 Florian Roth
|
a5c6bbe04d
|
Merge pull request #1946 from SigmaHQ/rule-devel
rule: ProxyToken CVE-2021-33766 Exchange
|
2021-08-30 17:39:37 +02:00 |
|
|
Florian Roth
|
af9392ba0f
|
refactor: add 500 status code in selection2
to avoid FPs with exploitation attempts
|
2021-08-30 16:12:42 +02:00 |
|
|
Florian Roth
|
4a4966af77
|
rule: ProxyToken CVE-2021-33766 Exchange
|
2021-08-30 15:47:53 +02:00 |
|
|
frack113
|
718b44c38a
|
fix List values must be strings or numbers (46)
|
2021-08-29 08:57:25 +02:00 |
|
|
frack113
|
061c093f3f
|
Merge pull request #1918 from d4rk-d4nph3/master
Added rule for Arcadyan Router Exploitations
|
2021-08-25 08:10:48 +02:00 |
|
|
Bhabesh Rai
|
df4180547e
|
Merged rules
|
2021-08-25 11:18:51 +05:45 |
|
|
Bhabesh Rai
|
a4d0e3453d
|
Fix for CVE tag
|
2021-08-25 10:24:15 +05:45 |
|
|
Bhabesh Rai
|
ce6141e318
|
Added rule for Arcadyan Router Exploitations
|
2021-08-24 21:11:46 +05:45 |
|
|
frack113
|
c2302a15da
|
fix cve tags
|
2021-08-24 10:10:45 +02:00 |
|
|
frack113
|
8f85ac0fde
|
tags update
|
2021-08-24 09:35:04 +02:00 |
|
|
SomeOne
|
295054dcbe
|
Replace old mitre techniques by new one
|
2021-08-22 13:57:56 +02:00 |
|
|
frack113
|
07a87aa7f8
|
Merge pull request #1858 from frack113/fix_pr718
Replace pr718
|
2021-08-21 18:02:30 +02:00 |
|
|
Florian Roth
|
700b8e440f
|
Merge pull request #1868 from d4rk-d4nph3/master
Added rule for zero day CVE-2021-22123 in Fortinet WAFs
|
2021-08-20 16:52:49 +02:00 |
|
|
Florian Roth
|
0c6db48ceb
|
Update web_fortinet_cve_2021_22123_exploit.yml
|
2021-08-19 08:27:15 +02:00 |
|
|
Austin Songer
|
c9128687ee
|
Spelling Errors on Rules
|
2021-08-18 18:58:20 +00:00 |
|
|
Bhabesh Rai
|
8d9f2e059a
|
Added rule for zero day CVE-2021-22123 in Fortinet WAFs
|
2021-08-18 17:28:57 +05:45 |
|
|
Florian Roth
|
a2e45353aa
|
Merge pull request #1825 from frack113/iis_ProxyLogon
rule: ProxyLogon web_cve_2021_26858_iis_rce.yml
|
2021-08-18 09:54:15 +02:00 |
|
|
frack113
|
e098fc73cb
|
add keywords condition
|
2021-08-17 06:24:04 +02:00 |
|
|
frack113
|
c3457c9911
|
fix titles
|
2021-08-15 19:05:00 +02:00 |
|
|
frack113
|
245cb6d510
|
fix more errors
|
2021-08-15 18:55:44 +02:00 |
|
|
frack113
|
a75859a976
|
First commit
|
2021-08-15 16:00:14 +02:00 |
|
|
frack113
|
abcaf00aee
|
Merge pull request #1818 from frack113/split_1802_net
Correct lists with only 1 value
|
2021-08-13 10:17:24 +02:00 |
|
|
Florian Roth
|
852d7a8b22
|
fix: typo in description
|
2021-08-12 10:11:17 +02:00 |
|
|
frack113
|
32fc191163
|
fix cs-uri-query and cs-uri-stem
|
2021-08-11 15:09:53 +02:00 |
|
|
frack113
|
ff5c9116a4
|
Update to w3c-logging
|
2021-08-11 11:28:04 +02:00 |
|
|
frack113
