signature-base

mirror of https://github.com/valitydev/signature-base.git synced 2024-11-07 02:25:19 +00:00

Author	SHA1	Message	Date
Florian Roth	41e0956fdc	Remote Admin - tool	2017-12-06 22:37:40 +01:00
Florian Roth	be700a3c42	PowerShell Obfuscated Invoke - PE Loader	2017-11-03 08:28:52 +01:00
Florian Roth	8b3a138995	Minor changes to rule FP exclusions	2017-09-29 08:47:22 +02:00
Florian Roth	558c99efc0	Invoke-Metasploit	2017-09-24 10:22:19 +02:00
Florian Roth	5226344c35	Sharpire	2017-09-24 10:22:09 +02:00
Florian Roth	4c6377ae9a	Changed tabs to spaces	2017-08-30 20:11:15 +02:00
Florian Roth	194e8b9d74	thor-hacktools.yar - some cherry picked rules	2017-08-30 20:11:00 +02:00
Florian Roth	2091087567	Updated hacktool producers	2017-08-11 16:47:20 +02:00
Florian Roth	d85c1108ef	Impacket Generic Rule	2017-08-07 14:52:45 +02:00
Florian Roth	3d52e22109	AllTheThings	2017-07-29 13:35:07 +02:00
Florian Roth	f8447db7e9	Invoke Mimikatz and Kekeo update	2017-07-22 07:57:58 -06:00
Florian Roth	1f0cad89f1	Bugfixes and False Positive Reduction	2017-07-20 12:24:49 -06:00
Florian Roth	990e20e3b6	Mimikatz Rules synct, SecurityXploded rule	2017-07-19 19:09:25 -06:00
Florian Roth	2ee1f0fae8	LSASS Dump only if not filename starts with WER	2017-07-19 10:17:00 -06:00
Florian Roth	ccac0893d8	Disclosed Disclosed 0day POC set	2017-07-13 08:36:43 -06:00
Florian Roth	33c2a7fcc8	New Mimikatz Strings Rule	2017-06-21 15:56:06 +02:00
Florian Roth	b43cf3b185	Rule cleanup	2017-05-11 13:34:28 +02:00
Florian Roth	c1af41f3f9	False Positives https://github.com/Neo23x0/signature-base/issues/7	2017-03-28 08:32:20 +02:00
Florian Roth	f90da1ff10	WPR and BeyondExec	2017-03-17 16:08:44 +01:00
Florian Roth	a384dd543d	Private Rule Bugfix	2017-02-03 22:04:51 +01:00
Florian Roth	3a737e0ea8	FP Reduction	2017-02-03 21:59:32 +01:00
Florian Roth	896b6eeb99	Minor changes	2017-01-31 18:47:29 +01:00
Florian Roth	8e2e39196a	FScan output	2017-01-14 19:28:47 +01:00
Florian Roth	eab4b5131b	False Positives	2016-10-29 12:28:54 +02:00
Florian Roth	e7dd247fa3	Signature Update October 2016 A	2016-10-09 11:33:29 +02:00
Florian Roth	5744546da1	Fixed duplicate rule name bug	2016-09-11 15:58:57 +02:00
Florian Roth	a3ed8d33b3	New Hacktool Signatures	2016-09-10 01:16:40 +02:00
Florian Roth	54f6aecd44	Removed duplicate rule	2016-08-31 14:34:21 +02:00
Florian Roth	0dfc21592c	WCE in-memory rule	2016-08-30 19:41:30 +02:00
Florian Roth	13ab3e4876	Power PE Reflective Injection Rule by Benjamin Delpy	2016-07-11 19:47:37 +02:00
Florian Roth	76791e7254	False Positive Reduction	2016-07-02 19:32:50 +02:00
Florian Roth	8125a96e68	dnscat2 hacktool	2016-05-18 09:34:18 -06:00
Florian Roth	fd38e39b7d	Mimikatz Rule - apply to memory too	2016-04-13 00:52:06 +02:00
Florian Roth	dd4cb5d8a9	Linux Postscanner Shark - Replaced older hack tool rule that matched also on goodware	2016-04-02 02:06:19 +02:00
Thomas Patzke	4f503dcb92	Decomposition of $hex_api_call in lsadump rule for Yara compatibility reasons	2016-03-23 10:29:05 +01:00
Florian Roth	838cdbe318	Bugfix PSAttack Rule	2016-03-09 14:06:18 +01:00
Florian Roth	4d200832eb	PSAttack Signature	2016-03-09 14:05:06 +01:00
Florian Roth	085572e77f	New Signatures	2016-03-09 13:40:49 +01:00
Florian Roth	3a61922ceb	signatures > yara	2016-02-15 12:31:27 +01:00

39 Commits