valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-06 17:35:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
fb1f04ec8a
SigmaHQ/rules/linux
History
yugoslavskiy fb1f04ec8a
Merge pull request #1249 from oscd-initiative/oscd_art_linux_task_18_T1083 
[OSCD] ART sync, test T1083: File and Directory Discovery (Linux)
2021-02-04 22:34:47 +01:00
..
auditd Update lnx_auditd_susp_exe_folders.yml 2020-10-15 23:09:06 -03:00
modsecurity Fixed my git issue 2020-09-13 22:03:04 -06:00
at_command.yml Update at_command.yml 2020-10-16 22:49:40 +03:00
lnx_apt_equationgroup_lnx.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_base64_decode.yml fix title 2020-10-20 00:44:23 +02:00
lnx_binary_padding.yml fix indentation 2020-10-19 18:19:38 +03:00
lnx_buffer_overflows.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_change_file_time_attr.yml fix nelwines 2020-10-19 16:44:18 +03:00
lnx_chattr_immutable_removal.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_clamav.yml restore original rule 2020-11-30 01:31:00 +01:00
lnx_clear_logs.yml Update lnx_clear_logs.yml 2020-12-02 01:28:29 +01:00
lnx_dd_delete_file.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_file_and_directory_discovery.yml add lnx_file_and_directory_discovery.yml, oscd initiative issue #1011, task number 18 2020-10-20 03:05:32 +02:00
lnx_file_copy.yml Update lnx_file_copy.yml 2020-10-15 22:53:20 -03:00
lnx_file_deletion.yml Update lnx_file_deletion.yml 2020-12-02 01:27:35 +01:00
lnx_file_or_folder_permissions.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_find_cred_in_files.yml fix newlines 2020-10-19 16:45:42 +03:00
lnx_install_root_certificate.yml Update lnx_install_root_certificate.yml 2020-11-14 19:19:28 +03:00
lnx_local_account.yml Split command line and do contains all. 2020-10-13 10:51:00 +02:00
lnx_local_groups.yml Adding Ömer as leading author 2020-10-18 20:30:32 +02:00
lnx_network_service_scanning.yml Fix rule indent 2020-11-17 10:12:55 +01:00
lnx_password_policy_discovery.yml Update lnx_password_policy_discovery.yml 2020-10-16 22:52:15 +03:00
lnx_pers_systemd_reload.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_process_discovery.yml Update lnx_process_discovery.yml 2020-11-18 23:25:15 +03:00
lnx_proxy_connection.yml restore original rule 2020-11-30 01:32:06 +01:00
lnx_remote_system_discovery.yml Update lnx_remote_system_discovery.yml 2020-10-29 02:06:20 +01:00
lnx_schedule_task_job_cron.yml Update lnx_schedule_task_job_cron.yml 2020-10-17 22:25:52 +02:00
lnx_security_software_discovery.yml add lnx_security_software_discovery.yml, oscd initiative issue #1011, task number 26 2020-10-20 03:57:41 +02:00
lnx_security_tools_disabling.yml Trigger new test execution 2020-11-20 09:29:09 +01:00
lnx_setgid_setuid.yml restore the rule 2020-11-28 18:53:13 +01:00
lnx_shell_clear_cmd_history.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_shell_priv_esc_prep.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_shell_susp_commands.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_shell_susp_log_entries.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_shell_susp_rev_shells.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_shellshock.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_space_after_filename_.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_split_file_into_pieces.yml fix wrong tactic 2020-10-19 17:16:22 +03:00
lnx_ssh_cve_2018_15473.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_sudo_cve_2019_14287.yml restore the original file 2020-11-29 21:32:46 +01:00
