 phantinuss
|
ba3fbcf334
|
fix: remove erroneous whitespace
|
2023-05-03 15:53:14 +02:00 |
|
|
Nasreddine Bencherchali
|
b26f9a9793
|
chore: move more rules
|
2023-04-21 15:01:48 +02:00 |
|
|
Nasreddine Bencherchali
|
b851734126
|
chore: move 3cx related rules
|
2023-04-21 15:00:35 +02:00 |
|
|
phantinuss
|
7f056da95b
|
fix: FPs found in different environments
|
2023-04-20 09:48:47 +02:00 |
|
|
Nasreddine Bencherchali
|
4e7bb74d43
|
feat: update browsers selections and filters
|
2023-04-18 18:05:08 +02:00 |
|
|
phantinuss
|
6a7a0f0269
|
fix: typos/wording
|
2023-04-17 08:39:41 +02:00 |
|
|
Nasreddine Bencherchali
|
03fc33f93c
|
fix: add space at the end
|
2023-04-17 02:31:02 +02:00 |
|
|
Mohamed Ashraf (X__Junior)
|
63fb8e4655
|
Create image_load_side_load_libvlc.yml
|
2023-04-17 02:27:57 +02:00 |
|
|
Nasreddine Bencherchali
|
bb7aabb4b4
|
chore: author update
|
2023-04-12 16:11:58 +02:00 |
|
|
Nasreddine Bencherchali
|
3d9372bef3
|
feat: new rules, updates and fp fixes (#4136)
|
2023-04-03 12:06:14 +02:00 |
|
|
Nasreddine Bencherchali
|
5138fef3e5
|
feat: update 3cx compromise related rules (#4156)
|
2023-03-31 15:01:41 +02:00 |
|
|
frack113
|
7f18aaad6a
|
Fix FP
|
2023-03-28 14:55:57 +02:00 |
|
|
frack113
|
2cd4b73c12
|
Fix FP
|
2023-03-28 14:42:15 +02:00 |
|
|
Mohamed Ashraf
|
4c3296ce7a
|
feat: new rule related to possible iviewers.dll sideloading (#4131)
|
2023-03-22 17:54:02 +01:00 |
|
|
Nasreddine Bencherchali
|
83bcab5fd6
|
chore: increase level of some sideloading rules
|
2023-03-15 01:10:52 +01:00 |
|
|
Mohamed Ashraf
|
7d3b540de3
|
Update rules/windows/image_load/image_load_side_load_wazuh.yml
update description
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
|
2023-03-14 09:59:53 +02:00 |
|
|
Nasreddine Bencherchali
|
77a825beea
|
fix: improve metadata
|
2023-03-13 23:37:37 +01:00 |
|
|
Nasreddine Bencherchali
|
072dc5e982
|
fix: fp
|
2023-03-13 14:14:58 +01:00 |
|
|
Mohamed Ashraf (X__Junior)
|
1a4ad4c67c
|
new rules related to possible dll sideloading
|
2023-03-13 14:47:52 +02:00 |
|
|
Florian Roth
|
96347ade8b
|
Merge pull request #4099 from nasbench/nasbench-rule-devel
feat: update and fixes
|
2023-03-13 11:18:19 +01:00 |
|
|
frack113
|
61a6ca59b0
|
feat: new rule amsi.dll load by uncommon process (#4102)
|
2023-03-12 23:58:51 +01:00 |
|
|
Nasreddine Bencherchali
|
f23780de6f
|
feat: update and fixes
|
2023-03-09 22:10:42 +01:00 |
|
|
Nasreddine Bencherchali
|
137dcbcc50
|
feat: more updates and fixes
|
2023-02-28 15:22:25 +01:00 |
|
|
Nasreddine Bencherchali
|
587fbbce58
|
chore: update pipe-notation rules to unsupported
|
2023-02-24 19:54:14 +01:00 |
|
|
Nasreddine Bencherchali
|
af84545616
|
fix: fp found in baseline
|