|
50ccd87904
|
fix title
|
2021-08-10 13:16:45 +02:00 |
|
|
frack113
|
1437b1943a
|
add web_cve_2021_26858_iis_rce.yml
|
2021-08-10 13:09:43 +02:00 |
|
|
Florian Roth
|
a9ad4eda4a
|
rules: ProxyShell refactoring and new rule
|
2021-08-09 17:57:34 +02:00 |
|
|
frack113
|
fc64b8b937
|
Split PR 1802 fix net rules
|
2021-08-09 17:23:15 +02:00 |
|
|
Florian Roth
|
af1e43f3c1
|
more generic
|
2021-08-08 23:05:56 +02:00 |
|
|
Florian Roth
|
a80f9f280c
|
refactor: feedback from Rich Warren
|
2021-08-08 23:05:23 +02:00 |
|
|
Florian Roth
|
5443298092
|
rule: ProxyShell improved
|
2021-08-08 18:52:49 +02:00 |
|
|
Florian Roth
|
0a8904a61e
|
fix: issues with new rule
|
2021-08-07 10:10:12 +02:00 |
|
|
Florian Roth
|
1ac49a2055
|
rule: ProxyShell patterns
|
2021-08-07 09:22:24 +02:00 |
|
|
G Y
|
544ec5861b
|
Update web_nginx_core_dump.yml
Fixed typo in description field.
|
2021-07-03 10:39:37 +08:00 |
|
|
Florian Roth
|
f438039af9
|
Update web_cve_2021_22893_pulse_secure_rce_exploit.yml
|
2021-07-01 09:49:01 +02:00 |
|
|
Bhabesh Rai
|
206adbb2b6
|
Merging upstream updates
|
2021-07-01 12:18:30 +05:45 |
|
|
Sittikorn S
|
c9ce298b2e
|
Update web_cve_2021_22893_pulse_secure_rce_exploit.yml
remove http response
|
2021-06-29 17:49:01 +07:00 |
|
|
Sittikorn S
|
14d1c68cc8
|
Update web_cve_2021_22893_pulse_secure_rce_exploit.yml
|
2021-06-29 15:19:22 +07:00 |
|
|
Sittikorn S
|
67f483e6a9
|
Update web_cve_2021_22893_pulse_secure_rce_exploit.yml
|
2021-06-29 14:17:27 +07:00 |
|
|
Sittikorn S
|
c446c519cf
|
Update web_cve_2021_22893_pulse_secure_rce_exploit.yml
|
2021-06-29 13:59:08 +07:00 |
|
|
Sittikorn S
|
f3c1d78615
|
Create web_cve_2021_22893_pulse_secure_rce_exploit.yml
|
2021-06-29 13:56:30 +07:00 |
|
|
Florian Roth
|
ab73dd4dd6
|
rule: nginx core dump
|
2021-05-31 10:49:42 +02:00 |
|
|
Florian Roth
|
02323043d7
|
Create web_cve_2021_26814_wzuh_rce.yml
|
2021-05-22 15:45:38 +02:00 |
|
|
Florian Roth
|
3cf1be9e8d
|
rule: exchange vulnerability CVE-2021-28480
|
2021-05-14 10:08:41 +02:00 |
|
|
Josh Brower
|
af09dd8e3c
|
Clean up: Webshell ReGeorg Detection
|
2021-04-05 13:01:10 -04:00 |
|
|
Florian Roth
|
428db0c74a
|
Merge pull request #1382 from d4rk-d4nph3/master
Added rule for CVE-2021-21978 in VMware View Planner
|
2021-03-29 11:22:56 +02:00 |
|
|
Bhabesh Rai
|
a58c5ed7cc
|
Added rule for CVE-2021-21978 in VMware View Planner
|
2021-03-10 18:05:15 +05:45 |
|
|
Florian Roth
|
dca5c870d7
|
Merge pull request #1374 from hieuttmmo/master
Detect HAFNIUM operations
|
2021-03-09 09:16:52 +01:00 |
|
|
Florian Roth
|
62b65a3578
|
Merge pull request #1375 from SigmaHQ/rule-devel
fix: description
|
2021-03-04 17:35:53 +01:00 |
|