valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 17:58:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
6,787 Commits 20 Branches 25 Tags 21 MiB
38b9e942c1
Commit Graph

120 Commits

Author SHA1 Message Date
G Y
544ec5861b
Update web_nginx_core_dump.yml 
Fixed typo in description field.
 2021-07-03 10:39:37 +08:00
Florian Roth
f438039af9
Update web_cve_2021_22893_pulse_secure_rce_exploit.yml 2021-07-01 09:49:01 +02:00
Sittikorn S
c9ce298b2e
Update web_cve_2021_22893_pulse_secure_rce_exploit.yml 
remove http response
 2021-06-29 17:49:01 +07:00
Sittikorn S
14d1c68cc8
Update web_cve_2021_22893_pulse_secure_rce_exploit.yml 2021-06-29 15:19:22 +07:00
Sittikorn S
67f483e6a9
Update web_cve_2021_22893_pulse_secure_rce_exploit.yml 2021-06-29 14:17:27 +07:00
Sittikorn S
c446c519cf
Update web_cve_2021_22893_pulse_secure_rce_exploit.yml 2021-06-29 13:59:08 +07:00
Sittikorn S
f3c1d78615
Create web_cve_2021_22893_pulse_secure_rce_exploit.yml 2021-06-29 13:56:30 +07:00
Florian Roth
ab73dd4dd6 rule: nginx core dump 2021-05-31 10:49:42 +02:00
Florian Roth
02323043d7 Create web_cve_2021_26814_wzuh_rce.yml 2021-05-22 15:45:38 +02:00
Florian Roth
3cf1be9e8d rule: exchange vulnerability CVE-2021-28480 2021-05-14 10:08:41 +02:00
Josh Brower
af09dd8e3c
Clean up: Webshell ReGeorg Detection 2021-04-05 13:01:10 -04:00
Florian Roth
428db0c74a
Merge pull request #1382 from d4rk-d4nph3/master 
Added rule for CVE-2021-21978 in VMware View Planner
 2021-03-29 11:22:56 +02:00
Bhabesh Rai
a58c5ed7cc Added rule for CVE-2021-21978 in VMware View Planner 2021-03-10 18:05:15 +05:45
Florian Roth
dca5c870d7
Merge pull request #1374 from hieuttmmo/master 
Detect HAFNIUM operations
 2021-03-09 09:16:52 +01:00
Florian Roth
62b65a3578
Merge pull request #1375 from SigmaHQ/rule-devel 
fix: description
 2021-03-04 17:35:53 +01:00
Florian Roth
bea2f226c6 fix: description 2021-03-04 17:35:25 +01:00
Tran Trung Hieu
5f74a58081 Detect HAFNIUM operations 2021-03-04 00:01:54 +07:00
Florian Roth
9e921115bc
Merge pull request #1373 from SigmaHQ/rule-devel 
HAFNIUM rule
 2021-03-03 10:34:08 +01:00
Florian Roth
d8ded5ebdc refactor: changed symbols after feedback from Volexity 2021-03-03 10:15:45 +01:00
Florian Roth
e17986ebd3 rule: HAFNIUM Exchange exploitation 2021-03-03 09:58:43 +01:00
Florian Roth
73a3a1e5cd
Merge pull request #1360 from d4rk-d4nph3/master 
Added sigma rule for vSphere RCE CVE-2021-21972
 2021-03-03 09:32:05 +01:00
Florian Roth
8c95f90075
Update web_vsphere_cve_2021_21972_unauth_rce_exploit.yml 2021-03-03 09:08:24 +01:00
Bhabesh Rai
e1dff01cea Added sigma rule for vSphere RCE CVE-2021-21972 2021-02-24 23:48:08 +05:45
Florian Roth
96803a5a27
Merge pull request #1355 from Neo23x0/rule-devel 
Rule devel
 2021-02-22 17:46:21 +01:00
Florian Roth
aea03076c2 rule: simplified rule 2021-02-22 17:19:14 +01:00
Florian Roth
43b2ad580f rule: DEWMODE webshell 2021-02-22 17:15:32 +01:00
Florian Roth
f62fc2e889
Merge pull request #1341 from d4rk-d4nph3/master 
Added rule for TerraMaster TOS CVE-2020-28188
 2021-02-18 11:17:48 +01:00
Bhabesh Rai
a8d33171d7 Fixed c-uri 2021-02-02 10:23:47 +05:45
Florian Roth
6b9eef58da
Merge pull request #1338 from Neo23x0/rule-devel 
Improved UNC2452 activity rules
 2021-01-25 14:36:44 +01:00
Florian Roth
a4bec724a6 rule: SonicWall exploitation 2021-01-25 11:54:23 +01:00
Bhabesh Rai
465ab713b0 Added rule for TerraMaster TOS CVE-2020-28188 2021-01-25 13:01:27 +05:45
Bhabesh Rai
dac229a8bb Added rule for Oracle WebLogic Exploit CVE-2021-2109 2021-01-20 14:28:18 +05:45
Florian Roth
30dcc28a1f Cisco ASA FTD Exploit CVE-2020-3452 2021-01-07 13:17:58 +01:00
Florian Roth
0a83f91386
Merge pull request #1321 from d4rk-d4nph3/master 
Fixed typo in file format
 2020-12-28 09:13:48 +01:00
Bhabesh Rai
bf77c8266a Fixed typo in file format 2020-12-28 11:46:02 +05:45
Florian Roth
896fc21911
Merge pull request #1320 from d4rk-d4nph3/master 
Added rule for CVE-2020-10148 SolarWinds Orion API Authentication Bypass
 2020-12-27 20:37:36 +01:00
Florian Roth
a6212a4490
style: some minor style changes 2020-12-27 20:06:19 +01:00
Bhabesh Rai
1cfad987b0 Added rule for CVE-2020-10148 SolarWinds Orion API Authentication Bypass 2020-12-27 17:34:49 +05:45
Florian Roth
821af35557
Merge pull request #1313 from Neo23x0/rule-devel 
Rule devel
 2020-12-23 13:57:11 +01:00
Florian Roth
e67d17a967 rule: improved solarwinds webshell rule 2020-12-22 10:36:34 +01:00
Florian Roth
e78d7e6aee
Merge pull request #1296 from mat-gas/fix-references 
fix "references" field + add test for references in plural form
 2020-12-21 18:25:35 +01:00
Florian Roth
9c8e1387a9 rule: Solarwinds SUPERNOVA web shell access 2020-12-17 09:05:08 +01:00
Florian Roth
cfe60d180b
Merge pull request #1301 from d4rk-d4nph3/master 
Added rule for Fortinet CVE-2018-13379 preauth file read exploitation.
 2020-12-08 11:09:51 +01:00
Florian Roth
2c642c64d2
Removed a value 2020-12-08 10:38:32 +01:00
Florian Roth
a87a81d8cc
Update web_fortinet_cve_2018_13379_preauth_read_exploit.yml 2020-12-08 10:33:52 +01:00
Bhabesh Rai
3ddf940812 Added rule for Fortinet CVE-2018-13379 preauth file read exploitation. 2020-12-08 14:46:47 +05:45
mat
b3e36281b5 fix reference field + add test for references in plural form 2020-11-27 10:17:45 +01:00
Florian Roth
908023fa66 rule: added second expression 2020-11-04 16:43:35 +01:00
Florian Roth
f848bb912c rule: reworked weblogic CVE-2020-14882 rule 2020-11-03 10:39:40 +01:00
Florian Roth
dd0d1d053c rule: WebLogic exploit CVE-2020-14882 2020-11-02 11:11:37 +01:00