKc2NlbmFyaW9zOgogIC0gTGVQcmVzaWRlbnRlL2plbGx5c2VlcnItYmYKZGVzY3JpcHRpb246ICJqZWxseXNlZXJyIFN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlLWZvcmNlIGRldGVjdGlvbiIKYXV0aG9yOiBMZVByZXNpZGVudGUKdGFnczoKICAtIGxpbnV4CiAgLSBicnV0ZS1mb3JjZQogIC0gamVsbHlzZWVycg==",
"description": "jellyseerr Support : parser and brute-force detection",
"author": "LePresidente",
"labels": null,
"parsers": [
"LePresidente/jellyseerr-logs"
],
"scenarios": [
"LePresidente/jellyseerr-bf"
]
},
"LePresidente/ombi": {
"path": "collections/LePresidente/ombi.yml",
"version": "0.2",
"versions": {
"0.1": {
"digest": "e9d9d297381904e0a1cc418bc8474969bca3f37acde631e7ed84529bd7e7f1f4",
"deprecated": false
},
"0.2": {
"digest": "fa7cf1b7df176ab36a30f56f863949f204ffea11ba93ab2d31e63c88a716725c",
"deprecated": false
}
},
"long_description": "RXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIDoKCmBgYHlhbWwKLS0tCmZpbGVuYW1lczoKIC0gL3Zhci9sb2cvb21iaS9sb2ctKi50eHQKbGFiZWxzOgogIHR5cGU6IG9tYmkKYGBg",
"content": "cGFyc2VyczoKICAtIExlUHJlc2lkZW50ZS9vbWJpLWxvZ3MKc2NlbmFyaW9zOgogIC0gTGVQcmVzaWRlbnRlL29tYmktYmYKZGVzY3JpcHRpb246ICJPbWJpIFN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlLWZvcmNlIGRldGVjdGlvbiIKYXV0aG9yOiBMZVByZXNpZGVudGUKdGFnczoKICAtIGxpbnV4CiAgLSBicnV0ZS1mb3JjZQogIC0gb21iaQ==",
"description": "Ombi Support : parser and brute-force detection",
"author": "LePresidente",
"labels": null,
"parsers": [
"LePresidente/ombi-logs"
],
"scenarios": [
"LePresidente/ombi-bf"
]
},
"LePresidente/redmine": {
"path": "collections/LePresidente/redmine.yml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "5e00897f8019dfd8e49d5040827577195a83d57a1903e654c395874d98b029cb",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbUmVkbWluZV0oaHR0cHM6Ly93d3cucmVkbWluZS5vcmcpIGluc3RhbmNlIGFnYWluc3QgY29tbW9uIGF0dGFja3MgOgogLSBSZWRtaW5lIHBhcnNlcgogLSBSZWRtaW5lIGJydXRlZm9yY2UgZGV0ZWN0aW9uCgojIyBBY3F1aXNpdGlvbiB0ZW1wbGF0ZQoKRXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIDoKCklmIHVzaW5nIExPR19GSUxFIGVudmlyb25tZW50IHZhcmlhYmxlOgpgYGB5YW1sCi0tLQpmaWxlbmFtZXM6CiAtIC92YXIvbG9nL3Byb2R1Y3Rpb24ubG9nCmxhYmVsczoKICB0eXBlOiByZWRtaW5lCmBgYAoKRGlyZWN0bHkgbW9uaXRvcmluZyBEb2NrZXIKYGBgeWFtbAotLS0Kc291cmNlOiBkb2NrZXIKY29udGFpbmVyX25hbWU6CiAtIFJlZG1pbmUKI2NvbnRhaW5lcl9pZDoKIyAtIDg0M2VlOTJkMjMxYgpsYWJlbHM6CiAgdHlwZTogcmVkbWluZQpgYGA=",
"content": "cGFyc2VyczoKICAtIExlUHJlc2lkZW50ZS9yZWRtaW5lLWxvZ3MKc2NlbmFyaW9zOgogIC0gTGVQcmVzaWRlbnRlL3JlZG1pbmUtYmYKZGVzY3JpcHRpb246ICJSZWRtaW5lIFN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlLWZvcmNlIGRldGVjdGlvbiIKYXV0aG9yOiBMZVByZXNpZGVudGUKdGFnczoKICAtIGxpbnV4CiAgLSBicnV0ZS1mb3JjZQogIC0gcmVkbWluZQ==",
"description": "Redmine Support : parser and brute-force detection",
"author": "LePresidente",
"labels": null,
"parsers": [
"LePresidente/redmine-logs"
],
"scenarios": [
"LePresidente/redmine-bf"
]
},
"a1ad/meshcentral": {
"path": "collections/a1ad/meshcentral.yml",
"version": "0.2",
"versions": {
"0.1": {
"digest": "f3f12866b7128fab9b648ae1c27202c5d46aae241d2b0151a62956d17fc3774f",
"deprecated": false
},
"0.2": {
"digest": "dc8041951ca55d91c59af573ae9b6284a89f84cddc1267ffe0de56d0ebd41602",
"deprecated": false
}
},
"long_description": "CkEgY29sbGVjdGlvbiB0byBkZWZlbmQgW01lc2hjZW50cmFsXShodHRwczovL3d3dy5tZXNoY29tbWFuZGVyLmNvbS9tZXNoY2VudHJhbDIpIGluc3RhbmNlIGFnYWluc3QgY29tbW9uIGF0dGFja3MgOgogLSBNZXNoY2VudHJhbCBwYXJzZXIKIC0gTWVzaGNlbnRyYWwgYnJ1dGVmb3JjZSBkZXRlY3Rpb24KCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKWW91IG5lZWQgdG8gYWRkIHRoZSBmb2xsb3dpbmcgaW4gdGhlIE1lc2hjZW50cmFsIGNvbmZpZyBmaWxlIGJlZm9yZSBNZXNoY2VudHJhbCBzdGFydHMgbG9nZ2luZzoKImF1dGhMb2ciOiAiL29wdC9tZXNoY2VudHJhbC9tZXNoY2VudHJhbC1kYXRhL2F1dGgubG9nIgoKYGBgeWFtbAotLS0KZmlsZW5hbWVzOgogLSAvb3B0L21lc2hjZW50cmFsL21lc2hjZW50cmFsLWRhdGEvYXV0aC5sb2cKbGFiZWxzOgogIHR5cGU6IG1lc2hjZW50cmFsCmBgYAoKRm9yIERvY2tlciBkaXJlY3RseQpgYGB5YW1sCi0tLQpzb3VyY2U6IGRvY2tlcgpjb250YWluZXJfbmFtZToKIC0gbWVzaGNlbnRyYWwKI2NvbnRhaW5lcl9pZDoKIyAtIDg0M2VlOTJkMjMxYgpsYWJlbHM6CiAgdHlwZTogbWVzaGNlbnRyYWwKYGBgCg==",
"content": "cGFyc2VyczoKICAtIGExYWQvbWVzaGNlbnRyYWwtbG9ncwpzY2VuYXJpb3M6CiAgLSBhMWFkL21lc2hjZW50cmFsLWJmCmRlc2NyaXB0aW9uOiAiTWVzaGNlbnRyYWwgc3VwcG9ydCA6IHBhcnNlciBhbmQgYnJ1dGUtZm9yY2UgZGV0ZWN0aW9uIgphdXRob3I6IGExYWQKdGFnczoKICAtIGxpbnV4CiAgLSBicnV0ZS1mb3JjZQogIC0gbWVzaGNlbnRyYWwK",
"description": "Meshcentral support : parser and brute-force detection",
"author": "a1ad",
"labels": null,
"parsers": [
"a1ad/meshcentral-logs"
],
"scenarios": [
"a1ad/meshcentral-bf"
]
},
"a1ad/mikrotik": {
"path": "collections/a1ad/mikrotik.yml",
"version": "0.2",
"versions": {
"0.1": {
"digest": "04e0cdfcab4158d6067397b7592b6fecc89171e0eeac055557b17d26e3d8c00b",
"deprecated": false
},
"0.2": {
"digest": "7def1e4c4f498ef43a22ef297c716013892f5b2cb201359e2d9336cc7d85f028",
"deprecated": false
}
},
"long_description": "IyMgTWlrcm90aWsgY29sbGVjdGlvbgoKQSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbTWlrcm90aWtdKGh0dHBzOi8vbWlrcm90aWsuY29tLykgZmlyZXdhbGwgYWdhaW5zdCBwb3J0c2Nhbm5pbmcgYW5kIGJydXRlIGZvcmNlIGF0dGVtcHRzCi0gTWlrcm90aWsgcGFyc2VyCi0gTWlrcm90aWsgcG9ydHNjYW4gc2NlbmFyaW8KLSBNaWtyb3RpayBicnV0ZSBmb3JjZSBzY2VuYXJpbwoKWW91IG5lZWQgdG8gc2V0IHVwIGEgcmVtb3RlIHN5c2xvZyBzZXJ2ZXIuIFRoZXJlIGlzIG5vIGNyb3dkc2VjIGNsaWVudCBvbiB0aGUgTWlrcm90aWssIHNvIGxvZyBwYXJzaW5nIG5lZWRzIHRvIGJlIGRvbmUgb24gdGhlIHJzeXNsb2cgc2VydmVyLgpEbyBub3QgZm9yZ2V0IHRvIHNldCAiRmlyZXdhbGwiIGZsYWcgaW4gdGhlIHJlbW90ZSBsb2cgc2V0dGluZ3MgYW5kIGNyZWF0ZSBhIGRyb3AgcnVsZSB3aXRoIGxvZ2dpbmcgYWN0aXZlLgpGb3IgYnJ1dGUgZm9yY2UgZGV0ZWN0aW9uIHlvdSBuZWVkIHRvIHNldCB0aGUgImVycm9yIiBmbGFnLgoKQXMgYm91bmNlciB5b3UgY2FuIHVzZSB0aGUgW2NzLW1pa3JvdGlrLWJvdW5jZXJdKGh0dHBzOi8vaHViLmNyb3dkc2VjLm5ldC9hdXRob3IvZnVua29sYWIvYm91bmNlcnMvY3MtbWlrcm90aWstYm91bmNlcikKCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbAotLS0KZmlsZW5hbWVzOgogLSAvdmFyL2xvZy9yc3lzbG9nLzEwLjEwLjEwLjEvc3lzbG9nLmxvZwpsYWJlbHM6CiAgdHlwZTogbWlrcm90aWsKYGBgCg==",
"content": "cGFyc2VyczoKICAtIGExYWQvbWlrcm90aWstbG9ncwpzY2VuYXJpb3M6CiAgLSBhMWFkL21pa3JvdGlrLXNjYW4tbXVsdGlfcG9ydHMKICAtIGExYWQvbWlrcm90aWstYmYKZGVzY3JpcHRpb246ICJNaWtyb3RpayBzdXBwb3J0OiBsb2dzLCBhdXRoIGFuZCBwb3J0LXNjYW5zIGRldGVjdGlvbiBzY2VuYXJpb3MiCmF1dGhvcjogYTFhZAp0YWdzOgogIC0gbWlrcm90aWsKICAtIHBvcnRzY2FuCiAgLSBicnV0ZSBmb3JjZQo=",
"description": "Mikrotik support: logs, auth and port-scans detection scenarios",
"author": "a1ad",
"labels": null,
"parsers": [
"a1ad/mikrotik-logs"
],
"scenarios": [
"a1ad/mikrotik-scan-multi_ports",
"a1ad/mikrotik-bf"
]
},
"baudneo/gotify": {
