19 Commits

Author	SHA1	Message	Date
Florian Roth	aa5ce18abc	feat: support of new MITRE ATT&CK tags	2020-01-30 08:55:44 +01:00
Florian Roth	7bf472834b	feat: colorized error messages	2020-01-30 08:50:22 +01:00
Florian Roth	9d96b7c1a3	fix: print_error function not global	2020-01-30 08:39:58 +01:00
Florian Roth	fe6c30fa59	feat: colorized output in test	2020-01-30 08:37:47 +01:00
Florian Roth	5e59bbb3c3	Added MITRE ATT&CK Technique T1482 ... https://attack.mitre.org/techniques/T1482/	2019-12-28 16:02:26 +01:00
Florian Roth	2cf6e16024	fix: missing new MITRE tactics category in tests	2019-11-14 23:31:38 +01:00
Thomas Patzke	238adf9eea	Improved rule test ... * Added ATT&CK technique * Removed invalid tags	2019-11-08 22:03:19 +01:00
Thomas Patzke	59a6a0c523	Added ATT&CK technique to rule test	2019-08-25 10:13:11 +02:00
Thomas Patzke	87abd20c0f	Removed deprecated PyYAML API from rule test	2019-04-22 23:21:08 +02:00
Florian Roth	d0950bd077	fix: yaml.load() issue ... https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation	2019-04-21 20:30:31 +02:00
Tareq AlKhatib	7f4557d183	Enabled check for process_creation	2019-03-09 21:00:11 +03:00
Tareq AlKhatib	c3b079990a	Properly end anchored the regex	2019-03-09 19:23:50 +03:00
Tareq AlKhatib	be2ca8dc4d	Added checks for Sysmon 1 or EID 4688 instead of process_creation	2019-03-02 20:51:49 +03:00
Tareq AlKhatib	ae62acf3d2	Added a test for duplicate filters and a test for Source: Eventlog	2019-02-18 21:05:58 +03:00
Tareq AlKhatib	97b28f4308	Added a test for unnecessary use of '1 of them' in condition	2019-02-13 21:27:27 +03:00
Tareq AlKhatib	cd2af196e3	Corrected path to rules	2019-01-25 12:25:51 +03:00
Tareq AlKhatib	96220e776f	Added a test to check for duplicate filters in rules	2019-01-25 12:22:28 +03:00
Thomas Patzke	3c7f46a6cd	Added rule test to CI testing	2019-01-23 23:31:36 +01:00
Tareq AlKhatib	e3d61047bb	Added two tests. One for MITRE and another for file extension.	2019-01-22 21:25:13 +03:00