issues
search
socfortress
/
Wazuh-Rules
Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!
https://www.socfortress.co
590
stars
169
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Update 100535-win_powershell_rules.xml
#31
landon-lengyel
opened
2 weeks ago
0
Add Exception to 100502 for SCCM `Windows\CCM\CcmExec.exe`
#30
thanegill
closed
2 months ago
0
custom-misp.py - Returned raw log line from MISP cannot be decoded
#29
pandel
opened
4 months ago
0
[question] licence ?
#28
Mayfly277
closed
5 months ago
1
OpenCTI Integration Error
#27
u-ahmad1
opened
7 months ago
0
Create sysmon_update.ps1
#26
ventra007
opened
7 months ago
0
Update sysmon_install.ps1
#25
ventra007
opened
7 months ago
0
Update sysmon_install.ps1
#24
ventra007
closed
7 months ago
0
Add Mikrotik v7 rule
#23
angolo40
opened
8 months ago
0
Error while installing
#22
Aversah
opened
8 months ago
1
Install Rules on Docker
#21
spike63995
opened
9 months ago
0
a lot warn message "Mitre Technique ID 'Txxxx' not found in database
#20
mamema
opened
9 months ago
0
Sysmon Config Used
#19
PiRomant
opened
11 months ago
0
Update 100002-suricata.xml
#18
celevra
opened
12 months ago
0
wazuh-certs-tool.sh should not hardcode distinguished name
#17
majorthorn
opened
1 year ago
0
Update custom-opencti.py
#16
protocolpaladin
opened
1 year ago
0
MS defender python script error
#15
Ismailctest
opened
1 year ago
2
Fixing case misalignment between Linux and Windows sysmon event ID field name
#14
branchnetconsulting
opened
1 year ago
0
MISP Python script - creating error Wazuh
#13
Braedach
closed
1 year ago
1
Resolved bug into malicious-powershell
#12
giorgiosld
opened
1 year ago
0
Update 900000-exclusion_rules.xml
#11
gnordli
closed
1 year ago
0
Sysmon Event 3: Not all logs are exported to Wazuh
#10
AndrewRi
opened
1 year ago
0
yara script throwing error "could not open file"
#9
Zshader
opened
1 year ago
1
Rule 22 not functioning
#8
gianlucaromito
opened
1 year ago
2
MISP logs decoder not working
#7
pradreal
opened
1 year ago
0
Invalid decoder name: 'auditd-execve'
#6
iamenderst
closed
1 year ago
5
Unable to install the rules
#5
hassan-78
opened
1 year ago
1
AbuseIPDB Integration File
#4
alicangnll
closed
1 year ago
0
Badge
#3
socfortress
closed
2 years ago
0
Master
#2
socfortress
closed
2 years ago
0
Image
#1
socfortress
closed
2 years ago
0