"path": "collections/baudneo/gotify.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "9d3c0d0e2271d560f5aa45601cca9dd1d4f5722e7f1ca8198f21acc1231bca34",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRldGVjdCBicnV0ZWZvcmNlIGF0dGVtcHRzIG9uIEdvdGlmeSBzZXJ2ZXIu",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvc3lzbG9nLWxvZ3MKICAtIGJhdWRuZW8vZ290aWZ5LWxvZ3MKc2NlbmFyaW9zOgogIC0gYmF1ZG5lby9nb3RpZnktYmYKZGVzY3JpcHRpb246ICJHb3RpZnkgYnJ1dGVmb3JjZSBsb2dpbiBwcm90ZWN0aW9uIgphdXRob3I6IGJhdWRuZW8KdGFnczoKICAtIEdvdGlmeQogIC0gYnJ1dGVmb3JjZQo=",
"description": "Gotify bruteforce login protection",
"author": "baudneo",
"labels": null,
"parsers": [
"crowdsecurity/syslog-logs",
"baudneo/gotify-logs"
],
"scenarios": [
"baudneo/gotify-bf"
]
},
"baudneo/zoneminder": {
"path": "collections/baudneo/zoneminder.yaml",
"version": "0.2",
"versions": {
"0.1": {
"digest": "2ea1b2b8b5b7f1f6fe3c23300c08f0e6df8afea45ad94cb4cf6af36cdf489174",
"deprecated": false
},
"0.2": {
"digest": "a1f88aaab3a31ad0b469f80dc7ff1c12bbc3d0e8d3f1a2c4d7be218ab725e951",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRldGVjdCBicnV0ZWZvcmNlIGxvZ2lucyBhbmQgdXNlciBlbnVtZXJhdGlvbiBvbiBab25lTWluZGVyLgo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvc3lzbG9nLWxvZ3MKICAtIGJhdWRuZW8vem9uZW1pbmRlci1sb2dzCiAgLSBjcm93ZHNlY3VyaXR5L2RhdGVwYXJzZS1lbnJpY2gKc2NlbmFyaW9zOgogIC0gYmF1ZG5lby96b25lbWluZGVyLWJmCmNvbGxlY3Rpb25zOgogIC0gYmF1ZG5lby96b25lbWluZGVyX2h0dHAtY3ZlCmRlc2NyaXB0aW9uOiAiWm9uZU1pbmRlciBicnV0ZWZvcmNlIGxvZ2luLCB1c2VyIGVudW0gYW5kIGN2ZSAgcHJvdGVjdGlvbiIKYXV0aG9yOiBiYXVkbmVvCnRhZ3M6CiAgLSBab25lTWluZGVyCiAgLSBicnV0ZWZvcmNlCg==",
"description": "ZoneMinder bruteforce login, user enum and cve protection",
"author": "baudneo",
"labels": null,
"parsers": [
"crowdsecurity/syslog-logs",
"baudneo/zoneminder-logs",
"crowdsecurity/dateparse-enrich"
],
"scenarios": [
"baudneo/zoneminder-bf"
],
"collections": [
"baudneo/zoneminder_http-cve"
]
},
"baudneo/zoneminder_http-cve": {
"path": "collections/baudneo/zoneminder_http-cve.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "0c4bc2952784bd9cc0f2a9590fa6f60124fbeaf1f3c04f603ee8b53adeef8c4a",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRldGVjdCBIVFRQIGJhc2VkIENWRXMgb24gWm9uZU1pbmRlci4K",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvYXBhY2hlMi1sb2dzCiAgLSBjcm93ZHNlY3VyaXR5L2RhdGVwYXJzZS1lbnJpY2gKc2NlbmFyaW9zOgogIC0gYmF1ZG5lby96b25lbWluZGVyX2N2ZS0yMDIyLTM5Mjg1CiAgLSBiYXVkbmVvL3pvbmVtaW5kZXJfY3ZlLTIwMjItMzkyOTAKICAtIGJhdWRuZW8vem9uZW1pbmRlcl9jdmUtMjAyMi0zOTI5MQpkZXNjcmlwdGlvbjogIlpvbmVNaW5kZXIgQ1ZFIHByb3RlY3Rpb24iCmF1dGhvcjogYmF1ZG5lbwp0YWdzOgogIC0gWm9uZU1pbmRlcgogIC0gQ1ZFLTIwMjItMzkyOTAK",
"description": "ZoneMinder CVE protection",
"author": "baudneo",
"labels": null,
"parsers": [
"crowdsecurity/apache2-logs",
"crowdsecurity/dateparse-enrich"
],
"scenarios": [
"baudneo/zoneminder_cve-2022-39285",
"baudneo/zoneminder_cve-2022-39290",
"baudneo/zoneminder_cve-2022-39291"
]
},
"corvese/apache-guacamole": {
"path": "collections/corvese/apache-guacamole.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "eec539fc4d01c275a0777aa0e41578fc1480f79e8b23c97e695c9ff1a855dd5c",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBbQXBhY2hlIEd1YWNhbW9sZV0oaHR0cHM6Ly9ndWFjYW1vbGUuYXBhY2hlLm9yZy8pIGluc3RhbmNlIGFnYWluc3QgY29tbW9uIGF0dGFja3MKCkluY2x1ZGVzOiAKIC0gQXBhY2hlIEd1YWNhbW9sZSBwYXJzZXIKIC0gQXBhY2hlIEd1YWNhbW9sZSBicnV0ZWZvcmNlICYgdXNlciBlbnVtZXJhdGlvbiBkZXRlY3Rpb24gc2NlbmFyaW9zCgpTZWUgdGhlIGFwYWNoZS1ndWFjYW1vbGUtbG9ncyBwYXJzZXIgZG9jdW1lbnRhdGlvbiBmb3IgY29uZmlndXJhdGlvbiBpbnN0cnVjdGlvbnM=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvc3lzbG9nLWxvZ3MKICAtIGNvcnZlc2UvYXBhY2hlLWd1YWNhbW9sZS1sb2dzCnNjZW5hcmlvczoKICAtIGNvcnZlc2UvYXBhY2hlLWd1YWNhbW9sZV9iZgogIC0gY29ydmVzZS9hcGFjaGUtZ3VhY2Ftb2xlX3VzZXJfZW51bQpkZXNjcmlwdGlvbjogIkFwYWNoZSBHdWFjYW1vbGUgYnJ1dGVmb3JjZSBsb2dpbiBwcm90ZWN0aW9uIgphdXRob3I6IGNvcnZlc2UKdGFnczoKICAtIEFwYWNoZUd1YWNhbW9sZQogIC0gYnJ1dGVmb3JjZQ==",
"description": "Apache Guacamole bruteforce login protection",
"author": "corvese",
"labels": null,
"parsers": [
"crowdsecurity/syslog-logs",
"corvese/apache-guacamole-logs"
],
"scenarios": [
"corvese/apache-guacamole_bf",
"corvese/apache-guacamole_user_enum"
]
},
"crowdsecurity/apache2": {
"path": "collections/crowdsecurity/apache2.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "3601f38e187479724e830e0182f51468c980f661e6eedc6d2e586f622e3b48ea",
"deprecated": false
}
},
"long_description": "IyMgQXBhY2hlMiBjb2xsZWN0aW9uCgpBIGNvbGxlY3Rpb24gZm9yIGFwYWNoZTIgOgogLSBhcGFjaGUyIHBhcnNlcgogLSBiYXNlIGh0dHAgc2NlbmFyaW9zIGZvciBjcmF3bCwgc2NhbiBldGMuCgojIyBBY3F1aXNpdGlvbiB0ZW1wbGF0ZQoKRXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIDoKCmBgYHlhbWwKZmlsZW5hbWVzOgogIC0gL3Zhci9sb2cvYXBhY2hlMi8qLmxvZwogIC0gL3Zhci9sb2cvKmh0dHBkKi5sb2cKICAtIC92YXIvbG9nL2h0dHBkLypsb2cKbGFiZWxzOgogIHR5cGU6IGFwYWNoZTIKYGBgCgoKbm90ZXMgOgogLSAgSWYgeW91IGFyZSB1c2luZyBgc3lzbG9nYCwgc2V0IHR5cGUgdG8gYHN5c2xvZ2AgaW5zdGVhZAogLSAgRGVwZW5kaW5nIG9uIHlvdXIgZGlzdHJpYnV0aW9uL09TLCBwYXRocyB0byBsb2cgZmlsZXMgbWlnaHQgY2hhbmdlCiAtICBPbmx5IHJlbGV2YW50IGlmIHlvdSBhcmUgbWFudWFsbHkgaW5zdGFsbGluZyBjb2xsZWN0aW9uCg==",
"content": "cGFyc2VyczoKI2dlbmVyaWMgcG9zdC1wYXJzaW5nIG9mIGh0dHAgc3R1ZmYKICAtIGNyb3dkc2VjdXJpdHkvYXBhY2hlMi1sb2dzCmNvbGxlY3Rpb25zOgogIC0gY3Jvd2RzZWN1cml0eS9iYXNlLWh0dHAtc2NlbmFyaW9zCmRlc2NyaXB0aW9uOiAiYXBhY2hlMiBzdXBwb3J0IDogcGFyc2VyIGFuZCBnZW5lcmljIGh0dHAgc2NlbmFyaW9zICIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSBsaW51eAogIC0gYXBhY2hlMgogIC0gY3Jhd2wKICAtIHNjYW4KCg==",
"description": "apache2 support : parser and generic http scenarios ",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/apache2-logs"
],
"collections": [
"crowdsecurity/base-http-scenarios"
]
},
"crowdsecurity/apiscp": {
"path": "collections/crowdsecurity/apiscp.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "0d5b10b1ab997a9826b657dfa145799904c7f340c38b0db0855f24900900408a",
"deprecated": false
}
},
