Commit Graph

200 Commits

Author SHA1 Message Date
Alejandro Ortuno
04f415c80b Added the sigma rules per OS 2020-10-08 13:23:11 +02:00
Florian Roth
d3ee1aba66 docs: MITRE ATT&CK(R) trademark references removed or adjusted
https://github.com/Neo23x0/sigma/issues/1028
2020-09-30 08:53:52 +02:00
Mike Wade
8ce73bd8df Fixed issues with tags and missing files 2020-09-15 06:10:57 -06:00
Mike Wade
52ab677798 Fixed my git issue 2020-09-13 22:03:04 -06:00
Florian Roth
de5444a81e
Merge pull request #989 from oscd-initiative/master
[OSCD Initiative][ATT&CK tags update]
2020-09-08 13:27:58 +02:00
Florian Roth
af3b93a522
Merge pull request #914 from omergunal/ogunal-2
New rules for Linux
2020-09-07 09:41:43 +02:00
Timur Zinniatullin
8dba6ceee6 2nd review 2020-08-25 09:31:38 +03:00
Timur Zinniatullin
1244cacfbf Update lnx_auditd_create_account.yml 2020-08-25 09:20:27 +03:00
Timur Zinniatullin
72fdf0da45
Update lnx_auditd_susp_cmds.yml 2020-08-04 20:00:30 +03:00
Timur Zinniatullin
4e688233d7 ATT&CK mapping update suggestions for \linux\ 2020-08-04 19:48:18 +03:00
Florian Roth
1c63a93643 fix: wrong casing in tag 2020-07-13 16:20:51 +02:00
viniciusvec
26f0d49772
Update lnx_shell_clear_cmd_history.yml
Renamed tags to match production MITRE: https://attack.mitre.org/techniques/T1070/003/
2020-07-13 14:06:14 +01:00
Ömer Günal
bee467dbd6
Rename lnx_setgid_setuid to lnx_setgid_setuid.yml 2020-07-13 01:36:20 +03:00
Ömer Günal
bf8f0307b7
Rename lnx_space_after_filename_ to lnx_space_after_filename_.yml 2020-07-13 01:33:59 +03:00
Ömer Günal
4b74a0df76
Create lnx_space_after_filename_ 2020-07-13 01:33:39 +03:00
Ömer Günal
c749aa2539
Create lnx_setgid_setuid 2020-07-13 01:33:09 +03:00
Ömer Günal
6b24a5df65
Create lnx_security_tools_disabling.yml 2020-07-13 01:32:24 +03:00
Ömer Günal
bdeca13825
Create lnx_proxy_connection.yml 2020-07-13 01:31:05 +03:00
Ömer Günal
708a28e307
Delete lnx_space_after_filename.yml 2020-07-13 01:26:37 +03:00
Ömer Günal
af6ad5a41b
Delete lnx_setuid_setgid.yml 2020-07-13 01:26:29 +03:00
Ömer Günal
64a9b6e098
Delete lnx_disabling_security_tools.yml 2020-07-13 01:26:11 +03:00
Ömer Günal
7466c8d425
Delete lnx_connection_proxy.yml 2020-07-13 01:26:03 +03:00
Ömer Günal
7ce16d1bbc
Update lnx_space_after_filename.yml 2020-07-13 01:07:32 +03:00
Ömer Günal
47a2f1bc94
Update lnx_space_after_filename.yml 2020-07-03 18:56:51 +03:00
Ömer Günal
51363d8a87
Update lnx_setuid_setgid.yml 2020-07-03 18:56:40 +03:00
Ömer Günal
87346d4b94
Update lnx_disabling_security_tools.yml 2020-07-03 18:56:30 +03:00
Ömer Günal
64afd6e7ee
Update lnx_connection_proxy.yml 2020-07-03 18:56:19 +03:00
Florian Roth
26d8810efb
Merge pull request #882 from Neo23x0/rule-devel
Rule devel
2020-07-03 15:33:55 +02:00
Florian Roth
8a0262d1a2 fix: in linux keyword expression 2020-07-03 15:08:20 +02:00
Florian Roth
5dd5b87f43 rule: guacamole exploitation detection 2020-07-03 13:20:03 +02:00
Florian Roth
fa452bf3e5
Merge pull request #849 from omergunal/ogunal-1
Rules for detecting suspicious remote file copy
2020-07-03 11:59:45 +02:00
Florian Roth
b9966a173c
Update lnx_file_copy.yml 2020-07-03 11:32:49 +02:00
Ömer Günal
4eb97ec43d
Update lnx_file_copy.yml 2020-06-22 21:35:50 +03:00
Ömer Günal
d17e0ae6eb
typo 2020-06-20 23:04:52 +03:00
Ömer Günal
93719d8a01
Merge pull request #1 from omergunal/omergunal-patch-1
Remote file copy
2020-06-18 23:56:29 +03:00
Ömer Günal
40a07a2d4f
Delete lnx_sudo_enumeration.yml 2020-06-18 23:55:24 +03:00
Ömer Günal
d87b0c95a4
Delete lnx_trap.yml 2020-06-18 23:55:16 +03:00
Ömer Günal
8db7c3207a
Delete lnx_sudo_caching.yml 2020-06-18 23:54:43 +03:00
Ömer Günal
5bc72b6cba
Delete lnx_space_after_filename.yml 2020-06-18 23:54:28 +03:00
Ömer Günal
f10440b9fa
Delete lnx_setuid_setgid.yml 2020-06-18 23:54:20 +03:00
Ömer Günal
6c8d104e7d
Delete lnx_disabling_security_tools.yml 2020-06-18 23:54:06 +03:00
Ömer Günal
84c4683607
Delete lnx_connection_proxy.yml 2020-06-18 23:53:43 +03:00
Ömer Günal
c6c455a3ec
Remote file copy 2020-06-18 23:37:49 +03:00
Ömer Günal
9bfc3d6807
Delete lnx_file_copy.yml 2020-06-18 23:37:12 +03:00
Ömer Günal
a963630db8
Remote File Copy 2020-06-18 23:36:29 +03:00
Ömer Günal
3a607abe33
Update lnx_trap.yml 2020-06-17 19:51:53 +03:00
Ömer Günal
7b86f4aefb
Update lnx_trap.yml 2020-06-17 19:47:31 +03:00
Ömer Günal
ebbd32d2e1
file extension 2020-06-17 19:43:57 +03:00
Ömer Günal
f989f7e155
file extension 2020-06-17 19:43:49 +03:00
Ömer Günal
772c03c49a
Connection Proxy 2020-06-17 19:39:55 +03:00