2023-02-23 13:39:17 +01:00 |
|
|
Nasreddine Bencherchali
|
078e3ab500
|
feat: updates and fixes
|
2023-02-23 12:49:44 +01:00 |
|
|
Nasreddine Bencherchali
|
f0afc4cce6
|
fix: apply suggestions from code review
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
|
2023-02-20 12:06:37 +01:00 |
|
|
Nasreddine Bencherchali
|
1d4a6dee3d
|
fix: more fp
|
2023-02-17 23:23:31 +01:00 |
|
|
Nasreddine Bencherchali
|
6a0b38291f
|
fix: fp found in baseline
|
2023-02-17 23:16:42 +01:00 |
|
|
Nasreddine Bencherchali
|
1dba328ddc
|
fix: add missing modified
|
2023-02-17 22:52:09 +01:00 |
|
|
Nasreddine Bencherchali
|
68c052aab7
|
feat: updates and fixes
|
2023-02-17 17:51:44 +01:00 |
|
|
Nasreddine Bencherchali
|
2ef681291a
|
feat: more rules updates
|
2023-02-14 19:30:18 +01:00 |
|
|
Nasreddine Bencherchali
|
82cde0e10c
|
feat: update rules related to onenote and more
|
2023-02-10 00:40:16 +01:00 |
|
|
Nasreddine Bencherchali
|
4d1bd7663b
|
fix: update duplicate title
|
2023-02-08 19:16:53 +01:00 |
|
|
Nasreddine Bencherchali
|
0717634671
|
feat: updates and enhancements
|
2023-02-08 19:12:35 +01:00 |
|
|
Nasreddine Bencherchali
|
a19a75b0b0
|
fix: resolves #4015
|
2023-02-07 14:33:56 +01:00 |
|
|
Wagga
|
273fdb9985
|
fix: typos in multiple rules (#4011)
|
2023-02-06 13:53:23 +01:00 |
|
|
Nasreddine Bencherchali
|
68f0833cbc
|
feat: more fixes and updates
|
2023-02-05 21:46:22 +01:00 |
|
|
Nasreddine Bencherchali
|
31a5c08480
|
fix: reduce author set
|
2023-02-01 14:34:46 +01:00 |
|
|
Nasreddine Bencherchali
|
7c38a5c496
|
chore: add nextron authors tag
|
2023-02-01 11:14:59 +01:00 |
|
|
Nasreddine Bencherchali
|
92a23276cf
|
Merge pull request #3972 from frack113/hijacklibs
feat: add additional new dlls for abuse from hijacklibs
|
2023-01-30 10:49:11 +01:00 |
|
|
Nasreddine Bencherchali
|
cb1ea104b6
|
fix: remove unnecessary space
|
2023-01-30 10:42:48 +01:00 |
|
|
Nasreddine Bencherchali
|
8bcedc7c52
|
fix: update title and description
|
2023-01-30 10:41:27 +01:00 |
|
|
Qasim Qlf
|
a39896f66a
|
fix: condition
|
2023-01-30 14:27:59 +05:00 |
|
|
frack113
|
072d6bda9b
|
Add more dll
|
2023-01-29 16:50:06 +01:00 |
|
|
frack113
|
5087b95155
|
Merge remote-tracking branch 'upstream/master' into pormotion_status
|
2023-01-27 11:29:27 +01:00 |
|
|
frack113
|
1033b3f404
|
change status to test
|
2023-01-27 06:48:34 +01:00 |
|
|
Nasreddine Bencherchali
|
58912f5eda
|
Merge branch 'nasbench-rule-devel' of https://github.com/nasbench/sigma into nasbench-rule-devel
|
2023-01-26 23:01:51 +01:00 |
|
|
Nasreddine Bencherchali
|
c538550b03
|
feat: updates and fixes
|
2023-01-26 22:42:56 +01:00 |
|
|
frack113
|
cb67871bd2
|
Revert "Change status of old rules"
|
2023-01-26 19:37:18 +01:00 |
|