"long_description": "IyMgQXBpc0NQIGNvbGxlY3Rpb24KCkEgY29sbGVjdGlvbiBmb3IgQXBpc0NQIDoKIC0gQXBhY2hlIGxvZyBwYXJzZXIgZm9yIGFwaXNDUCBhbmQgaHR0cGQgYWNjZXNzX2xvZwogLSBTY2VuYXJpbyB0byBkZXRlY3QgYnJ1dGVmb3JjZSBvbiBBcGlzQ1AgYWRtaW4gcGFnZQogLSBDb2xsZWN0aW9ucyBmb3Igc3VwcG9ydGVkIHNlcnZpY2VzOgogICAgLSBjcm93ZHNlY3VyaXR5L2FwYWNoZTIKICAgIC0gY3Jvd2RzZWN1cml0eS9kb3ZlY290CiAgICAtIGNyb3dkc2VjdXJpdHkvaGFwcm94eQogICAgLSBjcm93ZHNlY3VyaXR5L215c3FsCiAgICAtIGNyb3dkc2VjdXJpdHkvcG9zdGZpeAogICAgLSBjcm93ZHNlY3VyaXR5L3Bnc3FsCiAgICAtIGNyb3dkc2VjdXJpdHkvdnNmdHBkCgoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCkV4YW1wbGUgYWNxdWlzaXRpb24gZm9yIHRoaXMgY29sbGVjdGlvbiA6CgpgYGB5YW1sCmZpbGVuYW1lczoKICAtIC91c3IvbG9jYWwvYXBuc2NwL3N0b3JhZ2UvbG9ncy9hY2Nlc3NfbG9nCiAgLSAvdXNyL2xvY2FsL2FwbnNjcC9zdG9yYWdlL2xvZ3MvZXJyb3JfbG9nCmxhYmVsczoKICB0eXBlOiBhcGFjaGUyCi0tLQpmaWxlbmFtZXM6CiAgLSAvdmFyL2xvZy9wZ3NxbC8qLmxvZwpsYWJlbHM6CiAgdHlwZTogcG9zdGdyZXMKLS0tCmZpbGVuYW1lczoKICAtIC92YXIvbG9nL21haWxsb2cKbGFiZWxzOgogIHR5cGU6IHN5c2xvZwotLS0KZmlsZW5hbWVzOgogIC0gL3Zhci9sb2cvbXlzcWxkLmxvZwpsYWJlbHM6CiAgdHlwZTogbXlzcWwKLS0tCmZpbGVuYW1lczoKICAtIC92YXIvbG9nL3ZzZnRwZC5sb2cKbGFiZWxzOgogIHR5cGU6IHZzZnRwZApgYGAKCllvdSBjYW4gYWxzbyBtb25pdG9yIGFsbCB0aGUgY3JlYXRlZCBgTmV4dXNgIGJ5IHJlcGxhY2luZyBgL3Zhci9sb2cvYCBieSBgL2hvbWUvdmlydHVhbC88c2l0ZV9uYW1lPi92YXIvbG9nL2AuCgoKbm90ZXMgOgogLSAgSWYgeW91IGFyZSB1c2luZyBgc3lzbG9nYCwgc2V0IHR5cGUgdG8gYHN5c2xvZ2AgaW5zdGVhZAogLSAgRGVwZW5kaW5nIG9uIHlvdXIgZGlzdHJpYnV0aW9uL09TLCBwYXRocyB0byBsb2cgZmlsZXMgbWlnaHQgY2hhbmdlCiAtICBPbmx5IHJlbGV2YW50IGlmIHlvdSBhcmUgbWFudWFsbHkgaW5zdGFsbGluZyBjb2xsZWN0aW9uCgo=",
"content": "c2NlbmFyaW9zOgogIC0gY3Jvd2RzZWN1cml0eS9odHRwLWFwaXNjcC1iZgpjb2xsZWN0aW9uczoKICAtIGNyb3dkc2VjdXJpdHkvYXBhY2hlMgogIC0gY3Jvd2RzZWN1cml0eS9kb3ZlY290CiAgLSBjcm93ZHNlY3VyaXR5L2hhcHJveHkKICAtIGNyb3dkc2VjdXJpdHkvbXlzcWwKICAtIGNyb3dkc2VjdXJpdHkvcG9zdGZpeAogIC0gY3Jvd2RzZWN1cml0eS9wZ3NxbAogIC0gY3Jvd2RzZWN1cml0eS92c2Z0cGQKZGVzY3JpcHRpb246ICJhcGlzQ1Agc3VwcG9ydCA6IGNvbGxlY3Rpb25zIGZvciBzZXJ2aWNlcyBzdXBwb3J0ZWQgYnkgYXBpc0NQICsgYXBpc0NQIGFkbWluIHBhZ2UgcGFyc2VyL3NjZW5hcmlvIGJydXRlZm9yY2UiCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gYXBpc2NwCgo=",
"description": "apisCP support : collections for services supported by apisCP + apisCP admin page parser/scenario bruteforce",
"author": "crowdsecurity",
"labels": null,
"scenarios": [
"crowdsecurity/http-apiscp-bf"
],
"collections": [
"crowdsecurity/apache2",
"crowdsecurity/dovecot",
"crowdsecurity/haproxy",
"crowdsecurity/mysql",
"crowdsecurity/postfix",
"crowdsecurity/pgsql",
"crowdsecurity/vsftpd"
]
},
"crowdsecurity/asterisk": {
"path": "collections/crowdsecurity/asterisk.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "4dcfaad1205510572bc715811b4f70a4ab12ad2a54a7ceac202ce9f2517502cd",
"deprecated": false
}
},
"long_description": "IyMgQXN0ZXJpc2sgY29sbGVjdGlvbgoKQSBjb2xsZWN0aW9uIGZvciBhc3RlcmlzayA6CiAtIGFzdGVyaXNrIGxvZyBwYXJzZXIKIC0gYXN0ZXJpc2sgdXNlciBlbnVtZXJhdGlvbiBzY2VuYXJpbwogLSBhc3RlcmlzayBicnV0ZWZvcmNlIHNjZW5hcmlvCgoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCkV4YW1wbGUgYWNxdWlzaXRpb24gZm9yIHRoaXMgY29sbGVjdGlvbiA6CgpgYGB5YW1sCmZpbGVuYW1lczoKICAtIC92YXIvbG9nL2FzdGVyaXNrLyoubG9nCmxhYmVsczoKICB0eXBlOiBhc3RlcmlzawpgYGAKCgpub3RlcyA6CiAtICBJZiB5b3UgYXJlIHVzaW5nIGBzeXNsb2dgLCBzZXQgdHlwZSB0byBgc3lzbG9nYCBpbnN0ZWFkCiAtICBEZXBlbmRpbmcgb24geW91ciBkaXN0cmlidXRpb24vT1MsIHBhdGhzIHRvIGxvZyBmaWxlcyBtaWdodCBjaGFuZ2UKIC0gIE9ubHkgcmVsZXZhbnQgaWYgeW91IGFyZSBtYW51YWxseSBpbnN0YWxsaW5nIGNvbGxlY3Rpb24KCg==",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvYXN0ZXJpc2stbG9ncwpzY2VuYXJpb3M6CiAgLSBjcm93ZHNlY3VyaXR5L2FzdGVyaXNrX2JmCiAgLSBjcm93ZHNlY3VyaXR5L2FzdGVyaXNrX3VzZXJfZW51bQpkZXNjcmlwdGlvbjogImFzdGVyaXNrIHN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlZm9yY2UvdXNlciBlbnVtZXJhdGlvbiBzY2VuYXJpb3MgIgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIGFzdGVyaXNrCiAgLSBicnV0ZWZvcmNlCgo=",
"description": "asterisk support : parser and bruteforce/user enumeration scenarios ",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/asterisk-logs"
],
"scenarios": [
"crowdsecurity/asterisk_bf",
"crowdsecurity/asterisk_user_enum"
]
},
"crowdsecurity/base-http-scenarios": {
"path": "collections/crowdsecurity/base-http-scenarios.yaml",
"version": "0.6",
"versions": {
"0.1": {
"digest": "7ee043a9d2e063cad751e6ce5d048f02518a76d39ec81aebed3bae736b0ced9e",
"deprecated": false
},
"0.2": {
"digest": "affdb706e66ffd924086b24e94734589672fb531f80fe366ab06a8c3228962e2",
"deprecated": false
},
"0.3": {
"digest": "543df5abb020afb51f3ab9d83cdc031e95572983e72f32a59b9f6f75cac990c3",
"deprecated": false
},
"0.4": {
"digest": "15018789eeb01f907fad18a16a1bfd3dc4be972455b22b86c73fd95ef334a072",
"deprecated": false
},
"0.5": {
"digest": "98c63493ca04367acd2d889d54141f9bcf22573301b161d6d268ca053159e94e",
"deprecated": false
},
"0.6": {
"digest": "2d70781df8c630d36e5f4800bde77dd7e130481e9c658aa0b3aae7ae95e15271",
"deprecated": false
}
},
"long_description": "Kipjb250YWlucyBubyBwYXJzZXIsIG1lYW50IHRvIGJlIGVtYmVkZGVkKioKCkEgY29sbGVjdGlvbiBvZiBkZWZlbnNpdmUgKGltcGxlbWVudGF0aW9uIGluZGVwZW5kZW50KSBzY2VuYXJpb3MgZm9yIGh0dHAgc2VydmljZXMgOgogLSBhZ2dyZXNzaXZlIGNyYXdsIGRldGVjdGlvbgogLSBzY2FubmluZy9wcm9iaW5nIGRldGVjdGlvbgogLSBiYWQgdXNlci1hZ2VudCBkZXRlY3Rpb24KIC0gcGF0aCB0cmF2ZXJzYWwgZGV0ZWN0aW9uCiAtIHNlbnNpdGl2ZSBkYXRhIGFjY2VzcyBhdHRlbXB0cyBkZXRlY3Rpb24KIC0gU1FMIGluamVjdGlvbiBkZXRlY3Rpb24KCjp3YXJuaW5nOiBUaGlzIGNvbGxlY3Rpb24gaXMgX25vdF8gYSBXQUYgYW5kIHRoaXMgc2NlbmFyaW8gZG9lcyBfbm90XyBhaW1zIGF0IHJlcGxhY2luZyBhIFdBRi4KCgoK",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvaHR0cC1sb2dzCnNjZW5hcmlvczoKICAtIGNyb3dkc2VjdXJpdHkvaHR0cC1jcmF3bC1ub25fc3RhdGljcwogIC0gY3Jvd2RzZWN1cml0eS9odHRwLXByb2JpbmcKICAtIGNyb3dkc2VjdXJpdHkvaHR0cC1iYWQtdXNlci1hZ2VudAogIC0gY3Jvd2RzZWN1cml0eS9odHRwLXBhdGgtdHJhdmVyc2FsLXByb2JpbmcKICAtIGNyb3dkc2VjdXJpdHkvaHR0cC1zZW5zaXRpdmUtZmlsZXMKICAtIGNyb3dkc2VjdXJpdHkvaHR0cC1zcWxpLXByb2JpbmcKICAtIGNyb3dkc2VjdXJpdHkvaHR0cC14c3MtcHJvYmluZwogIC0gY3Jvd2RzZWN1cml0eS9odHRwLWJhY2tkb29ycy1hdHRlbXB0cwogIC0gbHRzaWNoL2h0dHAtdzAwdHcwMHQKICAtIGNyb3dkc2VjdXJpdHkvaHR0cC1nZW5lcmljLWJmCiAgLSBjcm93ZHNlY3VyaXR5L2h0dHAtb3Blbi1wcm94eQpjb2xsZWN0aW9uczoKICAtIGNyb3dkc2VjdXJpdHkvaHR0cC1jdmUKCmRlc2NyaXB0aW9uOiAiaHR0cCBjb21tb24gOiBzY2FubmVycyBkZXRlY3Rpb24iCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gbGludXgKICAtIGh0dHAKICAtIGNyYXdsCiAgLSBzY2FuCgo=",
"description": "http common : scanners detection",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/http-logs"
],
"scenarios": [
"crowdsecurity/http-crawl-non_statics",
"crowdsecurity/http-probing",
"crowdsecurity/http-bad-user-agent",
"crowdsecurity/http-path-traversal-probing",
"crowdsecurity/http-sensitive-files",
"crowdsecurity/http-sqli-probing",
"crowdsecurity/http-xss-probing",
"crowdsecurity/http-backdoors-attempts",
"ltsich/http-w00tw00t",
"crowdsecurity/http-generic-bf",
"crowdsecurity/http-open-proxy"
],
"collections": [
"crowdsecurity/http-cve"
]
},
"crowdsecurity/caddy": {
"path": "collections/crowdsecurity/caddy.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "3501cb76beba2ec7f0ed44cf10e249e4db279903813e8b659c1d731c3a66ab2f",
