sigma-rules

security-tools/sigma-rules

Fork 0

Commit Graph

Author	SHA1	Message	Date
Ruben Groenewoud	f14a527055	[New Rule] Web Server Potential SQL Injection Request (#5342 ) * [New Rule] Web Server Potential SQL Injection Request * ++ * Update persistence_web_server_potential_sql_injection.toml * Convert to BBR * Update persistence_web_server_potential_sql_injection.toml * Update persistence_web_server_potential_sql_injection.toml * adding missing tags * Add right tag * Add network_traffic manifest and schema * Refine SQL injection rule and log sources Removed network traffic log sources and adjusted query conditions for SQL injection detection. * Get latest schemas/mappings --------- Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com> Co-authored-by: terrancedejesus <terrance.dejesus@elastic.co> Co-authored-by: Shashank K S <Shashank.Suryanarayana@elastic.co> Co-authored-by: shashank-elastic <91139415+shashank-elastic@users.noreply.github.com>	2025-12-02 10:46:48 +01:00

Author

SHA1

Message

Date

Ruben Groenewoud

f14a527055

[New Rule] Web Server Potential SQL Injection Request (#5342 )

* [New Rule] Web Server Potential SQL Injection Request

* ++

* Update persistence_web_server_potential_sql_injection.toml

* Convert to BBR

* Update persistence_web_server_potential_sql_injection.toml

* Update persistence_web_server_potential_sql_injection.toml

* adding missing tags

* Add right tag

* Add network_traffic manifest and schema

* Refine SQL injection rule and log sources

Removed network traffic log sources and adjusted query conditions for SQL injection detection.

* Get latest schemas/mappings

---------

Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>
Co-authored-by: terrancedejesus <terrance.dejesus@elastic.co>
Co-authored-by: Shashank K S <Shashank.Suryanarayana@elastic.co>
Co-authored-by: shashank-elastic <91139415+shashank-elastic@users.noreply.github.com>

2025-12-02 10:46:48 +01:00

1 Commits