security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,633 Commits 1 Branch 0 Tags
main
Commit Graph

2 Commits

Author SHA1 Message Date
Mika Ayenson, PhD 8993d1450b [Rule Tuning] Add Supplemental Mitre Mappings (#5876) 
---------

Co-authored-by: Ruben Groenewoud <78494512+Aegrah@users.noreply.github.com>
Co-authored-by: Isai <59296946+imays11@users.noreply.github.com>
Co-authored-by: terrancedejesus <terrance.dejesus@elastic.co>
Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>
Co-authored-by: eric-forte-elastic <eric.forte@elastic.co>
 2026-04-01 09:12:42 -05:00
Ruben Groenewoud c349c8eca7 [New Rules] Kernel Discovery & BPF Load/Tampering via bpftool (#5743) 
* [New Rules] BPF Load & Tampering via bpftool

* Update persistence_bpf_program_or_map_load.toml

* [New Rule] Kernel Instrumentation Discovery via kprobes and tracefs

* Update defense_evasion_bpf_program_tampering.toml

* Update persistence_bpf_program_or_map_load.toml

* Enhance note with investigation and response details

Added detailed investigation guide and response steps for kernel instrumentation discovery via kprobes and tracefs.
 2026-02-23 16:33:17 +01:00