valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-06 17:35:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
77c6b74c72
SigmaHQ/rules/linux
History
f.hubaut e66007a43d fix file name case
2021-08-26 11:15:33 +02:00
..
auditd fix file name case 2021-08-26 11:15:33 +02:00
modsecurity Fixed my git issue 2020-09-13 22:03:04 -06:00
at_command.yml Update at_command.yml 2020-10-16 22:49:40 +03:00
lnx_apt_equationgroup_lnx.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_base64_decode.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00
lnx_buffer_overflows.yml fixed various spelling errors all over rules and source code 2021-02-24 14:43:13 +00:00
lnx_clamav.yml restore original rule 2020-11-30 01:31:00 +01:00
lnx_clear_logs.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
lnx_file_and_directory_discovery.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
lnx_file_copy.yml fix: Correct broken rules, add documentation 2021-08-13 15:46:30 +02:00
lnx_file_deletion.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
lnx_install_root_certificate.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00
lnx_ldso_preload_injection.yml new rule detecting ld.so preload persistence by keyword 2021-05-05 15:12:07 +02:00
lnx_local_account.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00
lnx_local_groups.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00
lnx_network_service_scanning.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00
lnx_process_discovery.yml Fix selection with only 1 element 2021-08-14 09:54:27 +02:00
lnx_proxy_connection.yml restore original rule 2020-11-30 01:32:06 +01:00
lnx_remote_system_discovery.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00
lnx_schedule_task_job_cron.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00
lnx_security_software_discovery.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00
lnx_security_tools_disabling.yml Replace old mitre techniques by new one 2021-08-22 13:57:56 +02:00
lnx_setgid_setuid.yml restore the rule 2020-11-28 18:53:13 +01:00
lnx_shell_clear_cmd_history.yml Updated ART reference links from .yaml 2021-07-06 17:39:25 +08:00
lnx_shell_priv_esc_prep.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_shell_susp_commands.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_shell_susp_log_entries.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_shell_susp_rev_shells.yml fixed various spelling errors all over rules and source code 2021-02-24 14:43:13 +00:00
lnx_shellshock.yml refactor: extended shellshock rule 2021-04-28 11:47:24 +02:00
lnx_space_after_filename_.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_ssh_cve_2018_15473.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_sudo_cve_2019_14287.yml Replace old mitre techniques by new one 2021-08-22 13:57:56 +02:00
lnx_susp_failed_logons_single_source.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_susp_guacamole.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_susp_jexboss.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_susp_named.yml Update lnx_susp_named.yml 2020-11-29 21:31:54 +01:00
lnx_susp_ssh.yml restore the original file 2020-11-29 21:30:50 +01:00
lnx_susp_vsftp.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_symlink_etc_passwd.yml fix: linux keywords rule 2021-05-05 12:56:24 +02:00
lnx_system_info_discovery.yml Fix auditd is a service 2021-05-30 08:58:25 +02:00
lnx_system_network_connections_discovery.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00
lnx_system_network_discovery.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
macos_applescript.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00
macos_base64_decode.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00
macos_binary_padding.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00
macos_change_file_time_attr.yml fix: duplicate UUIDs 2021-05-27 10:29:21 +02:00
macos_clear_system_logs.yml Fix selection with only 1 element 2021-08-14 09:54:27 +02:00
macos_create_account.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
macos_create_hidden_account.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
macos_creds_from_keychain.yml Changed selections and condition 2020-11-27 19:23:31 +01:00
macos_disable_security_tools.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
macos_emond_launch_daemon.yml Sigma rule 2020-10-23 10:16:59 +02:00
macos_file_and_directory_discovery.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
macos_find_cred_in_files.yml fix: duplicate UUIDs 2021-05-27 10:29:21 +02:00
macos_gui_input_capture.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00
macos_local_account.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00
macos_local_groups.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
macos_network_service_scanning.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00
macos_network_sniffing.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
macos_remote_system_discovery.yml fix: duplicate UUIDs 2021-05-27 10:29:21 +02:00
macos_schedule_task_job_cron.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00
macos_screencapture.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00
macos_security_software_discovery.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
macos_split_file_into_pieces.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
macos_startup_items.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
macos_susp_histfile_operations.yml added fish to macos rule 2020-10-17 02:37:21 +03:00
macos_system_network_connections_discovery.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
macos_system_network_discovery.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
macos_system_shutdown_reboot.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
macos_xattr_gatekeeper_bypass.yml Renamed ProcessName field to Image for the process_creation category. 2021-02-25 01:57:26 +03:00