 Thomas Patzke
|
59a6a0c523
|
Added ATT&CK technique to rule test
|
2019-08-25 10:13:11 +02:00 |
|
|
Thomas Patzke
|
87abd20c0f
|
Removed deprecated PyYAML API from rule test
|
2019-04-22 23:21:08 +02:00 |
|
|
Florian Roth
|
d0950bd077
|
fix: yaml.load() issue
https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation
|
2019-04-21 20:30:31 +02:00 |
|
|
Tareq AlKhatib
|
7f4557d183
|
Enabled check for process_creation
|
2019-03-09 21:00:11 +03:00 |
|
|
Tareq AlKhatib
|
c3b079990a
|
Properly end anchored the regex
|
2019-03-09 19:23:50 +03:00 |
|
|
Tareq AlKhatib
|
be2ca8dc4d
|
Added checks for Sysmon 1 or EID 4688 instead of process_creation
|
2019-03-02 20:51:49 +03:00 |
|
|
Tareq AlKhatib
|
ae62acf3d2
|
Added a test for duplicate filters and a test for Source: Eventlog
|
2019-02-18 21:05:58 +03:00 |
|
|
Tareq AlKhatib
|
97b28f4308
|
Added a test for unnecessary use of '1 of them' in condition
|
2019-02-13 21:27:27 +03:00 |
|
|
Tareq AlKhatib
|
cd2af196e3
|
Corrected path to rules
|
2019-01-25 12:25:51 +03:00 |
|
|
Tareq AlKhatib
|
96220e776f
|
Added a test to check for duplicate filters in rules
|
2019-01-25 12:22:28 +03:00 |
|
|
Thomas Patzke
|
3c7f46a6cd
|
Added rule test to CI testing
|
2019-01-23 23:31:36 +01:00 |
|
|
Tareq AlKhatib
|
e3d61047bb
|
Added two tests. One for MITRE and another for file extension.
|
2019-01-22 21:25:13 +03:00 |
|