 Florian Roth
|
2c48d2b0bb
|
fix: missing global action and sections
|
2021-02-01 20:00:06 +01:00 |
|
|
Bhabesh Rai
|
63e2f4bbce
|
Added rule for Sudo CVE-2021-3156 Exploitation Attempt
|
2021-02-01 23:08:45 +05:45 |
|
|
Florian Roth
|
d3ee1aba66
|
docs: MITRE ATT&CK(R) trademark references removed or adjusted
https://github.com/Neo23x0/sigma/issues/1028
|
2020-09-30 08:53:52 +02:00 |
|
|
Mike Wade
|
8ce73bd8df
|
Fixed issues with tags and missing files
|
2020-09-15 06:10:57 -06:00 |
|
|
Mike Wade
|
52ab677798
|
Fixed my git issue
|
2020-09-13 22:03:04 -06:00 |
|
|
Florian Roth
|
de5444a81e
|
Merge pull request #989 from oscd-initiative/master
[OSCD Initiative][ATT&CK tags update]
|
2020-09-08 13:27:58 +02:00 |
|
|
Florian Roth
|
af3b93a522
|
Merge pull request #914 from omergunal/ogunal-2
New rules for Linux
|
2020-09-07 09:41:43 +02:00 |
|
|
Timur Zinniatullin
|
8dba6ceee6
|
2nd review
|
2020-08-25 09:31:38 +03:00 |
|
|
Timur Zinniatullin
|
1244cacfbf
|
Update lnx_auditd_create_account.yml
|
2020-08-25 09:20:27 +03:00 |
|
|
Timur Zinniatullin
|
72fdf0da45
|
Update lnx_auditd_susp_cmds.yml
|
2020-08-04 20:00:30 +03:00 |
|
|
Timur Zinniatullin
|
4e688233d7
|
ATT&CK mapping update suggestions for \linux\
|
2020-08-04 19:48:18 +03:00 |
|
|
Florian Roth
|
1c63a93643
|
fix: wrong casing in tag
|
2020-07-13 16:20:51 +02:00 |
|
|
viniciusvec
|
26f0d49772
|
Update lnx_shell_clear_cmd_history.yml
Renamed tags to match production MITRE: https://attack.mitre.org/techniques/T1070/003/
|
2020-07-13 14:06:14 +01:00 |
|
|
Ömer Günal
|
bee467dbd6
|
Rename lnx_setgid_setuid to lnx_setgid_setuid.yml
|
2020-07-13 01:36:20 +03:00 |
|
|
Ömer Günal
|
bf8f0307b7
|
Rename lnx_space_after_filename_ to lnx_space_after_filename_.yml
|
2020-07-13 01:33:59 +03:00 |
|
|
Ömer Günal
|
4b74a0df76
|
Create lnx_space_after_filename_
|
2020-07-13 01:33:39 +03:00 |
|
|
Ömer Günal
|
c749aa2539
|
Create lnx_setgid_setuid
|
2020-07-13 01:33:09 +03:00 |
|
|
Ömer Günal
|
6b24a5df65
|
Create lnx_security_tools_disabling.yml
|
2020-07-13 01:32:24 +03:00 |
|
|
Ömer Günal
|
bdeca13825
|
Create lnx_proxy_connection.yml
|
2020-07-13 01:31:05 +03:00 |
|
|
Ömer Günal
|
708a28e307
|
Delete lnx_space_after_filename.yml
|
2020-07-13 01:26:37 +03:00 |
|
|
Ömer Günal
|
af6ad5a41b
|
Delete lnx_setuid_setgid.yml
|
2020-07-13 01:26:29 +03:00 |
|
|
Ömer Günal
|
64a9b6e098
|
Delete lnx_disabling_security_tools.yml
|
2020-07-13 01:26:11 +03:00 |
|
|
Ömer Günal
|
7466c8d425
|
Delete lnx_connection_proxy.yml
|
2020-07-13 01:26:03 +03:00 |
|
|
