 Ruben Groenewoud
|
0a6ad4adc3
|
[Security Content] Add Investigation Guides to Linux Persistence Rules - 2 (#3350)
* [Security Content] Add IGs to Persistence - 2
* [Security Content] Add IGs to Persistence - 2
* fixes
* fix
* added ig note
(cherry picked from commit 26747aa8a4)
|
2024-01-20 18:41:48 +00:00 |
|
|
Ruben Groenewoud
|
6c28ba53ad
|
[Tuning] Small Linux DR Tuning (#3287)
(cherry picked from commit 38862b89e9)
|
2023-12-07 11:50:11 +00:00 |
|
|
shashank-elastic
|
8fee26a296
|
Enhance Setup Guide information (#3256)
(cherry picked from commit d52546eee5)
|
2023-11-03 13:42:18 +00:00 |
|
|
shashank-elastic
|
c13ba83a91
|
Setup information for Linux Rules - Set8 (#3200)
(cherry picked from commit 5c5d1b214b)
|
2023-10-30 15:35:24 +00:00 |
|
|
Ruben Groenewoud
|
5ca2ac4cc5
|
[New Rules] cap_setuid/cap_setgid privesc (#3075)
* [New Rules] cap_setuid/cap_setgid privesc
* Update persistence_setuid_setgid_capability_set.toml
* Update rules/linux/privilege_escalation_suspicious_cap_setuid_python_execution.toml
Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>
* Update privilege_escalation_suspicious_cap_setuid_python_execution.toml
* Update rules/linux/privilege_escalation_suspicious_cap_setuid_python_execution.toml
* Update privilege_escalation_suspicious_cap_setuid_python_execution.toml
---------
Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>
(cherry picked from commit 6ea11cd9ad)
|
2023-10-18 14:30:17 +00:00 |
|