security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,633 Commits 1 Branch 0 Tags
main
Commit Graph

3 Commits

Author SHA1 Message Date
Mika Ayenson, PhD 8993d1450b [Rule Tuning] Add Supplemental Mitre Mappings (#5876) 
---------

Co-authored-by: Ruben Groenewoud <78494512+Aegrah@users.noreply.github.com>
Co-authored-by: Isai <59296946+imays11@users.noreply.github.com>
Co-authored-by: terrancedejesus <terrance.dejesus@elastic.co>
Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>
Co-authored-by: eric-forte-elastic <eric.forte@elastic.co>
 2026-04-01 09:12:42 -05:00
shashank-elastic 07ccecb94b Add investigation guide for database dumping activity (#5871) 2026-03-23 22:22:52 +05:30
Ruben Groenewoud a4b614c681 [New/Tuning] New DB Dump Rule & Tuning wget/curl DRs (#5832) 
* [Rule Tuning] Tuning wget/curl DRs

* [New Rule] Potential Database Dumping Activity

* Update exfiltration_potential_curl_data_exfiltration.toml

* Expand URL patterns in curl data exfiltration rule

* Update rules/linux/exfiltration_potential_wget_data_exfiltration.toml

Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>

* Simplify process name conditions for database dumping

---------

Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>
 2026-03-19 13:57:34 +01:00