Ömer Günal
|
7ce16d1bbc
|
Update lnx_space_after_filename.yml
|
2020-07-13 01:07:32 +03:00 |
|
|
Ömer Günal
|
47a2f1bc94
|
Update lnx_space_after_filename.yml
|
2020-07-03 18:56:51 +03:00 |
|
|
Ömer Günal
|
51363d8a87
|
Update lnx_setuid_setgid.yml
|
2020-07-03 18:56:40 +03:00 |
|
|
Ömer Günal
|
87346d4b94
|
Update lnx_disabling_security_tools.yml
|
2020-07-03 18:56:30 +03:00 |
|
|
Ömer Günal
|
64afd6e7ee
|
Update lnx_connection_proxy.yml
|
2020-07-03 18:56:19 +03:00 |
|
|
Florian Roth
|
26d8810efb
|
Merge pull request #882 from Neo23x0/rule-devel
Rule devel
|
2020-07-03 15:33:55 +02:00 |
|
|
Florian Roth
|
8a0262d1a2
|
fix: in linux keyword expression
|
2020-07-03 15:08:20 +02:00 |
|
|
Florian Roth
|
5dd5b87f43
|
rule: guacamole exploitation detection
|
2020-07-03 13:20:03 +02:00 |
|
|
Florian Roth
|
fa452bf3e5
|
Merge pull request #849 from omergunal/ogunal-1
Rules for detecting suspicious remote file copy
|
2020-07-03 11:59:45 +02:00 |
|
|
Florian Roth
|
b9966a173c
|
Update lnx_file_copy.yml
|
2020-07-03 11:32:49 +02:00 |
|
|
Ömer Günal
|
4eb97ec43d
|
Update lnx_file_copy.yml
|
2020-06-22 21:35:50 +03:00 |
|
|
Ömer Günal
|
d17e0ae6eb
|
typo
|
2020-06-20 23:04:52 +03:00 |
|
|
Ömer Günal
|
93719d8a01
|
Merge pull request #1 from omergunal/omergunal-patch-1
Remote file copy
|
2020-06-18 23:56:29 +03:00 |
|
|
Ömer Günal
|
40a07a2d4f
|
Delete lnx_sudo_enumeration.yml
|
2020-06-18 23:55:24 +03:00 |
|
|
Ömer Günal
|
d87b0c95a4
|
Delete lnx_trap.yml
|
2020-06-18 23:55:16 +03:00 |
|
|
Ömer Günal
|
8db7c3207a
|
Delete lnx_sudo_caching.yml
|
2020-06-18 23:54:43 +03:00 |
|
|
Ömer Günal
|
5bc72b6cba
|
Delete lnx_space_after_filename.yml
|
2020-06-18 23:54:28 +03:00 |
|
|
Ömer Günal
|
f10440b9fa
|
Delete lnx_setuid_setgid.yml
|
2020-06-18 23:54:20 +03:00 |
|
|
Ömer Günal
|
6c8d104e7d
|
Delete lnx_disabling_security_tools.yml
|
2020-06-18 23:54:06 +03:00 |
|
|
Ömer Günal
|
84c4683607
|
Delete lnx_connection_proxy.yml
|
2020-06-18 23:53:43 +03:00 |
|
|
Ömer Günal
|
c6c455a3ec
|
Remote file copy
|
2020-06-18 23:37:49 +03:00 |
|
|
Ömer Günal
|
9bfc3d6807
|
Delete lnx_file_copy.yml
|
2020-06-18 23:37:12 +03:00 |
|
|
Ömer Günal
|
a963630db8
|
Remote File Copy
|
2020-06-18 23:36:29 +03:00 |
|
|
Ömer Günal
|
3a607abe33
|
Update lnx_trap.yml
|
2020-06-17 19:51:53 +03:00 |
|
|
Ömer Günal
|
7b86f4aefb
|
Update lnx_trap.yml
|
2020-06-17 19:47:31 +03:00 |
|
|
Ömer Günal
|
ebbd32d2e1
|
file extension
|
2020-06-17 19:43:57 +03:00 |
|
|
Ömer Günal
|
f989f7e155
|
file extension
|
2020-06-17 19:43:49 +03:00 |
|