valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 01:45:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
8f6ce25bab
SigmaHQ/rules/linux
History
remotephone 8f6ce25bab
Merge changes from pull 1084 with this one 
https://github.com/Neo23x0/sigma/pull/1084 includes some commands I missed. This merges both and creates an OR selection condition to match both possible conditions.
2020-10-16 22:01:44 -05:00
..
auditd resolve conflicts with rule IDs; restored and deprecated sysmon_mimikatz_detection_lsass.yml 2019-11-19 02:11:19 +01:00
modsecurity Added UUIDs to rules 2019-11-12 23:12:27 +01:00
lnx_buffer_overflows.yml Added UUIDs to rules 2019-11-12 23:12:27 +01:00
lnx_chattr_immutable_removal.yml Update lnx_chattr_immutable_removal.yml 2019-12-02 02:54:32 +01:00
lnx_clamav.yml Added UUIDs to rules 2019-11-12 23:12:27 +01:00
lnx_dd_delete_file.yml Update lnx_dd_delete_file.yml 2019-12-02 02:54:48 +01:00
lnx_file_or_folder_permissions.yml Update lnx_file_or_folder_permissions.yml 2019-12-02 02:53:35 +01:00
lnx_pers_systemd_reload.yml Update lnx_pers_systemd_reload.yml 2019-12-02 02:54:13 +01:00
lnx_shell_clear_cmd_history.yml Added UUIDs to rules 2019-11-12 23:12:27 +01:00
lnx_shell_priv_esc_prep.yml Added UUIDs to rules 2019-11-12 23:12:27 +01:00
lnx_shell_susp_commands.yml Added UUIDs to rules 2019-11-12 23:12:27 +01:00
lnx_shell_susp_log_entries.yml Added UUIDs to rules 2019-11-12 23:12:27 +01:00
lnx_shell_susp_rev_shells.yml Added UUIDs to rules 2019-11-12 23:12:27 +01:00
lnx_shellshock.yml Added UUIDs to rules 2019-11-12 23:12:27 +01:00
lnx_ssh_cve_2018_15473.yml Added UUIDs to rules 2019-11-12 23:12:27 +01:00
lnx_sudo_cve_2019_14287.yml Added UUIDs to rules 2019-11-12 23:12:27 +01:00
lnx_susp_failed_logons_single_source.yml Added UUIDs to rules 2019-11-12 23:12:27 +01:00
lnx_susp_jexboss.yml Added UUIDs to rules 2019-11-12 23:12:27 +01:00
lnx_susp_named.yml Added UUIDs to rules 2019-11-12 23:12:27 +01:00
lnx_susp_ssh.yml Added UUIDs to rules 2019-11-12 23:12:27 +01:00
lnx_susp_vsftp.yml Added UUIDs to rules 2019-11-12 23:12:27 +01:00
lnx_system_network_discovery.yml Merge changes from pull 1084 with this one 2020-10-16 22:01:44 -05:00
macos_system_network_discovery.yml updating to select commandline arguments correctly for macos rule, and cleaning up description across both rules 2020-10-13 22:09:37 -05:00