Skip to content

Pull requests: mandiant/capa-rules

Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Assignee
Filter by who’s assigned
Sort

Pull requests list

add first set of exploit detection rules
#1046 opened May 12, 2025 by zdwg42 Loading…
updated broken link
#1045 opened May 6, 2025 by mustafagunel Loading…
Deleting file content via truncation
#1040 opened Apr 17, 2025 by JakePeralta7 Loading…
Add linux kernel rootkit rules
#1039 opened Apr 12, 2025 by hafizfarhad Loading…
Add socks5 proxy capabilities rule
#1038 opened Mar 25, 2025 by ArkaprabhaChakraborty Loading…
Create get-workstation-config.yml
#1014 opened Mar 5, 2025 by kevross33 Loading…
Create wmi-get-antivirus.yml
#1013 opened Mar 5, 2025 by kevross33 Loading…
Create get-domain-admins.yml
#1012 opened Mar 5, 2025 by kevross33 Loading…
warn if latest release and rules are not compatible
#933 opened Sep 24, 2024 by mr-tz Loading…
Additional rules to support capa-scripts. dont merge Indicate a PR that is still being worked on
#603 opened Aug 4, 2022 by adamstorek Loading…
ProTip! Adding no:label will show everything without a label.