Yamato-Security hayabusa issues

Yamato-Security / hayabusa

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

GNU Affero General Public License v3.0

2.32k stars 203 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

fix: output agg result string when `all-field-info` profile

#1452 fukusuket closed 1 month ago
4
change license to AGPL

#1451 YamatoSecurity closed 1 month ago
2
Field information is not outputted when the profile is `all-field-info`

#1450 YamatoSecurity closed 1 month ago
1
fix: give a parsing error when correlation reference rule not found

#1449 fukusuket closed 1 month ago
2
Support Field Name Aliases in Correlations

#1448 YamatoSecurity opened 1 month ago
0
Support Ordered Temporal Proximity correlation

#1447 YamatoSecurity opened 1 month ago
0
Support Temporal Proximity correlation

#1446 YamatoSecurity opened 1 month ago
0
Be able to customize output for correlation rules

#1445 YamatoSecurity opened 1 month ago
0
Hayabusa should give a parsing error when reference rule is not found

#1444 YamatoSecurity closed 1 month ago
1
fix: make `group-by` optional for correlation

#1443 fukusuket closed 1 month ago
1
Bug: `group-by` should be optional for correlation rules

#1442 YamatoSecurity closed 1 month ago
1
feat: add support for `fieldref|startswith` and `fieldref|contains`

#1441 fukusuket closed 1 month ago
0
Load `windash` characters dynamically

#1440 YamatoSecurity closed 2 weeks ago
0
Support `fieldref|startswith` and `fieldref|contains`

#1439 YamatoSecurity closed 1 month ago
1
[bug] High memory usage even in `low-memory mode`

#1438 fukusuket closed 1 month ago
6
chg: Create `fieldref|endswith` alias for `endswithfield`

#1437 fukusuket closed 1 month ago
1
fix: specify compile target explicitly in Release Automation

#1436 fukusuket closed 1 month ago
5
Create `fieldref|endswith` alias for `endswithfield`

#1435 YamatoSecurity closed 1 month ago
2
Support `expand` modifiers

#1434 YamatoSecurity opened 1 month ago
0
Implement `gt`, `lt`, etc.. modifiers

#1433 YamatoSecurity closed 3 weeks ago
0
Implement `utf16/utf16be/utf16le/wide` modifiers

#1432 YamatoSecurity opened 1 month ago
7
[bug] musl packages created by Release Automation failed with `/lib/x86_64-linux-gnu/libc.so.6: version GLIBC_2.38 not found`

#1431 fukusuket closed 1 month ago
3
fix: copy all .git commit history by specifying fetch-depth

#1430 fukusuket closed 1 month ago
4
[bug] `update-rules` fails for packages created with `Release Automation`

#1429 fukusuket closed 1 month ago
3
test: add integration-test/csv(json)-timeline diff-test for encoded_rules/single config

#1428 fukusuket closed 1 month ago
0
fix: add `logs` directory to the Windows package generated by release automation actions

#1427 fukusuket closed 1 month ago
2
fix: remove unnecessary line break in `search` cmd

#1426 fukusuket closed 1 month ago
4
[bug] Unnecessary line breaks in standard output of `search` command

#1425 fukusuket closed 1 month ago
0
feat: add GitHub Actions for auto build packages

#1424 fukusuket closed 1 month ago
9
feat: load config files from a single file

#1423 fukusuket closed 1 month ago
8
[bug]

#1422 maralad closed 1 month ago
2
add links to readme

#1421 YamatoSecurity closed 1 month ago
1
Load config files from a single file

#1420 YamatoSecurity closed 1 month ago
2
feat: support encoded rules to avoid AV false positives

#1419 fukusuket closed 1 month ago
6
metrics: handle None value unwrap panic

#1418 jmtaylor90 closed 1 month ago
3
feat(matchers): added fieldref modifier

#1417 hitenkoku closed 2 months ago
0
chg: move actions(creating supported modifier markdown) to hayabusa-rules repo

#1416 fukusuket closed 2 months ago
0
chg: move script to hayabusa-rules repo

#1415 fukusuket closed 2 months ago
2
add kodiak for automerge

#1414 YamatoSecurity closed 2 months ago
0
[Auto] Sigma Rule Supported Modifier Update report(2024-09-03 21:20:54)

#1413 github-actions[bot] closed 2 months ago
0
[Auto] Sigma Rule Supported Modifier Update report(2024-09-03 20:21:09)

#1412 github-actions[bot] closed 2 months ago
0
Fix: Github Actions hayabusa-rule path

#1411 fukusuket closed 2 months ago
0
[Auto] Sigma Rule Supported Modifier Update report(2024-09-03 11:34:55)

#1410 github-actions[bot] closed 2 months ago
0
Support `fieldref` modifier

#1409 YamatoSecurity closed 2 months ago
0
Hoge

#1408 fukusuket closed 2 months ago
0
feat: add script and actions for supported modifier markdown

#1407 fukusuket closed 2 months ago
7
Dynamically create a table of supported field modifiers

#1406 YamatoSecurity closed 2 months ago
2
doc: update --sort-events option description

#1405 fukusuket closed 2 months ago
0
added SecTor Badge

#1404 hitenkoku closed 2 months ago
0
Add SecTor badge to readme

#1403 YamatoSecurity closed 2 months ago
0

Previous Next