security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,571 Commits 1 Branch 0 Tags
ec791fa67a4e597ef5013fbd2972508fc522ec4d
Commit Graph

4 Commits

Author SHA1 Message Date
Mika Ayenson, PhD 8993d1450b [Rule Tuning] Add Supplemental Mitre Mappings (#5876) 
---------

Co-authored-by: Ruben Groenewoud <78494512+Aegrah@users.noreply.github.com>
Co-authored-by: Isai <59296946+imays11@users.noreply.github.com>
Co-authored-by: terrancedejesus <terrance.dejesus@elastic.co>
Co-authored-by: Jonhnathan <26856693+w0rk3r@users.noreply.github.com>
Co-authored-by: eric-forte-elastic <eric.forte@elastic.co>
 2026-04-01 09:12:42 -05:00
Ruben Groenewoud 80ee91b0f2 [Rule Tuning] Linux DR Tuning - 11 (#5511) 
* [Rule Tuning] Linux DR Tuning - 11

* Update privilege_escalation_potential_suid_sgid_exploitation.toml

* Update rules/linux/privilege_escalation_suspicious_uid_guid_elevation.toml

* Update privilege_escalation_docker_escape_via_nsenter.toml

---------

Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com>
 2026-01-07 16:31:13 +01:00
shashank-elastic e938ecf41a Refresh Manifest and Schemas November Update (#5298) 2025-11-11 18:04:20 +05:30
Ruben Groenewoud bb38e2558a [New Rule] Privilege Escalation via SUID/SGID Proxy Execution (#5266) 
* [New Rule] Privilege Escalation via SUID/SGID Proxy Execution

* Update privilege_escalation_potential_suid_sgid_proxy_execution.toml

* Update rules/linux/privilege_escalation_potential_suid_sgid_proxy_execution.toml
 2025-11-10 11:41:38 +01:00