SigmaHQ

mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-08 10:13:57 +00:00

Author	SHA1	Message	Date
Florian Roth	2cf6e16024	fix: missing new MITRE tactics category in tests	2019-11-14 23:31:38 +01:00
Thomas Patzke	238adf9eea	Improved rule test * Added ATT&CK technique * Removed invalid tags	2019-11-08 22:03:19 +01:00
Thomas Patzke	ef14ee542d	Added modifiers: startswith and endswith	2019-11-05 23:04:13 +01:00
Thomas Patzke	fc276612b6	Added encoding modifiers	2019-10-16 23:52:06 +02:00
Thomas Patzke	c80cb418cd	Improved QRadar regular expression support	2019-09-05 15:35:26 +02:00
Thomas Patzke	59a6a0c523	Added ATT&CK technique to rule test	2019-08-25 10:13:11 +02:00
Thomas Patzke	a65a9655f4	Fixed config naming in es-qs query backend test	2019-08-02 08:25:21 +02:00
Thomas Patzke	0ca15e5c5e	Added test case for value modifiers	2019-07-16 23:14:55 +02:00
Thomas Patzke	4559aa4e00	Fixed es-qs backend check	2019-04-23 00:05:36 +02:00
Thomas Patzke	87abd20c0f	Removed deprecated PyYAML API from rule test	2019-04-22 23:21:08 +02:00
Florian Roth	d0950bd077	fix: yaml.load() issue https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation	2019-04-21 20:30:31 +02:00
Thomas Patzke	5e973a6321	Fixes and CI testing of --backend-config	2019-03-15 23:46:38 +01:00
Tareq AlKhatib	7f4557d183	Enabled check for process_creation	2019-03-09 21:00:11 +03:00
Tareq AlKhatib	c3b079990a	Properly end anchored the regex	2019-03-09 19:23:50 +03:00
Tareq AlKhatib	be2ca8dc4d	Added checks for Sysmon 1 or EID 4688 instead of process_creation	2019-03-02 20:51:49 +03:00
Thomas Patzke	c922f7d73f	Merge branch 'master' into project-1	2019-02-26 00:24:46 +01:00
Tareq AlKhatib	ae62acf3d2	Added a test for duplicate filters and a test for Source: Eventlog	2019-02-18 21:05:58 +03:00
Tareq AlKhatib	97b28f4308	Added a test for unnecessary use of '1 of them' in condition	2019-02-13 21:27:27 +03:00
Tareq AlKhatib	cd2af196e3	Corrected path to rules	2019-01-25 12:25:51 +03:00
Tareq AlKhatib	96220e776f	Added a test to check for duplicate filters in rules	2019-01-25 12:22:28 +03:00
Thomas Patzke	3c7f46a6cd	Added rule test to CI testing	2019-01-23 23:31:36 +01:00
Tareq AlKhatib	e3d61047bb	Added two tests. One for MITRE and another for file extension.	2019-01-22 21:25:13 +03:00
Thomas Patzke	a9cf14438c	Merge branch 'master' into project-1	2019-01-14 22:36:15 +01:00
Thomas Patzke	0e4842962b	Added tests	2018-11-04 22:16:20 +01:00
tuckner	bd5b823725	Removed specific NetWintess config from test	2018-10-31 14:32:13 -05:00
tuckner	26f73d60fa	Added NetWitness backend and tests	2018-10-31 14:07:59 -05:00
Thomas Patzke	44ff9d154e	Increased test coverage for mapping corner cases	2018-10-16 14:53:12 +02:00
Thomas Patzke	e411039b56	Fixed escaping of \u in Elasticsearch Query String queries	2018-05-01 00:05:16 +02:00
Thomas Patzke	15a6c5efb5	Detailed error messages for failed queries	2018-04-12 00:20:54 +02:00
Thomas Patzke	aeda30a389	Python rewrite of es-qs query test	2018-04-11 23:59:44 +02:00
Thomas Patzke	788111f174	Fixes for Elasticsearch query correctness CI tests * Quoting in rule * Reading queries without special processing of backslashes Unfortunately, backslashes still cause breaks caused by Bash handling of them.	2018-04-09 22:33:29 +02:00
Thomas Patzke	24d94d39b8	CI: Testing backend es-qs against Elasticsearch	2018-04-04 00:32:48 +02:00
Thomas Patzke	d82a78fa3d	Finalizing PyPI release * Removed .py suffix from command line tools * sigmac tells when it does nothing and prints usage notice * Makefile upload target * minor changes	2017-12-08 23:50:08 +01:00
Thomas Patzke	3b9ff57a38	Added merge_sigma tool * Tests * Restructured Makefile	2017-11-14 22:17:18 +01:00
Thomas Patzke	e90ff2d991	Improved testing * Added collection test case * Test of file output	2017-11-01 21:14:11 +01:00
Thomas Patzke	65e1f8ec2b	Increased test coverage * more tests * removed unneeded code * increased coverage fail threshold	2017-10-23 23:30:44 +02:00
Thomas Patzke	ec996e7353	Improved test coverage	2017-10-19 17:42:56 +02:00

37 Commits