"deprecated": false
}
},
"long_description": "IyMgQ2FkZHkgY29sbGVjdGlvbgoKQSBjb2xsZWN0aW9uIHRvIGRlZmVuZCBjYWRkeSBhZ2FpbnN0IGNvbW1vbiBodHRwIGF0dGFja3MgOgogLSBjYWRkeSBwYXJzZXIKIC0gYmFzZS1odHRwLXNjZW5hcmlvcyBjb2xsZWN0aW9uIHRvIGRldGVjdCBodHRwIGJhZCBiZWhhdmlvcnMKCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbApmaWxlbmFtZXM6CiAgLSAvdmFyL2xvZy9jYWRkeS8qLmxvZwogIHR5cGU6IGNhZGR5CmBgYAoKCm5vdGVzIDoKIC0gIElmIHlvdSBhcmUgdXNpbmcgYHN5c2xvZ2AsIHNldCB0eXBlIHRvIGBzeXNsb2dgIGluc3RlYWQKIC0gIERlcGVuZGluZyBvbiB5b3VyIGRpc3RyaWJ1dGlvbi9PUywgcGF0aHMgdG8gbG9nIGZpbGVzIG1pZ2h0IGNoYW5nZQogLSAgT25seSByZWxldmFudCBpZiB5b3UgYXJlIG1hbnVhbGx5IGluc3RhbGxpbmcgY29sbGVjdGlvbgo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvY2FkZHktbG9ncwpjb2xsZWN0aW9uczoKICAtIGNyb3dkc2VjdXJpdHkvYmFzZS1odHRwLXNjZW5hcmlvcwpkZXNjcmlwdGlvbjogImNhZGR5IHN1cHBvcnQgOiBwYXJzZXIgYW5kIGdlbmVyaWMgaHR0cCBzY2VuYXJpb3MiCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gbGludXgKICAtIGNhZGR5CiAgLSBjcmF3bAogIC0gc2Nhbgo=",
"description": "caddy support : parser and generic http scenarios",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/caddy-logs"
],
"collections": [
"crowdsecurity/base-http-scenarios"
]
},
"crowdsecurity/cpanel": {
"path": "collections/crowdsecurity/cpanel.yaml",
"version": "0.2",
"versions": {
"0.1": {
"digest": "708cb00f74feff6b8bc5109ba0dea0ed646229adbbb2174288ea7bd185b31e53",
"deprecated": false
},
"0.2": {
"digest": "f2496391e82604dcba85c91ba79ec8204661aca4fdb38f6c46773f203c99b9fe",
"deprecated": false
}
},
"long_description": "IyMgQ3BhbmVsIGNvbGxlY3Rpb24KCkEgY29sbGVjdGlvbiBmb3IgY3BhbmVsLiBDb250YWluczoKICogY3BhbmVsIGxvZyBwYXJzZXIKICogY3BhbmVsIHNjZW5hcmlvIHRvIGRldGVjdCBicnV0ZWZvcmNlCgojIyBBY3F1aXNpdGlvbiB0ZW1wbGF0ZQoKRXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIDoKCmBgYHlhbWwKZmlsZW5hbWVzOgogIC0gL2hvbWUvPHVzZXJuYW1lPi9sb2dzL2NwYW5lbC9sb2dpbl9sb2cKbGFiZWxzOgogIHR5cGU6IGNwYW5lbApgYGAKCgpub3RlcyA6CiAtICBJZiB5b3UgYXJlIHVzaW5nIGBzeXNsb2dgLCBzZXQgdHlwZSB0byBgc3lzbG9nYCBpbnN0ZWFkCiAtICBEZXBlbmRpbmcgb24geW91ciBkaXN0cmlidXRpb24vT1MsIHBhdGhzIHRvIGxvZyBmaWxlcyBtaWdodCBjaGFuZ2UKIC0gIE9ubHkgcmVsZXZhbnQgaWYgeW91IGFyZSBtYW51YWxseSBpbnN0YWxsaW5nIGNvbGxlY3Rpb24K",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvY3BhbmVsLWxvZ3MKc2NlbmFyaW9zOgogIC0gY3Jvd2RzZWN1cml0eS9jcGFuZWwtYmYKICAtIGNyb3dkc2VjdXJpdHkvY3BhbmVsLWJmLWF0dGVtcHQKZGVzY3JpcHRpb246ICJjcGFuZWwgc3VwcG9ydCA6IHBhcnNlciBhbmQgYnJ1dGVmb3JjZSBkZXRlY3Rpb24iCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gbGludXgKICAtIGNwYW5lbAogIC0gYnJ1dGVmb3JjZQo=",
"description": "cpanel support : parser and bruteforce detection",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/cpanel-logs"
],
"scenarios": [
"crowdsecurity/cpanel-bf",
"crowdsecurity/cpanel-bf-attempt"
]
},
"crowdsecurity/dovecot": {
"path": "collections/crowdsecurity/dovecot.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "7990a4b855273b5ceaa379d2979d796e070c96a398caeefbfa1933cc36f690be",
"deprecated": false
}
},
"long_description": "IyMgRG92ZWNvdCBjb2xsZWN0aW9uCgpBIGNvbGxlY3Rpb24gZm9yIGRvdmVjb3QKICogZG92ZWNvdCBsb2cgcGFyc2VycwogKiBkb3ZlY290IHNjZW5hcmlvIGJydXRlZm9yY2Ugc3BhbSBhdHRlbXB0CgpUaGlzIGNvbGxlY3Rpb24gbW9zdGx5IGFpbXMgYXQgZ2V0dGluZyBzaW1pbGFyIHNwYW0gcHJvdGVjdGlvbiBhcwp0aGUgbm9ybWFsIGZhaWwyYmFuIGRvdmVjb3QgY29uZmlndXJhdGlvbi4KCj4gQ29udHJpYnV0aW9uIGJ5IGh0dHBzOi8vZ2l0aHViLmNvbS9MdFNpY2gKCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbApmaWxlbmFtZXM6CiAgLSAvdmFyL2xvZy9tYWlsLmxvZwpsYWJlbHM6CiAgdHlwZTogc3lzbG9nCmBgYAoKCm5vdGVzIDoKIC0gIERlcGVuZGluZyBvbiB5b3VyIGRpc3RyaWJ1dGlvbi9PUywgcGF0aHMgdG8gbG9nIGZpbGVzIG1pZ2h0IGNoYW5nZQogLSAgT25seSByZWxldmFudCBpZiB5b3UgYXJlIG1hbnVhbGx5IGluc3RhbGxpbmcgY29sbGVjdGlvbgo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvZG92ZWNvdC1sb2dzCnNjZW5hcmlvczoKICAtIGNyb3dkc2VjdXJpdHkvZG92ZWNvdC1zcGFtCmRlc2NyaXB0aW9uOiAiZG92ZWNvdCBzdXBwb3J0IDogcGFyc2VyIGFuZCBzcGFtbWVyIGRldGVjdGlvbiIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSBsaW51eAogIC0gc3BhbQogIC0gYnJ1dGVmb3JjZQo=",
"description": "dovecot support : parser and spammer detection",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/dovecot-logs"
],
"scenarios": [
"crowdsecurity/dovecot-spam"
]
},
"crowdsecurity/endlessh": {
"path": "collections/crowdsecurity/endlessh.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "43b070a6e5c49f66dc970d4a8cc8fb37cef90c5da5aa6276c012e343ba06f0e5",
"deprecated": false
}
},
"long_description": "IyMgRW5kbGVzc2ggY29sbGVjdGlvbgoKQSBjb2xsZWN0aW9uIGZvciBbRW5kbGVzc2hdKGh0dHBzOi8vZ2l0aHViLmNvbS9za2VldG8vZW5kbGVzc2gpCiAqIGxvZyBwYXJzZXIKICogYnJ1dGUtZm9yY2Ugc2NlbmFyaW8KCj4gQ29udHJpYnV0aW9uIGJ5IGh0dHBzOi8vZ2l0aHViLmNvbS9iYW14MjMKCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb246CgpgYGB5YW1sCmZpbGVuYW1lczoKICAtIC92YXIvbG9nL2VuZGxlc3NoLmxvZwpsYWJlbHM6CiAgdHlwZTogZW5kbGVzc2gKYGBgCgpZb3UgbmVlZCB0byBjb25maWd1cmUgRW5kbGVzc2ggdG8gd3JpdGUgbG9ncyB0byB0aGlzIHBhdGguCkkuZS4gYnkgaGF2aW5nIHRoaXMgbGluZSBpbiBgL3Vzci9saWIvc3lzdGVtZC9zeXN0ZW0vZW5kbGVzc2guc2VydmljZWA6CgpgYGAKU3RhbmRhcmRPdXRwdXQ9ZmlsZTovdmFyL2xvZy9lbmRsZXNzaC5sb2cKYGBgCg==",
"content": "I3RoZSBsaXN0IG9mIHBhcnNlcnMgaXQgY29udGFpbnMKcGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvZW5kbGVzc2gtbG9ncwogIC0gY3Jvd2RzZWN1cml0eS9kYXRlcGFyc2UtZW5yaWNoCnNjZW5hcmlvczoKICAtIGNyb3dkc2VjdXJpdHkvZW5kbGVzc2gtYmYKZGVzY3JpcHRpb246ICJlbmRsZXNzaCBzdXBwb3J0IDogbG9ncyBwYXJzZXIgYW5kIGJydXRlLWZvcmNlIGRldGVjdGlvbiIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSBsaW51eAogIC0gc3NoCiAgLSBlbmRsZXNzaAogIC0gYnJ1dGVmb3JjZQo=",
"description": "endlessh support : logs parser and brute-force detection",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/endlessh-logs",
"crowdsecurity/dateparse-enrich"
],
"scenarios": [
"crowdsecurity/endlessh-bf"
]
},
"crowdsecurity/exchange": {
"path": "collections/crowdsecurity/exchange.yaml",
"version": "0.3",
"versions": {
"0.1": {
"digest": "95cf2f72de900427c545793800c465716508b4e2953bdc0024b8d757fbbed8df",
"deprecated": false
},
"0.2": {
"digest": "cc3b0e749e8fd9470d6274bc9cace5d7fa1fa2d09eac6c36a4c998600c449dae",
"deprecated": false
},
"0.3": {
"digest": "33da539eede53d578b7f415591d69b9ffabdfdf59b33de2a5f9224e5b345785c",
"deprecated": false
}
},