lnx_susp_failed_logons_single_source.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_susp_guacamole.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_susp_histfile_operations.yml additional shells for both rules fix 2020-10-17 02:33:32 +03:00
lnx_susp_jexboss.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_susp_named.yml Update lnx_susp_named.yml 2020-11-29 21:31:54 +01:00
lnx_susp_ssh.yml restore the original file 2020-11-29 21:30:50 +01:00
lnx_susp_vsftp.yml Fixed my git issue 2020-09-13 22:03:04 -06:00
lnx_system_info_discovery.yml Update lnx_system_info_discovery.yml 2020-11-14 19:24:23 +03:00
lnx_system_network_connections_discovery.yml add lnx_system_network_connections_discovery.yml, oscd initiative issue #1011, task number 8 2020-10-20 01:17:06 +02:00
lnx_system_network_discovery.yml Updated author section 2020-10-16 22:02:58 -05:00
lnx_system_shutdown_reboot.yml fix newlines 2020-10-19 16:42:43 +03:00
macos_applescript.yml Initial sigma rule 2020-10-21 10:09:00 +02:00
macos_base64_decode.yml fix title 2020-10-20 00:47:02 +02:00
macos_binary_padding.yml fix rule logic 2020-10-21 18:25:22 +03:00
macos_change_file_time_attr.yml additional processname fix 2020-10-21 18:32:50 +03:00
macos_clear_system_logs.yml updating selections to make query more efficient and less prone to evasion 2020-10-13 22:17:26 -05:00
macos_create_account.yml minor changes on command line 2020-10-13 10:55:29 +02:00
macos_create_hidden_account.yml update /macos_create_hidden_account.yml 2020-10-16 02:05:22 +02:00
macos_creds_from_keychain.yml Changed selections and condition 2020-11-27 19:23:31 +01:00
macos_disable_security_tools.yml fix syntax 2020-10-20 05:10:11 +02:00
macos_emond_launch_daemon.yml Sigma rule 2020-10-23 10:16:59 +02:00
macos_file_and_directory_discovery.yml add macos_file_and_directory_discovery.yml, oscd initiative issue #1012, task number 28 2020-10-20 02:58:08 +02:00
macos_find_cred_in_files.yml rule logic fix 2020-10-21 18:32:02 +03:00
macos_gui_input_capture.yml adding line at end of file 2020-10-14 00:05:28 -05:00
macos_local_account.yml Split command line and do contains all. 2020-10-13 10:51:00 +02:00
macos_local_groups.yml Adding Ömer as the leading author 2020-10-18 20:28:55 +02:00
macos_network_service_scanning.yml Filter out listening mode on nc 2020-11-09 10:32:56 +01:00
macos_network_sniffing.yml changes a syntax a bit to re-run the test 2020-10-20 17:10:20 +02:00
macos_remote_system_discovery.yml Retrigger tests 2020-11-20 09:30:43 +01:00
macos_schedule_task_job_cron.yml Add slash to bypass testing 2020-10-14 08:50:15 +02:00
macos_screencapture.yml updated syntax a bit to re-run the test 2020-10-20 19:06:23 +02:00
macos_security_software_discovery.yml add missing falcond 2020-10-20 04:00:16 +02:00
macos_split_file_into_pieces.yml commit to restart checker 2020-10-19 17:20:43 +03:00
macos_startup_items.yml update syntax a bit to re-run the test 2020-10-20 17:31:00 +02:00
macos_susp_histfile_operations.yml added fish to macos rule 2020-10-17 02:37:21 +03:00
macos_system_network_connections_discovery.yml add macos_system_network_connections_discovery.yml, oscd initiative issue #1012, task number 14 2020-10-20 01:14:56 +02:00
macos_system_network_discovery.yml updating to select commandline arguments correctly for macos rule, and cleaning up description across both rules 2020-10-13 22:09:37 -05:00
macos_system_shutdown_reboot.yml fix non-present binary 2020-10-19 17:01:23 +03:00
macos_xattr_gatekeeper_bypass.yml add macos_xattr_gatekeeper_bypass.yml, oscd initiative issue #1012, task number 55 2020-10-20 04:34:02 +02:00