valitydev/signature-base
14
0
Fork 0
mirror of https://github.com/valitydev/signature-base.git synced 2024-11-06 10:05:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Commit Graph

  • 03f26b9736
         Add renovate.json renovate[bot] 2024-04-01 17:50:37 +0000
  • 8aee99676b
         Create Ezuri_OSX.yar master joker2013 2021-07-20 11:14:39 +0300
  • aff23cf41d
         Create Ezuri_Linux.yar joker2013 2021-07-20 11:13:55 +0300
  • fcf711efe0
         Create apt_Darkside_linux,yar joker2013 2021-07-19 11:42:45 +0300
  • 5784e6e24c
         Merge pull request #1 from rbkmoney/joker2013-patch-1 joker2013 2021-07-18 13:33:31 +0300
  • 5fae6a74e8
         Create REvilLinux.yar joker2013-patch-1 joker2013 2021-07-18 13:33:18 +0300
  • dbb7c83d22
         Create apt_LazarusCampaign_MacroDoc_Jun2021.yar joker2013 2021-07-18 13:04:39 +0300
  • bfc4ba4970
         Create apt_LazarusCampaign_Payload_Jun2021.yar joker2013 2021-07-18 13:02:51 +0300
  • 3c9bc5f0a5 Serv-U exploitation update Florian Roth 2021-07-14 09:43:54 +0200
  • a529dafa19 Serv-U filename IOCs Florian Roth 2021-07-14 09:37:52 +0200
  • 5c004bf7cf exploit: CVE-2021-35211 ServU indicators Florian Roth 2021-07-12 21:12:43 +0200
  • aadfaf885f docs: remove webshell tag Florian Roth 2021-07-12 11:26:41 +0200
  • e09eab47d7 PrinterNightmare DLL Names Florian Roth 2021-07-10 10:05:49 +0200
  • 574e0937f5 fix: removed EXT_ prefix used in THOR Florian Roth 2021-07-09 13:42:23 +0200
  • 0a14eafc08 Adding Avast's CobaltStrike rules Florian Roth 2021-07-09 10:49:50 +0200
  • c028b21f9f panther folder - setup.exe exclusion Florian Roth 2021-07-03 16:58:32 +0200
  • a129926063 Kesaya IOCs Florian Roth 2021-07-03 12:15:24 +0200
  • 02f7880616 rules: REvil Kaseya attack Florian Roth 2021-07-03 00:26:33 +0200
  • f6bde31bac NetFilter Rootkit rules by Arkbird_SOLG Florian Roth 2021-06-19 08:40:36 +0200
  • eee5707e6a DarkSide filename IOCs Florian Roth 2021-06-17 18:02:15 +0200
  • 035a6bbd04 Hash IOCs DarkSide Report Florian Roth 2021-06-17 14:36:26 +0200
  • 263b01fb72 fix: rule name DarkHydrus Florian Roth 2021-06-17 14:36:13 +0200
  • 7f8c17a8df Update on hash IOCs Florian Roth 2021-06-17 08:04:12 +0200
  • a85d8aa096 Roothelper Florian Roth 2021-06-09 09:07:25 +0200
  • a4111af676 fix: prone to FPs Florian Roth 2021-06-09 09:07:17 +0200
  • d1d09572e6 Merge branch 'master' of https://github.com/Neo23x0/signature-base Florian Roth 2021-06-08 15:45:58 +0200
  • 0853dfd5e0 fix: FPs Florian Roth 2021-06-08 15:45:55 +0200
  • fbfe00c5fc
         Merge pull request #145 from ruppde/master Florian Roth 2021-06-08 13:47:35 +0200
  • 987ec49153 docs: minor adjustments in Nils' rules Florian Roth 2021-06-04 18:37:14 +0200
  • ab58cdee50
         Merge pull request #149 from 3c7/pr/crime_rules Florian Roth 2021-06-04 18:33:02 +0200
  • 4cde8d03e1
         Added MAL_CRIME_Unknown stuff Nils Kuhnert 2021-06-04 18:23:49 +0200