"long_description": "IyMgRXhjaGFuZ2UgY29sbGVjdGlvbgoKQSBjb2xsZWN0aW9uIGZvciBNaWNyb3NvZnQgRXhjaGFuZ2U6CiAtIERldGVjdCBicnV0ZWZvcmNlIG9uIGFuIE9XQSBpbnN0YW5jZQogLSBEZXRlY3QgYnJ1dGVmb3JjZSBvbiB0aGUgU01UUCBzZXJ2aWNlIG9mIEV4Y2hhbmdlCgpOb3RlOgogLSBUaGlzIGNvbGxlY3Rpb24gd2lsbCByZWFkIHRoZSBleGNoYW5nZSB0cmFuc3BvcnQgbG9ncywgd2hpY2ggYXJlIG5vdCB3cml0dGVuIHRvIGRpc2sgaW4gcmVhbCB0aW1lLiBJbiBvcmRlciB0byBhdm9pZCBmYWxzZSBwb3NpdGl2ZSBpbiBsb3cgdHJhZmZpYyBlbnZpcm9ubWVudCwgc2V0IHRoZSBgdXNlX3RpbWVfbWFjaGluZWAgcGFyYW1ldGVyIHRvIGB0cnVlYC4KCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb246CgpgYGB5YW1sCnVzZV90aW1lX21hY2hpbmU6IHRydWUgI1Byb2Nlc3MgbG9ncyBhcyBpZiB3ZSB3ZXJlIHJlcGxheWluZyB0aGVtIHRvIGdldCB0aGUgdGltZXN0YW1wIGZyb20gdGhlIApmaWxlbmFtZXM6CiAgLSBDOlxQcm9ncmFtIEZpbGVzXE1pY3Jvc29mdFxFeGNoYW5nZSBTZXJ2ZXJcVjE1XFRyYW5zcG9ydFJvbGVzXExvZ3NcRnJvbnRFbmRcUHJvdG9jb2xMb2dcU210cFJlY2VpdmVcKi5MT0cKbGFiZWxzOgogIHR5cGU6IGV4Y2hhbmdlLXNtdHAKLS0tCnVzZV90aW1lX21hY2hpbmU6IHRydWUgI1Byb2Nlc3MgbG9ncyBhcyBpZiB3ZSB3ZXJlIHJlcGxheWluZyB0aGVtIHRvIGdldCB0aGUgdGltZXN0YW1wIGZyb20gdGhlIApmaWxlbmFtZXM6CiAgLSBDOlxQcm9ncmFtIEZpbGVzXE1pY3Jvc29mdFxFeGNoYW5nZSBTZXJ2ZXJcVjE1XExvZ2dpbmdcSW1hcDRcKi5MT0cKbGFiZWxzOgogIHR5cGU6IGV4Y2hhbmdlLWltYXAKLS0tCnVzZV90aW1lX21hY2hpbmU6IHRydWUgI1Byb2Nlc3MgbG9ncyBhcyBpZiB3ZSB3ZXJlIHJlcGxheWluZyB0aGVtIHRvIGdldCB0aGUgdGltZXN0YW1wIGZyb20gdGhlIApmaWxlbmFtZXM6CiAgLSBDOlxQcm9ncmFtIEZpbGVzXE1pY3Jvc29mdFxFeGNoYW5nZSBTZXJ2ZXJcVjE1XExvZ2dpbmdcUG9wM1wqLkxPRwpsYWJlbHM6CiAgdHlwZTogZXhjaGFuZ2UtcG9wCi0tLQojT1dBIGZhaWxlZCBhdHRlbXB0cyBhcmUgbG9nZ2VkIGluIHRoZSBzYW1lIHdheSBhcyBSRFAgZmFpbGVkIGF1dGggCnNvdXJjZTogd2luZXZlbnRsb2cKZXZlbnRfY2hhbm5lbDogU2VjdXJpdHkKZXZlbnRfaWRzOgogLSA0NjI1CmV2ZW50X2xldmVsOiBpbmZvcm1hdGlvbgpsYWJlbHM6CiB0eXBlOiBldmVudGxvZwpgYGA=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvZXhjaGFuZ2Utc210cC1sb2dzCiAgLSBjcm93ZHNlY3VyaXR5L2V4Y2hhbmdlLWltYXAtbG9ncwogIC0gY3Jvd2RzZWN1cml0eS9leGNoYW5nZS1wb3AtbG9ncwpzY2VuYXJpb3M6CiAgLSBjcm93ZHNlY3VyaXR5L2V4Y2hhbmdlLWJmCiAgLSBjcm93ZHNlY3VyaXR5L3dpbmRvd3MtYmYKY29sbGVjdGlvbnM6CiAgLSBjcm93ZHNlY3VyaXR5L3dpbmRvd3MKICAtIGNyb3dkc2VjdXJpdHkvaWlzCmRlc2NyaXB0aW9uOiAiRXhjaGFuZ2Ugc3VwcG9ydCA6IEJydXRlZm9yY2UgZGV0ZWN0aW9uIGZvciBPV0EsU01UUCxJTUFQIGFuZCBQT1AiCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gd2luZG93cwogIC0gaWlzCiAgLSBleGNoYW5nZQogIC0gYnJ1dGVmb3JjZQoK",
"description": "Exchange support : Bruteforce detection for OWA,SMTP,IMAP and POP",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/exchange-smtp-logs",
"crowdsecurity/exchange-imap-logs",
"crowdsecurity/exchange-pop-logs"
],
"scenarios": [
"crowdsecurity/exchange-bf",
"crowdsecurity/windows-bf"
],
"collections": [
"crowdsecurity/windows",
"crowdsecurity/iis"
]
},
"crowdsecurity/exim": {
"path": "collections/crowdsecurity/exim.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "f4a5ec5e7a5d52b4686e3c58481e098a231adc603e559bb3cb9aab888545eaa4",
"deprecated": false
}
},
"long_description": "IyMgRXhpbSBjb2xsZWN0aW9uCgpBIGNvbGxlY3Rpb24gZm9yIEV4aW0gbWFpbCBzZXJ2ZXIKICogZXhpbSBsb2cgcGFyc2VyCiAqIGV4aW0gc2NlbmFyaW8gZm9yIGJydXRlZm9yY2UgYW5kIHNwYW0gYXR0ZW1wdAoKCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbApmaWxlbmFtZXM6CiAgLSAvdmFyL2xvZy9leGltX21haW5sb2cKbGFiZWxzOgogIHR5cGU6IGV4aW0KYGBgCgoKbm90ZXMgOgogLSAgSWYgeW91IGFyZSB1c2luZyBgc3lzbG9nYCwgc2V0IHR5cGUgdG8gYHN5c2xvZ2AgaW5zdGVhZAogLSAgRGVwZW5kaW5nIG9uIHlvdXIgZGlzdHJpYnV0aW9uL09TLCBwYXRocyB0byBsb2cgZmlsZXMgbWlnaHQgY2hhbmdlCiAtICBPbmx5IHJlbGV2YW50IGlmIHlvdSBhcmUgbWFudWFsbHkgaW5zdGFsbGluZyBjb2xsZWN0aW9uCg==",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvZXhpbS1sb2dzCnNjZW5hcmlvczoKICAtIGNyb3dkc2VjdXJpdHkvZXhpbS1iZgogIC0gY3Jvd2RzZWN1cml0eS9leGltLXNwYW0KZGVzY3JpcHRpb246ICJleGltIHN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlZm9yY2Uvc3BhbSBkZXRlY3Rpb24iCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gbGludXgKICAtIHNwYW0KICAtIGJydXRlZm9yY2UK",
"description": "exim support : parser and bruteforce/spam detection",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/exim-logs"
],
"scenarios": [
"crowdsecurity/exim-bf",
"crowdsecurity/exim-spam"
]
},
"crowdsecurity/fastly": {
"path": "collections/crowdsecurity/fastly.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "6bac9453d3b274fc310b558fe41672ff09ac910463e3bea982b4f14cb3a7bf61",
"deprecated": false
}
},
"long_description": "IyMgRmFzdGx5IGNvbGxlY3Rpb24KCkEgY29sbGVjdGlvbiB0byBkZWZlbmQgZmFzdGx5IGFnYWluc3QgY29tbW9uIGh0dHAgYXR0YWNrcyA6CiAtIGZhc3RseSBkZWZhdWx0IGxvZyBmb3JtYXQgcGFyc2VyCiAtIGJhc2UgaHR0cCBzY2VuYXJpb3MgKGNyYXdsLCA0MDQgc2NhbiwgYmYgZXRjLikKCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbApmaWxlbmFtZXM6CiAgLSAvdmFyL2xvZy9mYXN0bHkvKi5sb2cKbGFiZWxzOgogIHR5cGU6IHN5c2xvZwogIGV4dGVybmFsX2Zvcm1hdDogZmFzdGx5CmBgYAoKbm90ZXMgOgogLSAgSWYgeW91IGFyZSB1c2luZyBgc3lzbG9nYCwgc2V0IHR5cGUgdG8gYHN5c2xvZ2AgaW5zdGVhZAogLSAgRGVwZW5kaW5nIG9uIHlvdXIgZGlzdHJpYnV0aW9uL09TLCBwYXRocyB0byBsb2cgZmlsZXMgbWlnaHQgY2hhbmdlCiAtICBPbmx5IHJlbGV2YW50IGlmIHlvdSBhcmUgbWFudWFsbHkgaW5zdGFsbGluZyBjb2xsZWN0aW9uCg==",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvZmFzdGx5LWxvZ3MKY29sbGVjdGlvbnM6CiAgLSBjcm93ZHNlY3VyaXR5L2Jhc2UtaHR0cC1zY2VuYXJpb3MKZGVzY3JpcHRpb246ICJmYXN0bHkgc3VwcG9ydCA6IHBhcnNlciBhbmQgZ2VuZXJpYyBodHRwIHNjZW5hcmlvcyIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSBmYXN0bHkKICAtIGh0dHAKICAtIGNyYXdsCiAgLSBzY2Fu",
"description": "fastly support : parser and generic http scenarios",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/fastly-logs"
],
"collections": [
"crowdsecurity/base-http-scenarios"
]
},
"crowdsecurity/freebsd": {
"path": "collections/crowdsecurity/freebsd.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "f2969de2e7c76a12e9c9f6a7797a62f184df6a2c188db2ac6b1e0914e342b59f",
"deprecated": false
}
},
"long_description": "Kipjb3JlIHBhY2thZ2UgZm9yIGZyZWVic2QqKgoKY29udGFpbnMgc3VwcG9ydCBmb3Igc3lzbG9nLCBkbyBub3QgcmVtb3ZlLgo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvc3lzbG9nLWxvZ3MKICAtIGNyb3dkc2VjdXJpdHkvZ2VvaXAtZW5yaWNoCiAgLSBjcm93ZHNlY3VyaXR5L2RhdGVwYXJzZS1lbnJpY2gKY29sbGVjdGlvbnM6CiAgLSBjcm93ZHNlY3VyaXR5L3NzaGQKZGVzY3JpcHRpb246ICJjb3JlIGZyZWVic2Qgc3VwcG9ydCA6IHN5c2xvZytnZW9pcCtzc2giCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gZnJlZWJzZCAKCg==",
"description": "core freebsd support : syslog+geoip+ssh",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/syslog-logs",
"crowdsecurity/geoip-enrich",
"crowdsecurity/dateparse-enrich"
],
"collections": [
"crowdsecurity/sshd"
]
},
"crowdsecurity/freeswitch": {
"path": "collections/crowdsecurity/freeswitch.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "3a7747ed253a57ef3f985cf18d1649fdea195db3608c6a162ccba43c3066b63a",
"deprecated": false
}
},
