 Mohamed Ashraf
|
4c3296ce7a
|
feat: new rule related to possible iviewers.dll sideloading (#4131)
|
2023-03-22 17:54:02 +01:00 |
|
|
Nasreddine Bencherchali
|
83bcab5fd6
|
chore: increase level of some sideloading rules
|
2023-03-15 01:10:52 +01:00 |
|
|
Mohamed Ashraf
|
7d3b540de3
|
Update rules/windows/image_load/image_load_side_load_wazuh.yml
update description
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
|
2023-03-14 09:59:53 +02:00 |
|
|
Nasreddine Bencherchali
|
77a825beea
|
fix: improve metadata
|
2023-03-13 23:37:37 +01:00 |
|
|
Nasreddine Bencherchali
|
072dc5e982
|
fix: fp
|
2023-03-13 14:14:58 +01:00 |
|
|
Mohamed Ashraf (X__Junior)
|
1a4ad4c67c
|
new rules related to possible dll sideloading
|
2023-03-13 14:47:52 +02:00 |
|
|
Florian Roth
|
96347ade8b
|
Merge pull request #4099 from nasbench/nasbench-rule-devel
feat: update and fixes
|
2023-03-13 11:18:19 +01:00 |
|
|
frack113
|
61a6ca59b0
|
feat: new rule amsi.dll load by uncommon process (#4102)
|
2023-03-12 23:58:51 +01:00 |
|
|
Nasreddine Bencherchali
|
f23780de6f
|
feat: update and fixes
|
2023-03-09 22:10:42 +01:00 |
|
|
Nasreddine Bencherchali
|
137dcbcc50
|
feat: more updates and fixes
|
2023-02-28 15:22:25 +01:00 |
|
|
Nasreddine Bencherchali
|
587fbbce58
|
chore: update pipe-notation rules to unsupported
|
2023-02-24 19:54:14 +01:00 |
|
|
Nasreddine Bencherchali
|
af84545616
|
fix: fp found in baseline
|
2023-02-23 13:39:17 +01:00 |
|
|
Nasreddine Bencherchali
|
078e3ab500
|
feat: updates and fixes
|
2023-02-23 12:49:44 +01:00 |
|
|
Nasreddine Bencherchali
|
f0afc4cce6
|
fix: apply suggestions from code review
Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
|
2023-02-20 12:06:37 +01:00 |
|
|
Nasreddine Bencherchali
|
1d4a6dee3d
|
fix: more fp
|
2023-02-17 23:23:31 +01:00 |
|
|
Nasreddine Bencherchali
|
6a0b38291f
|
fix: fp found in baseline
|
2023-02-17 23:16:42 +01:00 |
|
|
Nasreddine Bencherchali
|
1dba328ddc
|
fix: add missing modified
|
2023-02-17 22:52:09 +01:00 |
|
|
Nasreddine Bencherchali
|
68c052aab7
|
feat: updates and fixes
|
2023-02-17 17:51:44 +01:00 |
|
|
Nasreddine Bencherchali
|
2ef681291a
|
feat: more rules updates
|
2023-02-14 19:30:18 +01:00 |
|
|
Nasreddine Bencherchali
|
82cde0e10c
|
feat: update rules related to onenote and more
|
2023-02-10 00:40:16 +01:00 |
|
|
Nasreddine Bencherchali
|
4d1bd7663b
|
fix: update duplicate title
|
2023-02-08 19:16:53 +01:00 |
|
|
Nasreddine Bencherchali
|
0717634671
|
feat: updates and enhancements
|
2023-02-08 19:12:35 +01:00 |
|
|
Nasreddine Bencherchali
|
a19a75b0b0
|
fix: resolves #4015
|
2023-02-07 14:33:56 +01:00 |
|
|
Wagga
|
273fdb9985
|
fix: typos in multiple rules (#4011)
|
2023-02-06 13:53:23 +01:00 |
|
|
Nasreddine Bencherchali
|
68f0833cbc
|
feat: more fixes and updates
|
2023-02-05 21:46:22 +01:00 |
|
|
Nasreddine Bencherchali