  • 96987bf880 SkinnyBoy rules Florian Roth 2021-06-04 10:59:40 +0200
  • 9ff984dd47 docs: side note Florian Roth 2021-05-29 14:48:58 +0200
  • 908bf1a091 rules: NOBELIUM IOCs and YARA rules Florian Roth 2021-05-29 14:36:52 +0200
  • 5fb26d67dd Volexity Rules - APT29 and CobaltStrike Florian Roth 2021-05-28 12:02:42 +0200
  • ac4ae9f894 fix: FPs Florian Roth 2021-05-27 18:07:10 +0200
  • e81dd2868e fix: FPs with CobaltStrike_C2_Decoded_Config_Indicator Florian Roth 2021-05-27 09:23:18 +0200
  • ee142d3683 Update exploit_cve_2021_31166.yar Florian Roth 2021-05-22 12:24:44 +0200
  • 3dda1ff620 fix: license added Florian Roth 2021-05-21 17:26:35 +0200
  • ced963e994 Create exploit_cve_2021_31166.yar Florian Roth 2021-05-21 17:25:14 +0200
  • da85f2524f fix: missing fake GZIP rule Florian Roth 2021-05-19 09:14:46 +0200
  • b93724d9df rule: IcedID Florian Roth 2021-05-19 08:43:44 +0200
  • 911805e50e makefile include owner Florian Roth 2021-05-19 08:40:36 +0200
  • 9bd583f860 fix: FPs with rule Florian Roth 2021-05-19 08:40:27 +0200
  • 17e262a0da Gobfuscate Florian Roth 2021-05-14 18:21:30 +0200
  • 29f9a1ed00 Gamaredon rule name change Florian Roth 2021-05-13 18:36:38 +0200
  • 9b3b381b97 DarkSide FE rules Florian Roth 2021-05-13 18:36:29 +0200
  • 8ca9e30e1d Gamaredon APIHashing rule Florian Roth 2021-05-12 11:18:55 +0200
  • 72b08cd6b4 refactor: darkside rule + ransom note Florian Roth 2021-05-11 09:27:44 +0200
  • 8213f9fd6c rule: Darkside ransomware Florian Roth 2021-05-10 19:07:05 +0200
  • 72f77dc8dd Merge branch 'Neo23x0:master' into master Arnim Rupp 2021-05-08 07:55:27 +0200
  • 449c219414 TunnelSnake IOCs Florian Roth 2021-05-07 18:42:54 +0200
  • 01502bfe90 filename IOC DELL BIOS update driver Florian Roth 2021-05-05 15:44:40 +0200
  • e5a35a2c7c rule: exploits for CVE-2021-1647 Florian Roth 2021-05-05 11:21:43 +0200
  • 31ea1d5ada fix: file renamed Florian Roth 2021-05-05 10:39:34 +0200
  • 397fcb958d rule: vulnerable dell bios update driver Florian Roth 2021-05-05 10:38:43 +0200
  • 01034aaff6 docs: info EOL TI receivers Florian Roth 2021-05-04 11:21:22 +0200
  • a8faf1c13a rule: Lorenz ransomware Florian Roth 2021-05-04 11:21:07 +0200
  • 855f221955 refactor: removed compiled binaries and scripts Florian Roth 2021-05-04 09:14:33 +0200
  • 433705fb70 docs: README updated Florian Roth 2021-05-04 09:04:54 +0200
  • cf798e195b docs: EOL threat intel receivers Florian Roth 2021-05-04 09:01:59 +0200
  • 078c398dcb fix: FPs Florian Roth 2021-05-04 08:57:57 +0200
  • b4077ca1e6 fix: duplicate identifier Florian Roth 2021-05-04 08:50:44 +0200
  • 7b1c94b573 fix: FPs with ReflectiveLoader rule and SentinelOne Florian Roth 2021-05-03 20:15:49 +0200
  • 39583d190d UNC2447 SombRAT HelloKitty Florian Roth 2021-05-01 14:56:20 +0200
  • e478de8625 refactor: bug in audio driver IOC Florian Roth 2021-04-28 08:37:16 +0200