"long_description": "IyMgZnJlZXN3aXRjaCBjb2xsZWN0aW9uCgojIyMgRGVzY3JpcHRpb24KClRoaXMgY29sbGVjdGlvbiB3aWxsIHBhcnNlIGZyZWVzd2l0Y2ggbG9ncyBhbmQgYWN0IHVwb24gdGhlIGZvbGxvd2luZyBpbmZvcm1hdGlvbjoKCiogYGZyZWVzd2l0Y2gtdXNlci1lbnVtZXJhdGlvbmAgOiB3aGVuIGFuIElQIHRyaWVzIHRvIGVudW1lcmF0ZSB1c2VycwoqIGBmcmVlc3dpdGNoLXNsb3ctdXNlci1lbnVtZXJhdGlvbmAgOiB3aGVuIGFuIElQIHRyaWVzIHRvIGVudW1lcmF0ZSB1c2VycyBzbG93bHkKKiBgZnJlZXN3aXRjaC1iZmAgOiB3aGVuIGFuIElQIGhhcyBtb3JlIHRoYW4gNSBmYWlsZWQgYXR0ZW1wdHMgdG8gYXV0aGVudGljYXRlCiogYGZyZWVzd2l0Y2gtc2xvdy1iZmAgOiB3aGVuIGFuIElQIGhhcyBtb3JlIHRoYW4gMjAgZmFpbGVkIGF0dGVtcHRzIHRvIGF1dGhlbnRpY2F0ZQoqIGBmcmVlc3dpdGNoLWFjbC1yZWplY3RgIDogd2hlbiBhbiBJUCBpcyByZWplY3RlZCBieSB0aGUgQUNMIDE1IHRpbWVzCgojIyMgRXhhbXBsZSBhY3F1aXMueWFtbAogICAgCmBgYHlhbWwKZmlsZW5hbWU6IC92YXIvbG9nL2ZyZWVzd2l0Y2gvZnJlZXN3aXRjaC5sb2cKbGFiZWxzOgogICAgdHlwZTogZnJlZXN3aXRjaApgYGA=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvZnJlZXN3aXRjaApzY2VuYXJpb3M6CiAgLSBjcm93ZHNlY3VyaXR5L2ZyZWVzd2l0Y2gtdXNlci1lbnVtZXJhdGlvbgogIC0gY3Jvd2RzZWN1cml0eS9mcmVlc3dpdGNoLWJmCiAgLSBjcm93ZHNlY3VyaXR5L2ZyZWVzd2l0Y2gtYWNsLXJlamVjdApkZXNjcmlwdGlvbjogImZyZWVzd2l0Y2ggY29sbGVjdGlvbiIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSB2b2lw",
"description": "freeswitch collection",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/freeswitch"
],
"scenarios": [
"crowdsecurity/freeswitch-user-enumeration",
"crowdsecurity/freeswitch-bf",
"crowdsecurity/freeswitch-acl-reject"
]
},
"crowdsecurity/haproxy": {
"path": "collections/crowdsecurity/haproxy.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "41d5394188f55956e017cb3f851e93411dbf078b0176a0968dd7760b1ad5b2e5",
"deprecated": false
}
},
"long_description": "IyMgSGFwcm94eSBjb2xsZWN0aW9uCgpBIGNvbGxlY3Rpb24gdG8gZGVmZW5kIGhhcHJveHkgaHR0cCBhZ2FpbnN0IGNvbW1vbiBhdHRhY2tzIDoKIC0gaGFwcm94eSBodHRwIHBhcnNlcgogLSBiYXNlIGh0dHAgc2NlbmFyaW9zIChjcmF3bCwgNDA0IHNjYW4sIGJmIGV0Yy4pCgoKIyMgQWNxdWlzaXRpb24gdGVtcGxhdGUKCkV4YW1wbGUgYWNxdWlzaXRpb24gZm9yIHRoaXMgY29sbGVjdGlvbiA6CgpgYGB5YW1sCmZpbGVuYW1lczoKICAtIC92YXIvbG9nL2hhcHJveHkvKi5sb2cKbGFiZWxzOgogIHR5cGU6IGhhcHJveHkKYGBgCgoKbm90ZXMgOgogLSAgSWYgeW91IGFyZSB1c2luZyBgc3lzbG9nYCwgc2V0IHR5cGUgdG8gYHN5c2xvZ2AgaW5zdGVhZAogLSAgRGVwZW5kaW5nIG9uIHlvdXIgZGlzdHJpYnV0aW9uL09TLCBwYXRocyB0byBsb2cgZmlsZXMgbWlnaHQgY2hhbmdlCiAtICBPbmx5IHJlbGV2YW50IGlmIHlvdSBhcmUgbWFudWFsbHkgaW5zdGFsbGluZyBjb2xsZWN0aW9uCg==",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvaGFwcm94eS1sb2dzCmNvbGxlY3Rpb25zOgogIC0gY3Jvd2RzZWN1cml0eS9iYXNlLWh0dHAtc2NlbmFyaW9zCmRlc2NyaXB0aW9uOiAiaGFwcm94eSBzdXBwb3J0IDogcGFyc2VyIGFuZCBnZW5lcmljIGh0dHAgc2NlbmFyaW9zIgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIGxpbnV4CiAgLSBoYXByb3h5CiAgLSBjcmF3bAogIC0gc2NhbgoK",
"description": "haproxy support : parser and generic http scenarios",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/haproxy-logs"
],
"collections": [
"crowdsecurity/base-http-scenarios"
]
},
"crowdsecurity/home-assistant": {
"path": "collections/crowdsecurity/home-assistant.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "4af5665511aa35371d1abf2007505863c4e166a1637a51a47c5f7db49f2bdf76",
"deprecated": false
}
},
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvaG9tZS1hc3Npc3RhbnQtbG9ncwpzY2VuYXJpb3M6CiAgLSBjcm93ZHNlY3VyaXR5L2hvbWUtYXNzaXN0YW50LWJmCmRlc2NyaXB0aW9uOiAiSG9tZSBhc3Npc3RhbnQgc3VwcG9ydCA6IGxvZ3MgYW5kIGJydXRlLWZvcmNlIHNjZW5hcmlvIgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIGhvbWUtYXNzaXN0YW50CiAgLSBicnV0ZWZvcmNlCg==",
"description": "Home assistant support : logs and brute-force scenario",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/home-assistant-logs"
],
"scenarios": [
"crowdsecurity/home-assistant-bf"
]
},
"crowdsecurity/http-cve": {
"path": "collections/crowdsecurity/http-cve.yaml",
"version": "2.0",
"versions": {
"0.1": {
"digest": "30748e051a470c1bc91506ae63e8784cd054564f90ccc23eb655823fc30e3019",
"deprecated": false
},
"0.2": {
"digest": "bc244c864674e59cd36ec4781bb85b5f94f77562a28a65e6bb64da789cf97379",
"deprecated": false
},
"0.3": {
"digest": "8a33f5787f19100add139f53ae98978a2c265badaf99b09365a47d686baeb5b2",
"deprecated": false
},
"0.4": {
"digest": "f5a38fc37ff6a5aa80a1411fe75ba27d9691ebf3da96b6d169d2fecc052fb528",
"deprecated": false
},
"0.5": {
"digest": "f9be2b19b2c12d4b0d4fc10de95b3138c4ae19ccaa04975d1e6a242e1fc2abf4",
"deprecated": false
},
"0.6": {
"digest": "d385131b7c0763a6fe71d6544599e69d79e6ff97c92b2b253470b9b1632bb71a",
"deprecated": false
},
"0.7": {
"digest": "33d997a205be7dad55f5fadb1b56da3cd7a22b6333037af83132a948a6cc063f",
"deprecated": false
},
"0.8": {
"digest": "9a6f6b6afb19f4ecafa4cb195d96c3380d9f2b5621424a1ee296ae34dc29f814",
"deprecated": false
},
"0.9": {
"digest": "ff8e1e8b942d229cbe6de261b864fef4052b3c83018fe389b5441bd62c824d38",
"deprecated": false
},
"1.0": {
"digest": "c10453ceeb22dcdf11fa386fe072c9aa6ede4a76e7cc9940caa429d8ec8814d5",
"deprecated": false
},
"1.1": {
"digest": "d211c127d1295986dd11c1502295e538943baafcb04bab094b792f85531376f9",
"deprecated": false
},
"1.2": {
"digest": "e1a9c0a6a058d043717ce66c649f632161d9ea788a77c9ce92ad50ab231c920c",
"deprecated": false
},
"1.3": {
"digest": "537a00505f86acb335d66130e9e3d1cc867d99a26fe7d3a66904eb3ec57c3f43",
"deprecated": false
},
"1.4": {
"digest": "e07c151e8686c9cf5ba5f5cb1513c8edeb1e4d6ee6a3672a835a0441c3cfcff7",
"deprecated": false
},
"1.5": {
"digest": "97e3a10706edfa4ccb637673705d133e24ec8601f7199c7fd5884bd673778506",
"deprecated": false
},
"1.6": {
"digest": "f38f6f62c92971e1537992406128a5438962f8bea6b9fdd9d8eacd5fd5cb6485",
"deprecated": false
},
"1.7": {
"digest": "f7d7eb0b2c5257e689397ff696e85a56640f0819ef4695c47119927aefbf8c79",
"deprecated": false
},
"1.8": {
"digest": "a00340eb67ac16be546794135dd64ee2ae1709989d1d31ae7633de771bcec529",
"deprecated": false
},
"1.9": {
"digest": "74c4696ca67d82e18dd6188f8934699f0c3b10e8ccde318d9de2a6ca9c40f31c",
"deprecated": false
},
"2.0": {
"digest": "282fb0e5941d39b850f3199498fe282c69293c7f29892c80e16d28e4c452608d",
"deprecated": false
}
},
