issues
search
endgameinc
/
eqllib
MIT License
158
stars
46
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Fix broken normalization
#34
rw-access
closed
4 years ago
0
Only optimize expressions while walking
#33
rw-access
closed
4 years ago
0
Normalization fails for optimizing unique_count pipe
#32
rw-access
closed
4 years ago
0
T1174 Password Filter DLL
#31
saqibakkramkhan
opened
4 years ago
0
Better handling of normalization
#30
rw-access
closed
4 years ago
0
Normalization functions not removed by convert-query
#29
rw-access
closed
4 years ago
0
GAMAREDON GROUP Queries
#28
dstepanic
closed
4 years ago
0
GAMAREDON GROUP Queries
#27
dstepanic
closed
4 years ago
0
Analytics for Koadic
#26
ghost
closed
4 years ago
0
eqllib/docs/guides/index.rst says eqllib supports python2.7 which is no longer true
#25
anna-seppala
closed
4 years ago
1
TypeError: run_query() got an unexpected keyword argument 'columns'
#24
BuileaTM
closed
4 years ago
0
No sources available for convert-data
#23
ghost
closed
4 years ago
1
Update to include atomic blue tag
#22
ghost
closed
5 years ago
0
Added link for my profile "Dan Beavin"
#21
danbeavin
closed
5 years ago
0
rdp tunneling eql
#20
sbousseaden
opened
5 years ago
0
Add original_file_name to the schema
#19
rw-access
closed
5 years ago
0
Image Load and Vaultcmd Enumeration Analytics
#18
ghost
closed
5 years ago
0
Add original_file_name field for process events
#17
cthulhusec
closed
5 years ago
1
Add DNS Event Support
#16
cthulhusec
opened
5 years ago
2
Create T1223 - Compiled HTML File
#15
ghost
closed
5 years ago
1
Analytics for macOS malware curl CLIs
#14
ForensicITGuy
opened
5 years ago
0
Analytics for rundll32 with malware CLIs
#13
ForensicITGuy
opened
5 years ago
0
Analytics for UAC bypass by process executions
#12
ForensicITGuy
closed
5 years ago
0
Reorganized relevant tests under Impact tactic
#11
ForensicITGuy
closed
5 years ago
0
Analytic for process injection via ld.so.preload
#10
ForensicITGuy
closed
5 years ago
0
Analytic for timestomping via touch with reference
#9
ForensicITGuy
closed
3 years ago
1
Analytic for domain trust discovery with nltest
#8
ForensicITGuy
closed
5 years ago
0
Source file parse doesn't ignore '.'
#7
CptOfEvilMinions
closed
4 years ago
3
T1158 - Linux/macOS Hidden File Creation
#6
ForensicITGuy
opened
5 years ago
0
T1156 .bash_profile & .bashrc modification
#5
ForensicITGuy
closed
5 years ago
0
T1003 Credential Access Analytics
#4
ForensicITGuy
closed
5 years ago
3
Can we use multiple Json files
#3
AniruddhaDD
opened
5 years ago
0
Docs: All examples use double quotes, break query
#2
cteodor
closed
5 years ago
2
Docs: Command line options changed vs. documentation
#1
cteodor
closed
5 years ago
1