frack113 00f3055035 split global net_susp_network_scan.yml

2021-09-21 19:47:28 +02:00

..

cisco/aaa

Second round

2020-09-15 07:02:30 -06:00

zeek

Zeek detection for OMIGOD HTTP RCE

2021-09-20 12:26:01 -04:00

net_apt_equationgroup_c2.yml

Second round

2020-09-15 07:02:30 -06:00

net_dns_c2_detection.yml

Second round

2020-09-15 07:02:30 -06:00

net_high_dns_bytes_out.yml

Update global ID

2021-09-02 20:07:03 +02:00

net_high_dns_requests_rate.yml

Update global ID

2021-09-02 20:07:03 +02:00

net_high_null_records_requests_rate.yml

Second round

2020-09-15 07:02:30 -06:00

net_high_txt_records_requests_rate.yml

Second round

2020-09-15 07:02:30 -06:00

net_mal_dns_cobaltstrike.yml

refactor: change level

2021-03-24 12:38:00 +01:00

net_susp_dns_b64_queries.yml

Split PR 1802 fix net rules

2021-08-09 17:23:15 +02:00

net_susp_dns_txt_exec_strings.yml

Update net_susp_dns_txt_exec_strings.yml

2020-10-15 23:11:16 -03:00

net_susp_ipify.yml

Update net_susp_ipify.yml

2021-09-11 08:31:24 +02:00

net_susp_network_scan_by_ip.yml

split global net_susp_network_scan.yml

2021-09-21 19:47:28 +02:00

net_susp_network_scan_by_port.yml

split global net_susp_network_scan.yml

2021-09-21 19:47:28 +02:00

net_susp_telegram_api.yml

Split PR 1802 fix net rules

2021-08-09 17:23:15 +02:00

net_wannacry_killswitch_domain.yml

fix: duplicate ID

2020-12-13 18:59:04 +01:00