valitydev/signature-base
14
0
Fork 0
mirror of https://github.com/valitydev/signature-base.git synced 2024-11-07 18:38:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,007 Commits 2 Branches 1 Tag 33 MiB
61e4bb20e7
Commit Graph

30 Commits

Author SHA1 Message Date
Florian Roth
78706dbe46 Reworked many rules based on YARA performance guidelines 
https://gist.github.com/Neo23x0/e3d4e316d7441d9143c7
 2019-03-02 16:02:11 +01:00
Florian Roth
8f7335c6ad Author adjustments 2019-02-19 08:25:27 +01:00
Florian Roth
e1262a718e
I'd adjust it like that 2019-01-16 19:27:29 +01:00
Jeff Beley
3fa7540094 Added rules for a tiny webshell and a go based htran variant 2019-01-16 10:58:25 -06:00
Florian Roth
8a22d4d403 Removed duplicate rules 2018-11-23 08:33:07 +01:00
Florian Roth
1dd9a238be JexBoss Webshells 2018-11-09 08:42:39 +01:00
Florian Roth
7c8745c59e License notice on my own rules, removed rules with unclear/problematic licensing 2018-08-26 12:48:01 +02:00
Florian Roth
117270469f Moved all rules that use ext vars to a new rule set 2018-03-12 13:47:40 +01:00
Florian Roth
f8f8193249 Typo in ALFA shell rule 2017-11-22 18:15:00 +01:00
Florian Roth
30610ff120 Webshell FOPO Obfuscation 2017-11-18 20:04:29 +01:00
Florian Roth
55868b5eff False Positive Reduction 2017-11-08 18:39:40 +01:00
Florian Roth
ae82dd03a8 False Positive Reduction 2017-09-27 16:35:14 +02:00
Florian Roth
dde5dd8bce Webshell Alfa Shell 2017-09-22 08:44:03 +02:00
Florian Roth
b0e79303e0 False Positive Reduction 2017-09-21 08:36:25 +02:00
Florian Roth
90499b61d7 PAS Webshell 2017-07-11 13:38:38 -06:00
Florian Roth
859a183bfa TeleDoor YARA Signature 2017-07-05 13:34:41 -06:00
Florian Roth
32a08da312 Bugfix in web shell rule 2017-06-26 14:18:30 +02:00
Florian Roth
203df010da Wordpress Webshell 2017-06-26 08:07:29 +02:00
Florian Roth
346b903485 Removed hacktoolset from rules 2017-06-06 23:21:29 +02:00
Florian Roth
b43cf3b185 Rule cleanup 2017-05-11 13:34:28 +02:00
Florian Roth
b73d07558a Tiny JSP Webshell YARA Rule 2017-03-07 11:24:48 +01:00
Florian Roth
db4465f417 New Simple PHP Webshell 2017-03-04 14:36:07 +01:00
Florian Roth
7d5227d20f Removed WebShell_Generic_PHP_5 prone to false positives 2017-02-16 19:41:26 +01:00
Florian Roth
a9ff4c43c1 Regshell False Positive 2016-12-01 22:44:48 +01:00
Florian Roth
0633e4fdf0 Webshell AJAX False Positive 2016-11-05 10:31:43 +01:00
Florian Roth
3b47e3ecd2 Antic Webshell 2016-09-11 16:43:47 +02:00
Florian Roth
5f673df5f6 New Webshell Rules 2016-09-11 15:59:52 +02:00
Florian Roth
e3ada3ee24 Renamed Webshell Rules 2016-08-16 20:32:06 +02:00
Florian Roth
e3f04a6e71 False Positive Fixes 2016-04-26 10:04:19 +02:00
Florian Roth
3a61922ceb signatures > yara 2016-02-15 12:31:27 +01:00