sigma-rules

Author SHA1 Message Date

Author	SHA1	Message	Date
Ruben Groenewoud	11168606d5	[Tuning] event.action and event.type change (#3495 ) Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com> (cherry picked from commit `9f8638a004`)	2024-03-13 09:16:45 +00:00
Jonhnathan	9101dfc064	[Security Content] Small tweaks on the setup guides (#3308 ) * [Security Content] Small tweaks on the setup guides * Additional Fixes * Avoid touching deprecated rules (cherry picked from commit `458e67918a`)	2024-03-11 12:15:22 +00:00
Ruben Groenewoud	27b01ac788	[New Rule] Executable Masquerading as Kernel Process (#3421 ) * [New Rule] Executable Masquerading as Kernel Proc * Bumped dates * Added endgame support * Added auditd_manager support * Removed auditd_manager support for now (cherry picked from commit `90d64f0714`)	2024-02-06 09:54:53 +00:00

Ruben Groenewoud

11168606d5

[Tuning] event.action and event.type change (#3495 )

Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>

(cherry picked from commit 9f8638a004)

2024-03-13 09:16:45 +00:00

Jonhnathan

9101dfc064

[Security Content] Small tweaks on the setup guides (#3308 )

* [Security Content] Small tweaks on the setup guides

* Additional Fixes

* Avoid touching deprecated rules

(cherry picked from commit 458e67918a)

2024-03-11 12:15:22 +00:00

Ruben Groenewoud

27b01ac788

[New Rule] Executable Masquerading as Kernel Process (#3421 )

* [New Rule] Executable Masquerading as Kernel Proc

* Bumped dates

* Added endgame support

* Added auditd_manager support

* Removed auditd_manager support for now

(cherry picked from commit 90d64f0714)

2024-02-06 09:54:53 +00:00

3 Commits