Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Suspicious Browser Launch #4840

Merged
merged 18 commits into from
May 27, 2024
Merged

Suspicious Browser Launch #4840

merged 18 commits into from
May 27, 2024

Commits on Nov 25, 2023

  1. Create Rule to detect Process Injection 

    This commit adds a new experimental rule that attempts to detect process injection by utilizing the dd command to inject malicious code in the process memory under /proc/mem
example provided in this project https://github.com/AonCyberLabs/Cexigua/blob/master/overwrite.sh
    @skaynum
    skaynum authored Nov 25, 2023
    Configuration menu
    Copy the full SHA
    024315f View commit details
    Browse the repository at this point in the history

  2. Merge pull request #1 from skaynum/skaynum-patch-1 

    Create Rule to detect Linux Process Code Injection
    @skaynum
    skaynum authored Nov 25, 2023
    Configuration menu
    Copy the full SHA
    c0c5d22 View commit details
    Browse the repository at this point in the history

Commits on Dec 1, 2023

  1. Update proc_creation_lnx_dd_process_injection.yml

    @nasbench
    nasbench committed Dec 1, 2023
    Configuration menu
    Copy the full SHA
    25d030d View commit details
    Browse the repository at this point in the history

  2. fix: typo

    @phantinuss
    phantinuss authored Dec 1, 2023
    Configuration menu
    Copy the full SHA
    926a74e View commit details
    Browse the repository at this point in the history

Commits on Dec 2, 2023

  1. Merge branch 'SigmaHQ:master' into master

    @skaynum
    skaynum authored Dec 2, 2023
    Configuration menu
    Copy the full SHA
    5732b3d View commit details
    Browse the repository at this point in the history

Commits on Feb 3, 2024

  1. Merge branch 'SigmaHQ:master' into master

    @skaynum
    skaynum authored Feb 3, 2024
    Configuration menu
    Copy the full SHA
    327d02e View commit details
    Browse the repository at this point in the history

  2. Add files via upload

    @skaynum
    skaynum authored Feb 3, 2024
    Configuration menu
    Copy the full SHA
    49a6c8b View commit details
    Browse the repository at this point in the history

  3. Delete rules/windows/file/file_event/file_event_mysql_daemon_executab… 

    …le_file_creation.yml

Wrong file name
    @skaynum
    skaynum authored Feb 3, 2024
    Configuration menu
    Copy the full SHA
    fa8a897 View commit details
    Browse the repository at this point in the history

  4. Add files via upload

    @skaynum
    skaynum authored Feb 3, 2024
    Configuration menu
    Copy the full SHA
    b63c4d3 View commit details
    Browse the repository at this point in the history

Commits on Feb 23, 2024

  1. Merge branch 'SigmaHQ:master' into master

    @skaynum
    skaynum authored Feb 23, 2024
    Configuration menu
    Copy the full SHA
    b35dc46 View commit details
    Browse the repository at this point in the history

  2. Add files via upload

    @skaynum
    skaynum authored Feb 23, 2024
    Configuration menu
    Copy the full SHA
    6d359e0 View commit details
    Browse the repository at this point in the history

  3. Update file_event_win_outlook_opening_smb_file.yml

    @skaynum
    skaynum authored Feb 23, 2024
    Configuration menu
    Copy the full SHA
    21c39f5 View commit details
    Browse the repository at this point in the history

  4. Delete rules/windows/file/file_event/file_event_win_outlook_opening_s… 

    …mb_file.yml
    @skaynum
    skaynum authored Feb 23, 2024
    Configuration menu
    Copy the full SHA
    69adf3d View commit details
    Browse the repository at this point in the history

Commits on Apr 25, 2024

  1. Merge branch 'SigmaHQ:master' into master

    @skaynum
    skaynum authored Apr 25, 2024
    Configuration menu
    Copy the full SHA
    b3e2cc0 View commit details
    Browse the repository at this point in the history

  2. Add files via upload

    @skaynum
    skaynum authored Apr 25, 2024
    Configuration menu
    Copy the full SHA
    b394a45 View commit details
    Browse the repository at this point in the history

Commits on Apr 30, 2024

  1. Merge branch 'SigmaHQ:master' into master

    @skaynum
    skaynum authored Apr 30, 2024
    Configuration menu
    Copy the full SHA
    e1e5d92 View commit details
    Browse the repository at this point in the history

Commits on May 27, 2024

  1. chore: update metadata

    @nasbench
    nasbench committed May 27, 2024
    Configuration menu
    Copy the full SHA
    9901724 View commit details
    Browse the repository at this point in the history

  2. Update proc_creation_win_susp_browser_launch_from_document_reader_pro… 

    …cess.yml
    @nasbench
    nasbench committed May 27, 2024
    Configuration menu
    Copy the full SHA
    9d10f52 View commit details
    Browse the repository at this point in the history