security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,512 Commits 1 Branch 0 Tags
71186c8788b3f85dba122647e8992dcafe29c7e3
Commit Graph

2 Commits

Author SHA1 Message Date
Ruben Groenewoud 71186c8788 [Rule Tuning] Potential Persistence Through Run Control Detected (#2857) 
* [Rule Tuning] changed rule type to new_terms

* Updated min stack comment

* Update persistence_rc_script_creation.toml

* Changed description, removed file.path from new_terms field because it is not necessary

* added host.id to new terms field and bumped up min stack
 2023-06-22 13:39:36 +02:00
Ruben Groenewoud f52a744259 [New Rule] RC Script Creation (#2607) 
* [New Rule] RC Script Creation

* fixed unit testing error

* Update rules/linux/persistence_rc_script_creation.toml

* Update rules/linux/persistence_rc_script_creation.toml

* Update rules/linux/persistence_rc_script_creation.toml

Co-authored-by: Justin Ibarra <16747370+brokensound77@users.noreply.github.com>

* added host.os.type==linux

---------

Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com>
Co-authored-by: Justin Ibarra <16747370+brokensound77@users.noreply.github.com>
Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>
 2023-03-14 15:03:41 -04:00