 Florian Roth
|
bcce3a85aa
|
Merge branch 'master' into rule-devel
|
2023-01-09 09:56:21 +01:00 |
|
|
Florian Roth
|
0a9be5922c
|
fix: shortened author list to make it fit in VARCHAR(255) DB fields
|
2023-01-09 09:47:26 +01:00 |
|
|
frack113
|
679c2a0500
|
Merge pull request #3886 from frack113/alias
Add posh_ps_susp_set_alias
|
2023-01-08 14:55:23 +01:00 |
|
|
frack113
|
7f653db16c
|
Apply suggestions from code review
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
|
2023-01-08 14:45:39 +01:00 |
|
|
frack113
|
2cf8529657
|
Add posh_ps_susp_set_alias
|
2023-01-08 09:55:27 +01:00 |
|
|
Nasreddine Bencherchali
|
0fc5066fa2
|
Merge pull request #3881 from securepeacock/patch-37
Create aws_enum_buckets.yml
|
2023-01-07 13:29:23 +01:00 |
|
|
Nasreddine Bencherchali
|
5ea2e76162
|
Merge pull request #3884 from frack113/UnhookingPatch
Add proc_access_win_invoke_patchingapi
|
2023-01-07 13:15:32 +01:00 |
|
|
Nasreddine Bencherchali
|
e08358de3b
|
fix: add related field
|
2023-01-07 13:13:48 +01:00 |
|
|
frack113
|
f08f3706f7
|
Update proc_access_win_invoke_patchingapi.yml
|
2023-01-07 13:04:57 +01:00 |
|
|
Nasreddine Bencherchali
|
69dbdc2a34
|
fix: apply suggestions from code review
|
2023-01-07 13:03:21 +01:00 |
|
|
frack113
|
d73fe7ecfe
|
Update rules/cloud/aws/aws_enum_buckets.yml
|
2023-01-07 12:39:50 +01:00 |
|
|
frack113
|
24264407d9
|
Update detection
|
2023-01-07 12:32:27 +01:00 |
|
|
frack113
|
c30c30dc3d
|
Merge pull request #3883 from frack113/order_file
Filename normalisation
|
2023-01-07 12:20:30 +01:00 |
|
|
frack113
|
4dbfebf65c
|
Add proc_access_win_invoke_patchingapi
|
2023-01-07 10:35:28 +01:00 |
|
|
frack113
|
d6059d801b
|
Filename normalisation
|
2023-01-07 08:52:11 +01:00 |
|
|
Thomas Patzke
|
b0eea2a8a8
|
Merge pull request #3882 from SigmaHQ/fix-typing
Fixed type hint causing issues
|
2023-01-07 00:39:53 +01:00 |
|
|
Thomas Patzke
|
b0f59faac3
|
Fixed type hint causing issues
|
2023-01-07 00:37:47 +01:00 |
|
|
securepeacock
|
4c3e79cccb
|
Create aws_enum_buckets.yml
|
2023-01-06 17:36:08 -05:00 |
|
|
frack113
|
f015c940f8
|
Merge pull request #3880 from frack113/from_VT_screen
Add proc_creation_win_double_ext_parent
|
2023-01-06 18:31:47 +01:00 |
|
|
frack113
|
97ec1c4d54
|
Add related
|
2023-01-06 18:22:36 +01:00 |
|
|
frack113
|
3346a6d3e4
|
Apply suggestions from code review
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
|
2023-01-06 18:21:06 +01:00 |
|
|
frack113
|
679d1ee0ed
|
Add more ext
|
2023-01-06 18:17:01 +01:00 |
|
|
Nasreddine Bencherchali
|
258aaed57b
|
Merge pull request #3879 from nasbench/nasbench-rule-devel
feat: updates and enhancements
|
2023-01-06 18:09:25 +01:00 |
|
|
Nasreddine Bencherchali
|
18a77e79e3
|
fix: multiple issues
|
2023-01-06 18:04:04 +01:00 |
|
|
Nasreddine Bencherchali
|
2e85903a59
|
fix: broken condition
|
2023-01-06 17:41:30 +01:00 |
|
|
