sigma-rules

security-tools/sigma-rules

Fork 0

Commit Graph

Author	SHA1	Message	Date
Ruben Groenewoud	7d64dc2a87	[Rule tunings / New Rule] Kernel Unload and Enumeration (#2838 ) * [Rule Tunings] Kernel Module Enumeration / Removal * [Rule Tunings] Kernel Module Enumeration and Removal * Deleted copy of wrong file * EQL Conversion and made the rule more resilient * Converted rules to EQL and made rules more resilient * Removed unwanted rule from PR * fixed unit tests * fixed unit testing, removed endgame support * Added a rule to detect kernel module enum via proc * Did some additional tuning, 0 hits in RedSector now	2023-06-22 10:11:52 +02:00

Author

SHA1

Message

Date

Ruben Groenewoud

7d64dc2a87

[Rule tunings / New Rule] Kernel Unload and Enumeration (#2838 )

* [Rule Tunings] Kernel Module Enumeration / Removal

* [Rule Tunings] Kernel Module Enumeration and Removal

* Deleted copy of wrong file

* EQL Conversion and made the rule more resilient

* Converted rules to EQL and made rules more resilient

* Removed unwanted rule from PR

* fixed unit tests

* fixed unit testing, removed endgame support

* Added a rule to detect kernel module enum via proc

* Did some additional tuning, 0 hits in RedSector now

2023-06-22 10:11:52 +02:00

1 Commits