|
31a5c08480
|
fix: reduce author set
|
2023-02-01 14:34:46 +01:00 |
|
|
Nasreddine Bencherchali
|
7c38a5c496
|
chore: add nextron authors tag
|
2023-02-01 11:14:59 +01:00 |
|
|
Nasreddine Bencherchali
|
92a23276cf
|
Merge pull request #3972 from frack113/hijacklibs
feat: add additional new dlls for abuse from hijacklibs
|
2023-01-30 10:49:11 +01:00 |
|
|
Nasreddine Bencherchali
|
cb1ea104b6
|
fix: remove unnecessary space
|
2023-01-30 10:42:48 +01:00 |
|
|
Nasreddine Bencherchali
|
8bcedc7c52
|
fix: update title and description
|
2023-01-30 10:41:27 +01:00 |
|
|
Qasim Qlf
|
a39896f66a
|
fix: condition
|
2023-01-30 14:27:59 +05:00 |
|
|
frack113
|
072d6bda9b
|
Add more dll
|
2023-01-29 16:50:06 +01:00 |
|
|
frack113
|
5087b95155
|
Merge remote-tracking branch 'upstream/master' into pormotion_status
|
2023-01-27 11:29:27 +01:00 |
|
|
frack113
|
1033b3f404
|
change status to test
|
2023-01-27 06:48:34 +01:00 |
|
|
Nasreddine Bencherchali
|
58912f5eda
|
Merge branch 'nasbench-rule-devel' of https://github.com/nasbench/sigma into nasbench-rule-devel
|
2023-01-26 23:01:51 +01:00 |
|
|
Nasreddine Bencherchali
|
c538550b03
|
feat: updates and fixes
|
2023-01-26 22:42:56 +01:00 |
|
|
frack113
|
cb67871bd2
|
Revert "Change status of old rules"
|
2023-01-26 19:37:18 +01:00 |
|
|
frack113
|
5323fd4baa
|
Change status of old rules
|
2023-01-25 18:41:18 +01:00 |
|
|
Nasreddine Bencherchali
|
1c2b6f40a6
|
feat: updates and new rules
|
2023-01-22 23:31:02 +01:00 |
|
|
Nasreddine Bencherchali
|
ef0c3d35c4
|
fix: filter fp found in testing
|
2023-01-20 11:39:08 +01:00 |
|
|
frack113
|
c3fabfe2a8
|
Update image_load_side_load_non_existent_dlls.yml
|
2023-01-10 10:41:48 +01:00 |
|
|
Nasreddine Bencherchali
|
81f75c1d2e
|
feat: updates and enhancements
|
2023-01-10 00:13:37 +01:00 |
|
|
Nasreddine Bencherchali
|
18a77e79e3
|
fix: multiple issues
|
2023-01-06 18:04:04 +01:00 |
|
|
Nasreddine Bencherchali
|
7e73028c5e
|
feat: updates and enhancements
|
2023-01-06 16:35:34 +01:00 |
|
|
frack113
|
0aad498425
|
Last lolbin (#3845)
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
|
2022-12-31 19:53:44 +01:00 |
|
|
frack113
|
7060db3d47
|
Promotion rules (#3821)
* Promotion rules
* fix missing null
* fix: modified date
Co-authored-by: Nasreddine Bencherchali <8741929+nasbench@users.noreply.github.com>
|
2022-12-27 12:29:10 +01:00 |
|
|
Nasreddine Bencherchali
|
05bdb9af74
|
fix: rename files to fit logic
|
2022-12-19 19:28:23 +01:00 |
|
|
Nasreddine Bencherchali
|
ff94bfee2b
|
fix: update description to fit logic
|
2022-12-19 19:23:11 +01:00 |
|
|
Nasreddine Bencherchali
|
c374413664
|
fix: change to permalink
|
2022-12-19 18:15:57 +01:00 |
|
|
Nasreddine Bencherchali
|
060174e2dd
|
fix: small fixes
- Added modified date
- Updated DLL sideload version
|
2022-12-19 18:14:01 +01:00 |
|