valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 17:58:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,582 Commits 20 Branches 25 Tags 21 MiB
383953c74e
Commit Graph

3582 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Thomas Patzke
97847a29de Moved network rules into rules directory 2017-02-08 12:43:50 +01:00
Thomas Patzke
a7c1409fc6 Added 'Network Scan' rule (#1) 
* Added possibility for multiple OR-linked conditions
 2017-02-08 12:41:32 +01:00
Florian Roth
1307a45fd5 Moved rules to a separate directory 2017-02-07 00:44:40 +01:00
Florian Roth
ee6cad91fb Update README.md 2017-02-07 00:24:37 +01:00
Florian Roth
a69c7e3cf7 Update README.md 2017-02-07 00:24:10 +01:00
Florian Roth
411cc8b7af Wiki title image 2017-02-06 20:04:51 +01:00
Florian Roth
03c0ea7aa2 README Update 2017-02-06 20:03:57 +01:00
Florian Roth
810758a9f5 Rew rule examples: RC4 Kerberos, JAVA remote debugging process 2017-02-06 20:03:42 +01:00
Thomas Patzke
e7d62f8fbe Added 'multiple_suspicious_response_codes_single_source' web rule 2017-01-11 20:47:44 +01:00
Thomas Patzke
97511f7c1e Replicated 'susp_failed_logons_single_source' to Linux. 2017-01-11 20:47:28 +01:00
Thomas Patzke
775323deef Added experimental web 'shell_spawn' rule 2017-01-11 20:47:21 +01:00
Thomas Patzke
b202822ef2 Added status classification to specification 2017-01-11 20:45:57 +01:00
Thomas Patzke
1ad5d2555a Update of specification 2017-01-11 20:45:37 +01:00
Thomas Patzke
d31614af9c Consistency between format description and examples 
- description/comment -> title/description
- addition of reference
 2017-01-11 20:45:01 +01:00
Thomas Patzke
68cc0770e8 The poor VI(M) users with their swp's! 2017-01-11 20:44:47 +01:00
Thomas Patzke
c2f3ee25a8 Fixed single quote balance 2017-01-11 20:44:36 +01:00
Thomas Patzke
6125875d2d Simplification of aggregation comparison expression 
Parenthesis around aggregation expression should be optional. Parser
would handle this through operator precedence.
 2017-01-11 20:43:34 +01:00
Florian Roth
ffda754d53 Remove implicit selection number, first Sysmon example 2017-01-10 15:05:19 +01:00
Florian Roth
bb02bf93d4 Update README.md 2017-01-08 17:40:40 +01:00
Florian Roth
8ee9c37811 README Update Specs 1 2017-01-07 22:39:06 +01:00
Florian Roth
b446fb39f7 Updated examples 2016-12-27 23:09:41 +01:00
Florian Roth
5f0a227053 Example Updates 2016-12-27 14:49:59 +01:00
Florian Roth
d0beeaa8ed Update README.md 2016-12-26 11:14:15 +01:00
Florian Roth
f589e93e29 Image Update 2016-12-26 02:29:18 +01:00
Florian Roth
796f4b260f Description image update 2016-12-26 02:25:18 +01:00
Florian Roth
aab4d81bae Update README.md 2016-12-26 02:23:34 +01:00
Florian Roth
e01646ec9e Examples and Image 2016-12-26 02:21:55 +01:00
Florian Roth
87deb349ad First Example Set - Builtin 2016-12-24 12:23:53 +01:00
Florian Roth
12a96ed0d8 Update README.md 2016-12-24 11:56:10 +01:00
Florian Roth
23ae5310cb Logo Update 2016-12-24 11:55:54 +01:00
Florian Roth
33cc05eca7 Logo 2016-12-24 11:54:14 +01:00
Florian Roth
5d687e5a27 Initial commit 2016-12-24 10:48:49 +01:00