Nasreddine Bencherchali
|
df2c86f941
|
fix: separate selection and add missing modified
|
2023-01-06 17:41:01 +01:00 |
|
|
Nasreddine Bencherchali
|
ea4b844c8e
|
fix: broken selections
|
2023-01-06 17:28:29 +01:00 |
|
|
frack113
|
4adbb3fbd2
|
Add proc_creation_win_double_ext_parent
|
2023-01-06 17:18:50 +01:00 |
|
|
Nasreddine Bencherchali
|
e56d3763b5
|
fix: unused selection
|
2023-01-06 17:16:20 +01:00 |
|
|
Nasreddine Bencherchali
|
7e73028c5e
|
feat: updates and enhancements
|
2023-01-06 16:35:34 +01:00 |
|
|
frack113
|
65eb06e231
|
Merge pull request #3876 from frack113/fix_fp_gfx
Update proc_creation_win_susp_file_download_via_gfxdownloadwrapper.yml
|
2023-01-06 13:48:31 +01:00 |
|
|
frack113
|
31530e50b7
|
Update FP
|
2023-01-06 13:28:57 +01:00 |
|
|
Nasreddine Bencherchali
|
d3a5a095d4
|
Merge pull request #3874 from veramine/patch-1
Update proc_creation_win_susp_3proxy_usage.yml
|
2023-01-05 23:15:37 +01:00 |
|
|
Nasreddine Bencherchali
|
fb1f72a634
|
fix: add missing modified field
|
2023-01-05 23:08:36 +01:00 |
|
|
Veramine
|
325d532239
|
Update proc_creation_win_susp_3proxy_usage.yml
Fix condition
|
2023-01-05 13:30:45 -08:00 |
|
|
frack113
|
39d4b577a1
|
Merge pull request #3872 from frack113/linux_order
order linux file
|
2023-01-05 10:18:53 +01:00 |
|
|
Nasreddine Bencherchali
|
03259bd927
|
Merge pull request #3873 from xFFninja/patch-1
fix Image field
|
2023-01-05 10:12:58 +01:00 |
|
|
frack113
|
379fa4f3df
|
Update modified
|
2023-01-05 09:11:49 +01:00 |
|
|
xFFninja
|
a499c7076d
|
fix Image field
On Linux git has no .exe extension
|
2023-01-05 09:47:11 +02:00 |
|
|
frack113
|
01e7adeb30
|
order linux file
|
2023-01-05 08:14:19 +01:00 |
|
|
frack113
|
0c4d6f1d71
|
Merge pull request #3870 from frack113/check_logsource
update logsource
|
2023-01-04 19:52:41 +01:00 |
|
|
frack113
|
ed1a91b53f
|
remove duplicate value
|
2023-01-04 19:42:16 +01:00 |
|
|
frack113
|
7d5fb8db30
|
update logsource
|
2023-01-04 19:36:37 +01:00 |
|
|
Nasreddine Bencherchali
|
be4d99d6dd
|
Merge pull request #3868 from nasbench/nasbench-rule-devel
feat: updates and enhancements
|
2023-01-04 19:29:12 +01:00 |
|
|
Nasreddine Bencherchali
|
2b65248130
|
Merge pull request #3869 from redsand/fp_tenable
FP: tenable nessus client calls cmd during scanning.
|
2023-01-04 19:17:30 +01:00 |
|
|
Nasreddine Bencherchali
|
679f3d015b
|
fix: remove unnecessary space
|
2023-01-04 19:11:33 +01:00 |
|
|
Nasreddine Bencherchali
|
4027d22960
|
Merge pull request #3867 from DCSO/rule-test-enhancements
Rule test enhancements
|
2023-01-04 19:09:43 +01:00 |
|
|
frack113
|
756a248032
|
update logsource
|
2023-01-04 18:52:24 +01:00 |
|
|
Nasreddine Bencherchali
|
46f01f2f88
|
fix: typo in unknown
|
2023-01-04 18:46:34 +01:00 |
|
|
Tim Shelton
|
903ebb1176
|
FP: tenable nessus client calls cmd during scanning.
|
2023-01-04 17:42:16 +00:00 |
|