SigmaHQ/rules/linux
2019-10-21 11:14:24 +02:00
..
auditd add rule lnx_auditd_web_rce.yml 2019-10-21 11:14:24 +02:00
modsecurity ModSecurity rule: multiple blocks 2017-02-28 17:53:32 +01:00
lnx_buffer_overflows.yml Update lnx_buffer_overflows.yml 2018-08-25 00:20:34 +02:00
lnx_clamav.yml Change All "str" references to be "list"to mach schema update 2018-01-28 02:24:16 +03:00
lnx_shell_clear_cmd_history.yml Changes 2019-04-01 14:03:54 +02:00
lnx_shell_priv_esc_prep.yml Update lnx_shell_priv_esc_prep.yml 2019-09-06 11:29:42 -04:00
lnx_shell_susp_commands.yml Rule: removed overlapping strings in Linux rule 2019-02-05 16:12:07 +01:00
lnx_shell_susp_log_entries.yml Linux Generic Rules 2017-05-02 20:32:38 +02:00
lnx_shell_susp_rev_shells.yml Merge pull request #294 from Pr0t3an/patch-3 2019-04-03 01:07:07 +02:00
lnx_shellshock.yml Change All "str" references to be "list"to mach schema update 2018-01-28 02:24:16 +03:00
lnx_ssh_cve_2018_15473.yml rule: Linux SSHD exploit CVE-2018-15473 2018-08-24 16:40:41 +02:00
lnx_sudo_cve_2019_14287.yml rule: added reference and mitre tags 2019-10-15 09:44:17 +02:00
lnx_susp_failed_logons_single_source.yml Adjusted rules to the new specs reg "not null" usage 2018-06-28 09:30:31 +02:00
lnx_susp_jexboss.yml Linux JexBoss back connect shell 2018-11-08 23:21:36 +01:00
lnx_susp_named.yml Rule: Linux > named > suspicious activity 2018-02-20 14:56:28 +01:00
lnx_susp_ssh.yml Rules: Extended and fixed (*) sshd rules 2018-02-20 13:44:06 +01:00
lnx_susp_vsftp.yml Change All "str" references to be "list"to mach schema update 2018-01-28 02:24:16 +03:00