  • 7f15a227e1 Bug in Audio Driver creates .WAV files Florian Roth 2021-04-28 08:35:35 +0200
  • 88516fc7d6 Iron Tiger IOCs Florian Roth 2021-04-27 16:14:32 +0200
  • b8c1909f11 rule: SentinelOne RemotePotato0 Florian Roth 2021-04-26 18:22:28 +0200
  • 0a7f752891 rule: passwordstate moserware backdoor Florian Roth 2021-04-26 14:02:18 +0200
  • 4425c06d44 fix: disabled slow rule Florian Roth 2021-04-23 15:14:56 +0200
  • b190607e62 rule: Conti crypter Florian Roth 2021-04-23 12:53:26 +0200
  • 3700d1dd13 PulseSecure FireEye IOCs and adjusted YARA rules Florian Roth 2021-04-21 08:21:42 +0200
  • 74f3cde599 Filename IOC - Possible exploitation of CVE-2021-2307 Florian Roth 2021-04-21 07:56:58 +0200
  • 91b0e1b4c9 Update gen_webshells.yar Arnim Rupp 2021-04-20 00:14:27 +0200
  • b862610131 fix: FP with Mozilla.exe Florian Roth 2021-04-19 14:42:48 +0200
  • 96f999e76c new Cobalt Strike signatures by Elastic Florian Roth 2021-04-19 09:55:26 +0200
  • ca0dc06384 Codecov rule Florian Roth 2021-04-16 10:32:15 +0200
  • c5bee404a6 BKA Emotet rules Florian Roth 2021-04-16 10:32:09 +0200
  • a020ac46a7 SUNSHUTTLE IOCs Florian Roth 2021-04-16 10:32:02 +0200
  • dab741423e fix: missing pe import Florian Roth 2021-04-15 09:43:55 +0200
  • f0aab53267 refactor: combined Neshta rules Florian Roth 2021-04-15 08:59:11 +0200
  • e360605894
         Merge pull request #143 from 2d4d/master Florian Roth 2021-04-07 21:35:14 +0200
  • 9cc020ce3e Update gen_webshells.yar Arnim Rupp 2021-04-07 21:17:03 +0200
  • b62cf37738
         Merge pull request #142 from 2d4d/master Florian Roth 2021-04-07 18:35:13 +0200
  • 7fdef69dcf Update gen_github_net_redteam_tools_names.yar Arnim Rupp 2021-04-07 18:30:33 +0200
  • 4742c810c2
         Merge pull request #140 from 2d4d/master Florian Roth 2021-04-07 10:27:27 +0200
  • 04fe2dda4f fix: wrong rule replaced Florian Roth 2021-04-07 10:26:40 +0200
  • 37b02adc26 fix: missing usage folder Florian Roth 2021-04-07 10:22:06 +0200
  • 347f439952 Merge branch 'master' of https://github.com/Neo23x0/signature-base Florian Roth 2021-04-07 09:57:31 +0200
  • 2a842afaf6 fix: FPs with webshell rule Florian Roth 2021-04-07 09:57:28 +0200
  • 9b86522e4e
         Merge pull request #141 from koike/patch-1 Florian Roth 2021-04-05 12:16:24 +0200
  • f9697cd833
         Replace "neo_sec" to "nao_sec" Rintaro KOIKE 2021-04-05 18:08:55 +0900
  • d38c15b3e2 Update gen_webshells.yar Arnim Rupp 2021-04-04 13:14:25 +0200
  • 5ca10a160c Update gen_webshells.yar Arnim Rupp 2021-04-02 10:48:35 +0200
  • a8049a6705 Add more Exchange related ASP webshells Florian Roth 2021-04-01 10:00:59 +0200
  • e53fd2c242
         Merge pull request #139 from 2d4d/master Florian Roth 2021-04-01 08:08:25 +0200
  • cb0ac1d7a6 APT10 hash IOCs Florian Roth 2021-04-01 07:58:27 +0200
  • b37f503aa3 Update gen_webshells.yar Arnim Rupp 2021-03-31 17:35:41 +0200
  • 9117d3d380 Update gen_webshells.yar Arnim Rupp 2021-03-31 00:29:24 +0200