sigma-rules/hunting/macos/docs at bbfc026c95fbd9491cdbd06e779e1598ad63a31f - sigma-rules - GreySec Git

security-tools/sigma-rules

Files

T

History

Terrance DeJesus bbfc026c95 [New Hunt] New Hunting Queries for DPRK ByBit (#4644 )

* new hunting queries for macOS DPRK

* added docker hunting queries

2025-04-23 16:41:23 -04:00

..

command_and_control_suspicious_executable_file_creation_via_python.md

[New Hunt] New Hunting Queries for DPRK ByBit (#4644 )

2025-04-23 16:41:23 -04:00

credential_access_potential_python_stealer.md

[New Hunt] New Hunting Queries for DPRK ByBit (#4644 )

2025-04-23 16:41:23 -04:00

defense_evasion_python_library_load_and_delete.md

[New Hunt] New Hunting Queries for DPRK ByBit (#4644 )

2025-04-23 16:41:23 -04:00

defense_evasion_self_deleted_python_script_accessing_sensitive_files.md

[New Hunt] New Hunting Queries for DPRK ByBit (#4644 )

2025-04-23 16:41:23 -04:00

defense_evasion_self_deleting_python_script.md

[New Hunt] New Hunting Queries for DPRK ByBit (#4644 )

2025-04-23 16:41:23 -04:00

execution_python_script_drop_and_execute.md

[New Hunt] New Hunting Queries for DPRK ByBit (#4644 )

2025-04-23 16:41:23 -04:00

execution_suspicious_executable_file_modification_via_docker.md

[New Hunt] New Hunting Queries for DPRK ByBit (#4644 )

2025-04-23 16:41:23 -04:00

execution_suspicious_file_access_via_docker.md

[New Hunt] New Hunting Queries for DPRK ByBit (#4644 )

2025-04-23 16:41:23 -04:00

execution_suspicious_python_app_execution_via_streamlit.md

[New Hunt] New Hunting Queries for DPRK ByBit (#4644 )

2025-04-23 16:41:23 -04:00

execution_unsigned_or_untrusted_binary_execution_via_python.md

[New Hunt] New Hunting Queries for DPRK ByBit (#4644 )

2025-04-23 16:41:23 -04:00

execution_unsigned_or_untrusted_binary_fork_via_python.md

[New Hunt] New Hunting Queries for DPRK ByBit (#4644 )

2025-04-23 16:41:23 -04:00

execution_unusual_library_load_via_python.md

[New Hunt] New Hunting Queries for DPRK ByBit (#4644 )

2025-04-23 16:41:23 -04:00

persistence_via_suspicious_launch_agent_or_launch_daemon_with_low_occurrence.md

[Bug] Normalize Hunting Index Link Generation (#3872 )

2024-07-10 11:01:59 -04:00

suspicious_network_connections_by_unsigned_macho.md

[Bug] Normalize Hunting Index Link Generation (#3872 )

2024-07-10 11:01:59 -04:00