sigma-rules

security-tools/sigma-rules

Fork 0

Commit Graph

Author	SHA1	Message	Date
Ruben Groenewoud	80ee91b0f2	[Rule Tuning] Linux DR Tuning - 11 (#5511 ) * [Rule Tuning] Linux DR Tuning - 11 * Update privilege_escalation_potential_suid_sgid_exploitation.toml * Update rules/linux/privilege_escalation_suspicious_uid_guid_elevation.toml * Update privilege_escalation_docker_escape_via_nsenter.toml --------- Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com>	2026-01-07 16:31:13 +01:00
shashank-elastic	e938ecf41a	Refresh Manifest and Schemas November Update (#5298 )	2025-11-11 18:04:20 +05:30
Ruben Groenewoud	bb38e2558a	[New Rule] Privilege Escalation via SUID/SGID Proxy Execution (#5266 ) * [New Rule] Privilege Escalation via SUID/SGID Proxy Execution * Update privilege_escalation_potential_suid_sgid_proxy_execution.toml * Update rules/linux/privilege_escalation_potential_suid_sgid_proxy_execution.toml	2025-11-10 11:41:38 +01:00

Author

SHA1

Message

Date

Ruben Groenewoud

80ee91b0f2

[Rule Tuning] Linux DR Tuning - 11 (#5511 )

* [Rule Tuning] Linux DR Tuning - 11

* Update privilege_escalation_potential_suid_sgid_exploitation.toml

* Update rules/linux/privilege_escalation_suspicious_uid_guid_elevation.toml

* Update privilege_escalation_docker_escape_via_nsenter.toml

---------

Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com>

2026-01-07 16:31:13 +01:00

shashank-elastic

e938ecf41a

Refresh Manifest and Schemas November Update (#5298 )

2025-11-11 18:04:20 +05:30

Ruben Groenewoud

bb38e2558a

[New Rule] Privilege Escalation via SUID/SGID Proxy Execution (#5266 )

* [New Rule] Privilege Escalation via SUID/SGID Proxy Execution

* Update privilege_escalation_potential_suid_sgid_proxy_execution.toml

* Update rules/linux/privilege_escalation_potential_suid_sgid_proxy_execution.toml

2025-11-10 11:41:38 +01:00

3 Commits