sigma-rules

security-tools/sigma-rules

Fork 0

Commit Graph

Author	SHA1	Message	Date
Ruben Groenewoud	c349c8eca7	[New Rules] Kernel Discovery & BPF Load/Tampering via bpftool (#5743 ) * [New Rules] BPF Load & Tampering via bpftool * Update persistence_bpf_program_or_map_load.toml * [New Rule] Kernel Instrumentation Discovery via kprobes and tracefs * Update defense_evasion_bpf_program_tampering.toml * Update persistence_bpf_program_or_map_load.toml * Enhance note with investigation and response details Added detailed investigation guide and response steps for kernel instrumentation discovery via kprobes and tracefs.	2026-02-23 16:33:17 +01:00

Author

SHA1

Message

Date

Ruben Groenewoud

c349c8eca7

[New Rules] Kernel Discovery & BPF Load/Tampering via bpftool (#5743 )

* [New Rules] BPF Load & Tampering via bpftool

* Update persistence_bpf_program_or_map_load.toml

* [New Rule] Kernel Instrumentation Discovery via kprobes and tracefs

* Update defense_evasion_bpf_program_tampering.toml

* Update persistence_bpf_program_or_map_load.toml

* Enhance note with investigation and response details

Added detailed investigation guide and response steps for kernel instrumentation discovery via kprobes and tracefs.

2026-02-23 16:33:17 +01:00

1 Commits