sigma-rules

Author SHA1 Message Date

Author	SHA1	Message	Date
Jonhnathan	063386829c	[Security Content] Include "Data Source: Elastic Defend" tag (#3002 ) * win folder * Other folders * Update test_all_rules.py * . * updated missing elastic defend tags --------- Co-authored-by: terrancedejesus <terrance.dejesus@elastic.co> (cherry picked from commit `4233fef238`)	2023-09-05 18:28:40 +00:00
Ruben Groenewoud	207d94e51c	[New Rule] Potential Sudo Token Manipulation via Process Injection (#2984 ) * [New Rule] Sudo Token Access via Process Injection * [New Rule] Sudo Token Manipulation via Proc Inject * Update rules/linux/privilege_escalation_sudo_token_via_process_injection.toml * Update privilege_escalation_sudo_token_via_process_injection.toml --------- Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com>	2023-08-03 15:58:25 +02:00

Jonhnathan

063386829c

[Security Content] Include "Data Source: Elastic Defend" tag (#3002 )

* win folder

* Other folders

* Update test_all_rules.py

* .

* updated missing elastic defend tags

---------

Co-authored-by: terrancedejesus <terrance.dejesus@elastic.co>

(cherry picked from commit 4233fef238)

2023-09-05 18:28:40 +00:00

Ruben Groenewoud

207d94e51c

[New Rule] Potential Sudo Token Manipulation via Process Injection (#2984 )

* [New Rule] Sudo Token Access via Process Injection

* [New Rule] Sudo Token Manipulation via Proc Inject

* Update rules/linux/privilege_escalation_sudo_token_via_process_injection.toml

* Update privilege_escalation_sudo_token_via_process_injection.toml

---------

Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com>

2023-08-03 15:58:25 +02:00

2 Commits