-
@fukusuket I noticed that in the recent rule merge, some rules that rely on network connections are now using `category: network_connection` and therefore can only be detected with Sysmon logs and not…
-
### Terraform Version
![image](https://user-images.githubusercontent.com/66933280/179971194-ff4cacbe-e4aa-4a4f-afeb-f2f97edf24fd.png)
```
...
```
### Terraform Configuration Files
…
-
Hello, I found a Hayabusa rules related issue, so I' ll report it :)
**Describe the issue**
Some [hayabusa-rules](https://github.com/Yamato-Security/hayabusa-rules/tree/201d90938e6330c635153548ad5…
-
@hitenkoku Sorry I didn't notice this yesterday.
If I use the following sigma rule, I do not get a match:
```
title: File Enumeration Via Dir Command
id: 7c9340a9-e2ee-4e43-94c5-c54ebbea1006
st…
-
When I use `--ISO-8601` time format in Hayabusa, I get the following error when running `automagic`:
```
times.nim(1644) raiseParseException
Error: unhandled exception: Failed to parse '…
-
@fukusuket This is related to Event and Value Counting correlation rules. Since we need to support multiple `group-by`, it might be better to first implement and test this with our current `count`. (T…
-
There are now 56 sigma rules that use the pipe modifier `|contains|windash`.
Example:
```
detection:
selection_img:
- Image|endswith: '\certutil.exe'
- OriginalFileName: 'C…
-
## NixOS for Pentesting
This represents an effort to bring Security and Forensics software to NixOS, so that it can become a viable alternative to projects like Kali Linux and BlackArch.
Expect up…
-
How to display time with the logo summary option?
-
Similar to the `computer-metrics` command in hayabusa, it will stack unique entries of the `.Computer` field.
I would like to output in the table format for standard output and CSV file output and ad…