"long_description": "QSBjb2xsZWN0aW9uIG9mIGh0dHAgc3BlY2lmaWMgQ1ZFcyA6CgogLSBbQXBhY2hlIENWRS0yMDIxLTQxNzczXShodHRwczovL2N2ZS5jaXJjbC5sdS9jdmUvQ1ZFLTIwMjEtNDE3NzMpCiAtIFtBcGFjaGUgQ1ZFLTIwMjEtNDIwMTNdKGh0dHBzOi8vY3ZlLmNpcmNsLmx1L2N2ZS9DVkUtMjAyMS00MjAxMykKIC0gW0dyYWZhbmEgQ1ZFLTIwMjEtNDM3OThdKGh0dHBzOi8vY3ZlLmNpcmNsLmx1L2N2ZS9DVkUtMjAyMS00Mzc5OCkKIC0gW0ZvcnRpbmV0IENWRS0yMDE4LTEzMzc5XShodHRwczovL2N2ZS5jaXJjbC5sdS9jdmUvQ1ZFLTIwMTgtMTMzNzkpCiAtIFtQdWxzZSBTZWN1cmUgQ1ZFLTIwMTktMTE1MTBdKGh0dHBzOi8vY3ZlLmNpcmNsLmx1L2N2ZS9DVkUtMjAxOS0xMTUxMCkKIC0gW0Y1IEJJRy1JUCBDVkUtMjAyMC01OTAyXShodHRwczovL2N2ZS5jaXJjbC5sdS9jdmUvQ1ZFLTIwMjAtNTkwMikKIC0gW1RoaW5rUEhQIENWRS0yMDE4LTIwMDYyXShodHRwczovL2N2ZS5jaXJjbC5sdS9jdmUvQ1ZFLTIwMTgtMjAwNjIpCiAtIFtBcGFjaGUgTG9nNGoyIENWRS0yMDIxLTQ0MjI4XShodHRwczovL2N2ZS5jaXJjbC5sdS9jdmUvQ1ZFLTIwMjEtNDQyMjgpCiAtIFtWTXdhcmUgVk1TQS0yMDIxLTAwMjddKGh0dHBzOi8vd3d3LnZtd2FyZS5jb20vc2VjdXJpdHkvYWR2aXNvcmllcy9WTVNBLTIwMjEtMDAyNy5odG1sKQogLSBbQXRsYXNzaWFuIEppcmEgQ1ZFLTIwMjEtMjYwODZdKGh0dHBzOi8vY3ZlLmNpcmNsLmx1L2N2ZS9DVkUtMjAyMS0yNjA4NikKIC0gW1NwcmluZzRTaGVsbCBDVkUtMjAyMi0yMjk2NV0oaHR0cHM6Ly9jdmUubWl0cmUub3JnL2NnaS1iaW4vY3ZlbmFtZS5jZ2k/bmFtZT1DVkUtMjAyMi0yMjk2NSkKIC0gW1ZNd2FyZSBDVkUtMjAyMi0yMjk1NF0oaHR0cHM6Ly93d3cudm13YXJlLmNvbS9zZWN1cml0eS9hZHZpc29yaWVzL1ZNU0EtMjAyMi0wMDExLmh0bWwpCiAtIFtHTFBJIENWRS0yMDIyLTM1OTE0XShodHRwczovL252ZC5uaXN0Lmdvdi92dWxuL2RldGFpbC9DVkUtMjAyMi0zNTkxNCkKIC0gW0ZvcnRpbmV0IENWRS0yMDIyLTQwNjg0XShodHRwczovL3d3dy5ob3Jpem9uMy5haS9mb3J0aW9zLWZvcnRpcHJveHktYW5kLWZvcnRpc3dpdGNobWFuYWdlci1hdXRoZW50aWNhdGlvbi1ieXBhc3MtdGVjaG5pY2FsLWRlZXAtZGl2ZS1jdmUtMjAyMi00MDY4NC8pCiAtIFtDb25mbHVlbmNlIENWRS0yMDIyLTI2MTM0XShodHRwczovL2N2ZS5taXRyZS5vcmcvY2dpLWJpbi9jdmVuYW1lLmNnaT9uYW1lPUNWRS0yMDIyLTI2MTM0KQogLSBbVGV4dDRTaGVsbCBDVkUtMjAyMi00Mjg4OV0oaHR0cHM6Ly9jdmUubWl0cmUub3JnL2NnaS1iaW4vY3ZlbmFtZS5jZ2k/bmFtZT1DVkUtMjAyMi00Mjg4OSkKIC0gW0dob3N0IENNUyBDVkUtMjAyMi00MTY5N10oaHR0cHM6Ly9udmQubmlzdC5nb3YvdnVsbi9kZXRhaWwvQ1ZFLTIwMjItNDE2OTcpCiAtIFtDYWN0aSBDVkUtMjAyMi00NjE2OV0oaHR0cHM6Ly9udmQubmlzdC5nb3YvdnVsbi9kZXRhaWwvQ1ZFLTIwMjItNDYxNjkpCiAtIFtDZW50b3MgV2ViIFBhbmVsIDcgQ1ZFLTIwMjItNDQ4NzddKGh0dHBzOi8vbnZkLm5pc3QuZ292L3Z1bG4vZGV0YWlsL0NWRS0yMDIyLTQ0ODc3KQogLSBbVGVsZXJpayBVSSBDVkUtMjAxOS0xODkzNV0oaHR0cHM6Ly9jdmUubWl0cmUub3JnL2NnaS1iaW4vY3ZlbmFtZS5jZ2k/bmFtZT1DVkUtMjAxOS0xODkzNSkKCgo6d2FybmluZzogVGhpcyBjb2xsZWN0aW9uIGlzIF9ub3RfIGEgV0FGIGFuZCB0aGlzIGNvbGxlY3Rpb24gZG9lcyBfbm90XyBhaW1zIGF0IHJlcGxhY2luZyBhIFdBRi4KCkFzIHN1Y2gsIGFuIGF0dGFja2VyIG1pZ2h0IGJlIGFibGUgdG8gYnlwYXNzIHRob3NlIHNpZ25hdHVyZXMuCgo=",
"content": "c2NlbmFyaW9zOgogIC0gY3Jvd2RzZWN1cml0eS9odHRwLWN2ZS0yMDIxLTQxNzczCiAgLSBjcm93ZHNlY3VyaXR5L2h0dHAtY3ZlLTIwMjEtNDIwMTMKICAtIGNyb3dkc2VjdXJpdHkvZ3JhZmFuYS1jdmUtMjAyMS00Mzc5OAogIC0gY3Jvd2RzZWN1cml0eS92bXdhcmUtdmNlbnRlci12bXNhLTIwMjEtMDAyNwogIC0gY3Jvd2RzZWN1cml0eS9mb3J0aW5ldC1jdmUtMjAxOC0xMzM3OQogIC0gY3Jvd2RzZWN1cml0eS9wdWxzZS1zZWN1cmUtc3NsdnBuLWN2ZS0yMDE5LTExNTEwCiAgLSBjcm93ZHNlY3VyaXR5L2Y1LWJpZy1pcC1jdmUtMjAyMC01OTAyCiAgLSBjcm93ZHNlY3VyaXR5L3RoaW5rcGhwLWN2ZS0yMDE4LTIwMDYyCiAgLSBjcm93ZHNlY3VyaXR5L2FwYWNoZV9sb2c0ajJfY3ZlLTIwMjEtNDQyMjgKICAtIGNyb3dkc2VjdXJpdHkvamlyYV9jdmUtMjAyMS0yNjA4NgogIC0gY3Jvd2RzZWN1cml0eS9zcHJpbmc0c2hlbGxfY3ZlLTIwMjItMjI5NjUKICAtIGNyb3dkc2VjdXJpdHkvdm13YXJlLWN2ZS0yMDIyLTIyOTU0CiAgLSBjcm93ZHNlY3VyaXR5L0NWRS0yMDIyLTM3MDQyCiAgLSBjcm93ZHNlY3VyaXR5L0NWRS0yMDIyLTQxMDgyCiAgLSBjcm93ZHNlY3VyaXR5L0NWRS0yMDIyLTM1OTE0CiAgLSBjcm93ZHNlY3VyaXR5L0NWRS0yMDIyLTQwNjg0CiAgLSBjcm93ZHNlY3VyaXR5L0NWRS0yMDIyLTI2MTM0CiAgLSBjcm93ZHNlY3VyaXR5L0NWRS0yMDIyLTQyODg5CiAgLSBjcm93ZHNlY3VyaXR5L0NWRS0yMDIyLTQxNjk3CiAgLSBjcm93ZHNlY3VyaXR5L0NWRS0yMDIyLTQ2MTY5CiAgLSBjcm93ZHNlY3VyaXR5L0NWRS0yMDIyLTQ0ODc3CiAgLSBjcm93ZHNlY3VyaXR5L0NWRS0yMDE5LTE4OTM1CmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gd2ViCiAgLSBleHBsb2l0CiAgLSBjdmUKICAtIGh0dHAK",
"author": "crowdsecurity",
"labels": null,
"scenarios": [
"crowdsecurity/http-cve-2021-41773",
"crowdsecurity/http-cve-2021-42013",
"crowdsecurity/grafana-cve-2021-43798",
"crowdsecurity/vmware-vcenter-vmsa-2021-0027",
"crowdsecurity/fortinet-cve-2018-13379",
"crowdsecurity/pulse-secure-sslvpn-cve-2019-11510",
"crowdsecurity/f5-big-ip-cve-2020-5902",
"crowdsecurity/thinkphp-cve-2018-20062",
"crowdsecurity/apache_log4j2_cve-2021-44228",
"crowdsecurity/jira_cve-2021-26086",
"crowdsecurity/spring4shell_cve-2022-22965",
"crowdsecurity/vmware-cve-2022-22954",
"crowdsecurity/CVE-2022-37042",
"crowdsecurity/CVE-2022-41082",
"crowdsecurity/CVE-2022-35914",
"crowdsecurity/CVE-2022-40684",
"crowdsecurity/CVE-2022-26134",
"crowdsecurity/CVE-2022-42889",
"crowdsecurity/CVE-2022-41697",
"crowdsecurity/CVE-2022-46169",
"crowdsecurity/CVE-2022-44877",
"crowdsecurity/CVE-2019-18935"
]
},
"crowdsecurity/iis": {
"path": "collections/crowdsecurity/iis.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "045c579c8cbb0e1e15f76c22b6465d6113df4117e48ae018043c2c1c01cd4b42",
"deprecated": false
}
},
"long_description": "IyMgSUlTIGNvbGxlY3Rpb24KCkEgY29sbGVjdGlvbiBmb3IgSUlTIDoKIC0gSVNTIHBhcnNlciAob25seSBXM0MgZm9ybWF0IGlzIHN1cHBvcnRlZCwgd2l0aCB0aGUgZGVmYXVsdCBmb3JtYXQpCiAtIGJhc2UgaHR0cCBzY2VuYXJpb3MgZm9yIGNyYXdsLCBzY2FuIGV0Yy4KCk5vdGU6CiAtIElJUyB3aWxsIGJ1ZmZlciB0aGUgbG9ncyBpbiBtZW1vcnkgYmVmb3JlIHdyaXRpbmcgdGhlbSB0byB0aGUgbG9nIGZpbGUgKG9yIHRoZSBldmVudCBsb2cpLiBUaGUgZmx1c2ggaXMgZG9uZSBldmVyeSBtaW51dGUgb3IgZXZlcnkgNjRrQiBieSBkZWZhdWx0LCB0aGlzIGNhbiBsZWFkIHRvIHNvbWUgZmFsc2UgcG9zaXRpdmVzIG9uIGxvdyB0cmFmZmljIHdlYnNpdGVzLCBhcyBjcm93ZHNlYyB3aWxsIGJlIGEgc3VyZ2Ugb2YgbG9ncyBldmVyeSBtaW51dGUuIFRoaXMgY2FuIGJlIG1pdGlnYXRlZCBieSBzZXR0aW5nIHRoZSBgdXNlX3RpbWVfbWFjaGluZWAgc2V0dGluZ3MgdG8gdHJ1ZSBpbiB0aGUgcmVsZXZhbnQgc2VjdGlvbiBvZiB5b3VyIGFjcXVpc2l0aW9uIGNvbmZpZy4KCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gaWYgeW91IGxvZyB0byBhIGZpbGU6CgpgYGB5YW1sCnVzZV90aW1lX21hY2hpbmU6IHRydWUgI1Byb2Nlc3MgbG9ncyBhcyBpZiB3ZSB3ZXJlIHJlcGxheWluZyB0aGVtIHRvIGdldCB0aGUgdGltZXN0YW1wIGZyb20gdGhlIApmaWxlbmFtZXM6CiAgLSBDOlxpbmV0cHViXGxvZ3NcTG9nRmlsZXNcKlwqLmxvZwpsYWJlbHM6CiAgdHlwZTogaWlzCmBgYAoKRXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIGlmIHlvdSBsb2cgdG8gd2luZG93cyBldmVudHM6CmBgYHlhbWwKc291cmNlOiB3aW5ldmVudGxvZwpldmVudF9jaGFubmVsOiBNaWNyb3NvZnQtSUlTLUxvZ2dpbmcvTG9ncwpldmVudF9pZHM6CiAtIDYyMDAKZXZlbnRfbGV2ZWw6IGluZm9ybWF0aW9uCmxhYmVsczoKIHR5cGU6IGlpcwpgYGAK",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvaWlzLWxvZ3MKY29sbGVjdGlvbnM6CiAgLSBjcm93ZHNlY3VyaXR5L2Jhc2UtaHR0cC1zY2VuYXJpb3MKZGVzY3JpcHRpb246ICJJSVMgc3VwcG9ydCA6IHBhcnNlciBhbmQgZ2VuZXJpYyBodHRwIHNjZW5hcmlvcyAiCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0gd2luZG93cwogIC0gaWlzCiAgLSBjcmF3bAogIC0gc2NhbgoK",
"description": "IIS support : parser and generic http scenarios ",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/iis-logs"
],
"collections": [
"crowdsecurity/base-http-scenarios"
]
},
"crowdsecurity/iptables": {
"path": "collections/crowdsecurity/iptables.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "ba5c8e97c06b19e4c075e0285e6b60c1da3b86381c88c4bfea4b374378ced10a",
"deprecated": false
}
},
