459 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
Florian Roth	c1af41f3f9	False Positives ... https://github.com/Neo23x0/signature-base/issues/7	2017-03-28 08:32:20 +02:00
Florian Roth	a5be8e42f6	Osiris Device Guard Bypass	2017-03-27 09:39:43 +02:00
Florian Roth	46444066a6	WMI Implant PowerShell	2017-03-24 17:33:26 +01:00
Florian Roth	8734ab6680	Javascript obfuscated PowerShell (droppers)	2017-03-24 14:52:26 +01:00
Florian Roth	f90da1ff10	WPR and BeyondExec	2017-03-17 16:08:44 +01:00
Florian Roth	a4271452c3	Unicode left-to-right override trick	2017-03-13 12:17:04 +01:00
Florian Roth	f39f51d234	Suspicious PowerShell Invocation	2017-03-12 17:06:18 +01:00
Florian Roth	9f96ed873e	Bugfix - non OpenSSL binaries	2017-03-09 18:09:15 +01:00
Florian Roth	8c0de6120e	Removed False Positives	2017-03-07 21:09:38 +01:00
Florian Roth	b73d07558a	Tiny JSP Webshell YARA Rule	2017-03-07 11:24:48 +01:00
Florian Roth	48a8a94196	StoneDrill Threat: YARA rules and filename IOCs	2017-03-07 11:24:27 +01:00
Florian Roth	8bf466a9ac	Kriskynote Malware	2017-03-04 14:38:35 +01:00
Florian Roth	ea2c46df32	Derusbi Samples	2017-03-04 14:38:20 +01:00
Florian Roth	db4465f417	New Simple PHP Webshell	2017-03-04 14:36:07 +01:00
Florian Roth	c64d284911	ChChes - Ham / Tofu Backdoors by Cylance	2017-02-28 14:05:19 +01:00
Florian Roth	d47b918c2e	OTX Update	2017-02-25 17:28:39 +01:00
Florian Roth	501eb60b33	OTX Update	2017-02-25 17:28:25 +01:00
Florian Roth	1b9c72cd4c	Minor changes	2017-02-25 17:28:14 +01:00
Florian Roth	a564860d0a	PowerShell Rule Bugfix	2017-02-23 17:42:26 +01:00
Florian Roth	8dc9ba46d5	Suspicious PowerShell Code	2017-02-23 17:13:04 +01:00
Florian Roth	a4544d7c2a	Op Magic Hound YARA Signatures ... http://researchcenter.paloaltonetworks.com/2017/02/unit42-magic-hound-campaign-attacks-saudi-targets/	2017-02-17 15:48:58 +01:00
Florian Roth	72f3c49d99	False positives with AV software DLLs (ESET)	2017-02-17 15:48:21 +01:00
Florian Roth	7d5227d20f	Removed WebShell_Generic_PHP_5 prone to false positives	2017-02-16 19:41:26 +01:00
Florian Roth	2cd4d7b422	Deactivated False Positives in Grizzly Steppe Rules - US CERT	2017-02-12 18:26:02 +01:00
Florian Roth	c19ef7de0d	OTX Update	2017-02-11 12:14:11 +01:00
Florian Roth	6534da8d3a	Cosmetics	2017-02-11 12:01:31 +01:00
Florian Roth	2f42964d1d	Removed duplicate rule StreamEx_ShellCrew	2017-02-11 11:38:12 +01:00
Florian Roth	8d577f57b0	US CERT Grizzly Steppe Report	2017-02-11 11:36:10 +01:00
Florian Roth	0069690f19	Remove False Positive Rules	2017-02-10 10:40:52 +01:00
Florian Roth	dd8d5585f0	Metasploit Payloads	2017-02-10 10:40:21 +01:00
Florian Roth	e4c17818b6	Shell Crew StreamEx	2017-02-10 10:23:29 +01:00
Florian Roth	ce887d4eb3	Rotten Potato - Avoiding False Positives	2017-02-07 17:58:44 +01:00
Florian Roth	291833ccdd	Winnti malware MS Report	2017-02-07 10:45:19 +01:00
Florian Roth	b80152fbc2	Servant Shell	2017-02-07 10:37:26 +01:00
Florian Roth	959f30b62d	Rotten Potato	2017-02-07 09:20:10 +01:00
Florian Roth	376dcfcf5e	ysoserial payloads	2017-02-05 13:27:10 +01:00
Florian Roth	2a7c06adf8	CN APT Proofpoint ZeroT RAT	2017-02-05 13:26:03 +01:00
Florian Roth	4b1abf072e	New build of OTX receiver with new SDK	2017-02-05 13:25:01 +01:00
Florian Roth	a384dd543d	Private Rule Bugfix	2017-02-03 22:04:51 +01:00
Florian Roth	3a737e0ea8	FP Reduction	2017-02-03 21:59:32 +01:00
Florian Roth	6ace90f226	UAC Elevators Update	2017-02-03 21:59:14 +01:00
Florian Roth	d0ff872894	OTX Update	2017-02-01 17:57:23 +01:00
Florian Roth	896b6eeb99	Minor changes	2017-01-31 18:47:29 +01:00
Florian Roth	df58486639	FP avoidance	2017-01-28 12:49:14 +01:00
Florian Roth	6ddaf42ec3	Google Bot User Agent	2017-01-28 11:39:32 +01:00
Florian Roth	2ca25d1c00	Greenbug YARA rules	2017-01-26 14:00:36 +01:00
Florian Roth	7b16da5081	P0wnShell	2017-01-15 16:30:56 +01:00
Florian Roth	8b8e11282d	EquationGroup Rules Update	2017-01-14 19:38:43 +01:00
Florian Roth	58b7514527	Merge branch 'master' of https://github.com/Neo23x0/signature-base	2017-01-14 19:38:12 +01:00
Florian Roth	b5776d6971	Venom Linux Rootkit	2017-01-14 19:38:06 +01:00