valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 09:48:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,032 Commits 20 Branches 25 Tags 21 MiB
525326d15f
Commit Graph

29 Commits

Author SHA1 Message Date
megan201296
525326d15f
Fix typo 2018-09-06 20:20:11 -05:00
Florian Roth
1134051fba
Update web_cve_2018_2894_weblogic_exploit.yml 
Ah, we could do it this way *.js*
 2018-07-23 06:19:25 -06:00
Florian Roth
03a64cca74
Update web_cve_2018_2894_weblogic_exploit.yml 
We try to avoid false positives
 2018-07-23 06:18:38 -06:00
MATTHEW CARR
dfb77e936d
Update web_cve_2018_2894_weblogic_exploit.yml 
To detect all possible extensions .jspx, .jsw, .jsv, and .jspf
 2018-07-23 07:41:47 +02:00
Florian Roth
0f1b440b91 Rule: widened the CVE-2018-2894 WebLogic rule 
https://twitter.com/lo_security/status/1021148314308358144
 2018-07-22 20:36:10 -06:00
Florian Roth
ffb0cf5ed5 Rule: CVE-2018-2894 Oracle WebLogic exploit and webshell drop 2018-07-22 15:09:45 -06:00
SherifEldeeb
48441962cc Change All "str" references to be "list"to mach schema update 2018-01-28 02:24:16 +03:00
SherifEldeeb
112a0939d7 Change "reference" to "references" to match new schema 2018-01-28 02:12:19 +03:00
Thomas Patzke
9adaf4c411 Cleanup 2017-12-07 16:21:02 +01:00
Björn Kimminich
8a8387c43e
SQL Injection error message patterns 
Rule file that detects error messages from different DB providers that would occur during SQL Injection probing
 2017-11-27 22:52:17 +01:00
Thomas Patzke
6b8a5aea4a Added vhost field to web rules 2017-09-17 00:20:17 +02:00
Thomas Patzke
986c9ff9b7 Added field names to first rules 2017-09-12 23:54:04 +02:00
Thomas Patzke
5c465129bd Fixed rules 
* Replaced unspecified logsource attribute 'type' with 'category'
* Usage of service 'auth' for linux logs
 2017-09-11 00:35:52 +02:00
Thomas Patzke
7ba62b791c Application security rules 
* reorganization into separate folder
* adding category
* minor tweaks
 2017-08-12 00:43:10 +02:00
Thomas Patzke
1d3b8e58bd Fixed description 2017-08-06 23:22:31 +02:00
Thomas Patzke
0795d14b41 Spring framework security exceptions rule 2017-08-06 23:21:53 +02:00
Thomas Patzke
f0e6c28e8b Added Ruby on Rails security-related exceptions rule 2017-08-06 22:57:52 +02:00
Thomas Patzke
98f99cebc0 Added author attribute 2017-08-05 23:56:13 +02:00
Thomas Patzke
f58c1b768b Django security errors 2017-08-05 00:56:05 +02:00
Florian Roth
9fd375c130 Bugfix: Added time frame to correlation rule 2017-03-12 17:11:29 +01:00
Florian Roth
2e0632b05f Rule: Linux: buffer overflows 2017-03-01 08:38:33 +01:00
Florian Roth
9c8ed4c0b1 Apache segmentation fault rule 2017-02-28 17:53:06 +01:00
Thomas Patzke
fdbadb8e6e Rule fix 
Fixed condition in webshell keyowrd rule.
 2017-02-22 22:42:35 +01:00
Florian Roth
cd6e24c5ff Added "logsource" sections and new rule 2017-02-19 00:31:59 +01:00
Florian Roth
18fd63f6b7 Levels to low, medium, high, critical 2017-02-16 18:06:22 +01:00
Thomas Patzke
88270fcf2d Rule review and cleanup 
* removed unnecessary one element lists from definitions
* converted some lists of one element maps to maps because the resulting
  OR linkage would cause wrong result.
 2017-02-15 23:53:08 +01:00
Florian Roth
04ea201817 New rules and cleanup 2017-02-12 15:50:39 +01:00
Florian Roth
a2adb1ddb5 Renamed rule files, new rules 2017-02-10 19:17:02 +01:00
Florian Roth
1307a45fd5 Moved rules to a separate directory 2017-02-07 00:44:40 +01:00