"long_description": "IyMgSXB0YWJsZXMvTmZ0YWJsZXMgY29sbGVjdGlvbgoKQSBjb2xsZWN0aW9uIGZvciBwb3J0c2NhbiBkZXRlY3Rpb24gdmlhIGlwdGFibGVzL25mdGFibGVzIDoKIC0gaXB0YWJsZXMvbmZ0YWJsZXMgcGFyc2VyIChsaWtlIGluIGAtaiBMT0dgKQogLSBtdWx0aSBwb3J0IHNjYW4gZGV0ZWN0aW9uCgojIyBBY3F1aXNpdGlvbiB0ZW1wbGF0ZQoKRXhhbXBsZSBhY3F1aXNpdGlvbiBmb3IgdGhpcyBjb2xsZWN0aW9uIDoKCmBgYHlhbWwKZmlsZW5hbWVzOgogIC0gL3Zhci9sb2cva2Vybi5sb2cKbGFiZWxzOgogIHR5cGU6IHN5c2xvZwpgYGAKCm5vdGVzIDoKIC0gIERlcGVuZGluZyBvbiB5b3VyIGRpc3RyaWJ1dGlvbi9PUywgcGF0aHMgdG8gbG9nIGZpbGVzIG1pZ2h0IGNoYW5nZQogLSAgT25seSByZWxldmFudCBpZiB5b3UgYXJlIG1hbnVhbGx5IGluc3RhbGxpbmcgY29sbGVjdGlvbgo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvaXB0YWJsZXMtbG9ncwpzY2VuYXJpb3M6CiAgLSBjcm93ZHNlY3VyaXR5L2lwdGFibGVzLXNjYW4tbXVsdGlfcG9ydHMKZGVzY3JpcHRpb246ICJpcHRhYmxlcyBzdXBwb3J0IDogbG9ncyBhbmQgcG9ydC1zY2FucyBkZXRlY3Rpb24gc2NlbmFyaW9zIgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIGxpbnV4CiAgLSBwb3J0c2NhbgogIC0gaXB0YWJsZXMKCg==",
"description": "iptables support : logs and port-scans detection scenarios",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/iptables-logs"
],
"scenarios": [
"crowdsecurity/iptables-scan-multi_ports"
]
},
"crowdsecurity/kasm": {
"path": "collections/crowdsecurity/kasm.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "4e228f3fca8480631574e00b5821384f846d1d9e636b6fa4461525a914ed790b",
"deprecated": false
}
},
"long_description": "IyMjIEtBU00gd29ya3NwYWNlcyBwYXJzZXIKClRoaXMgY29sbGVjdGlvbiBhZGQgcGFyc2VyIHN1cHBvcnQgZm9yIGthc20ganNvbiBsb2cgb3V0cHV0LCBhbHNvIGEgYmFzZSBzY2VuYXJpbyB0byBkZXRlY3QgYnJ1dGVmb3JjZSBsb2dpbiBhdHRlbXB0cy4KCmBgYHlhbWwKZmlsZW5hbWVzOgogIC0gL29wdC9rYXNtL2N1cnJlbnQvbG9nL2FwaV9zZXJ2ZXJfanNvbi5sb2cKbGFiZWxzOgogIHR5cGU6IGthc20KYGBg",
"content": "cGFyc2VyczoKI2dlbmVyaWMgcG9zdC1wYXJzaW5nIG9mIGh0dHAgc3R1ZmYKICAtIGNyb3dkc2VjdXJpdHkva2FzbS1sb2dzCnNjZW5hcmlvczoKICAtIGNyb3dkc2VjdXJpdHkva2FzbS1icnV0ZWZvcmNlCmRlc2NyaXB0aW9uOiAia2FzbSB3b3Jrc3BhY2VzIHN1cHBvcnQgOiBwYXJzZXIgYW5kIGJydXRlZm9yY2Ugc2NlbmFyaW8iCmF1dGhvcjogY3Jvd2RzZWN1cml0eQp0YWdzOgogIC0ga2FzbQogIC0gYnJ1dGVmb3JjZQo=",
"description": "kasm workspaces support : parser and bruteforce scenario",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/kasm-logs"
],
"scenarios": [
"crowdsecurity/kasm-bruteforce"
]
},
"crowdsecurity/linux": {
"path": "collections/crowdsecurity/linux.yaml",
"version": "0.2",
"versions": {
"0.1": {
"digest": "8d16483218a979b84549fb020b0342feea3d1f4951294b6994d33a9b7214842f",
"deprecated": false
},
"0.2": {
"digest": "baaa37b12b4d734fab81ae01ff81c58ceb7a99304f21e6bb6ff86b871ed6d5eb",
"deprecated": false
}
},
"long_description": "Kipjb3JlIHBhY2thZ2UgZm9yIGxpbnV4KioKCmNvbnRhaW5zIHN1cHBvcnQgZm9yIHN5c2xvZywgZG8gbm90IHJlbW92ZS4K",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvc3lzbG9nLWxvZ3MKICAtIGNyb3dkc2VjdXJpdHkvZ2VvaXAtZW5yaWNoCiAgLSBjcm93ZHNlY3VyaXR5L2RhdGVwYXJzZS1lbnJpY2gKY29sbGVjdGlvbnM6CiAgLSBjcm93ZHNlY3VyaXR5L3NzaGQKZGVzY3JpcHRpb246ICJjb3JlIGxpbnV4IHN1cHBvcnQgOiBzeXNsb2crZ2VvaXArc3NoIgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIGxpbnV4Cgo=",
"description": "core linux support : syslog+geoip+ssh",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/syslog-logs",
"crowdsecurity/geoip-enrich",
"crowdsecurity/dateparse-enrich"
],
"collections": [
"crowdsecurity/sshd"
]
},
"crowdsecurity/linux-lpe": {
"path": "collections/crowdsecurity/linux-lpe.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "a68ef0b517c988b50b3cdc0d84702b2f70e621d29378b9782b2e037bf6663458",
"deprecated": false
}
},
"long_description": "IyMgTG9jYWwgUHJpdmlsZWdlIEVzY2FsYXRpb24gRGV0ZWN0aW9uCgpUaGlzIGNvbGxlY3Rpb24gYWltcyBhdCBkZXRlY3RpbmcgKHdoZW4gcG9zc2libGUpIGxvY2FsIHByaXZpbGVnZSBlc2NhbGF0aW9uIGF0dGFja3MuCgogLSBDVkUtMjAyMS00MDM0IDogRGV0ZWN0IGV4cGxvaXRhdGlvbiBvZiBwa2V4ZWMgdnVsbmVyYWJpbGl0eQoKOndhcm5pbmc6IFBsZWFzZSBub3RlIHRob3NlIHNjZW5hcmlvcyBhcmUgZGV0ZWN0aW9uIG9ubHksIGFuZCBhcmUgdmVyeSBsaWtlbHkgdG8gYmUgYnlwYXNzZWQgYnkgc21hcnQgYXR0YWNrZXJzLCBkbyBub3QgcmVseSBzb2xlbHkgb24gdGhlbSA6d2FybmluZzoKCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbApmaWxlbmFtZXM6CiAgLSAvdmFyL2xvZy9hdXRoLmxvZwpsYWJlbHM6CiAgdHlwZTogc3lzbG9nCmBgYAoKbm90ZXMgOgogLSAgRGVwZW5kaW5nIG9uIHlvdXIgZGlzdHJpYnV0aW9uL09TLCBwYXRocyB0byBsb2cgZmlsZXMgbWlnaHQgY2hhbmdlCiAtICBPbmx5IHJlbGV2YW50IGlmIHlvdSBhcmUgbWFudWFsbHkgaW5zdGFsbGluZyBjb2xsZWN0aW9uCgo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvcGtleGVjLWxvZ3MKc2NlbmFyaW9zOgogIC0gY3Jvd2RzZWN1cml0eS9DVkUtMjAyMS00MDM0CmNvbGxlY3Rpb25zOgogIC0gY3Jvd2RzZWN1cml0eS9saW51eApkZXNjcmlwdGlvbjogIkxpbnV4IExvY2FsIFByaXZpbGVnZSBFc2NhbGF0aW9uIGNvbGxlY3Rpb24gOiBkZXRlY3QgdHJpdmlhbCBMUEVzIgphdXRob3I6IGNyb3dkc2VjdXJpdHkKdGFnczoKICAtIGxpbnV4CiAgLSBwcml2c2VjCiAgLSBscGUKCgo=",
"description": "Linux Local Privilege Escalation collection : detect trivial LPEs",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/pkexec-logs"
],
"scenarios": [
"crowdsecurity/CVE-2021-4034"
],
"collections": [
"crowdsecurity/linux"
]
},
"crowdsecurity/litespeed": {
"path": "collections/crowdsecurity/litespeed.yaml",
"version": "0.1",
"versions": {
"0.1": {
"digest": "c3bfb3dea73e8880ca0598b4ede129f0468361cadabd7ce214f92598348da97e",
"deprecated": false
}
},
"long_description": "IyMgTGl0ZXNwZWVkIGNvbGxlY3Rpb24KCkEgY29sbGVjdGlvbiB0byBkZWZlbmQgbGl0ZXNwZWVkIGFnYWluc3QgY29tbW9uIGF0dGFja3MgOgogLSBsaXRlc3BlZWQgcGFyc2VyCiAtIGJhc2UgaHR0cCBzY2VuYXJpb3MgKGNyYXdsLCA0MDQgc2NhbiwgYmYpCiAtIEJydXRlZm9yY2UgYWdhaW5zdCBsaXRlc3BlZWQgYWRtaW4gVUkKCiMjIEFjcXVpc2l0aW9uIHRlbXBsYXRlCgpFeGFtcGxlIGFjcXVpc2l0aW9uIGZvciB0aGlzIGNvbGxlY3Rpb24gOgoKYGBgeWFtbApmaWxlbmFtZXM6CiAgLSAvdXNyL2xvY2FsL2xzd3MvWU9VUlZIT1NUL2xvZ3MvKi5sb2cKICAtIC91c3IvbG9jYWwvbHN3cy9hZG1pbi9sb2dzLyoubG9nCiAgLSAvdXNyL2xvY2FsL2xzd3MvbG9ncy8qLmxvZwpsYWJlbHM6CiAgdHlwZTogbGl0ZXNwZWVkCmBgYAoKCm5vdGVzIDoKIC0gIElmIHlvdSBhcmUgdXNpbmcgYHN5c2xvZ2AsIHNldCB0eXBlIHRvIGBzeXNsb2dgIGluc3RlYWQKIC0gIERlcGVuZGluZyBvbiB5b3VyIGRpc3RyaWJ1dGlvbi9PUywgcGF0aHMgdG8gbG9nIGZpbGVzIG1pZ2h0IGNoYW5nZQogLSAgT25seSByZWxldmFudCBpZiB5b3UgYXJlIG1hbnVhbGx5IGluc3RhbGxpbmcgY29sbGVjdGlvbgo=",
"content": "cGFyc2VyczoKICAtIGNyb3dkc2VjdXJpdHkvbGl0ZXNwZWVkLWxvZ3MKY29sbGVjdGlvbnM6CiAgLSBjcm93ZHNlY3VyaXR5L2Jhc2UtaHR0cC1zY2VuYXJpb3MKc2NlbmFyaW9zOgogIC0gY3Jvd2RzZWN1cml0eS9saXRlc3BlZWQtYWRtaW4tYmYKZGVzY3JpcHRpb246ICJsaXRlc3BlZWQgc3VwcG9ydCA6IHBhcnNlciBhbmQgZ2VuZXJpYyBodHRwIHNjZW5hcmlvcyIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5CnRhZ3M6CiAgLSBsaXRlc3BlZWQKICAtIGNyYXdsCiAgLSBzY2FuCgo=",
"description": "litespeed support : parser and generic http scenarios",
"author": "crowdsecurity",
"labels": null,
"parsers": [
"crowdsecurity/litespeed-logs"
],
"scenarios": [