Feature/#187 change allowlist regexes filenames (#189)

* add risk level filter arguments #45

* fix default level in help #45

* add test yaml files #45

* refactoring and fix level argument usage.

* cargo fmt --all

* add risk level filter arguments #45

* fix default level in help #45

* add test yaml files #45

* refactoring and fix level argument usage.

* cargo fmt --all

* update

* change filename

* fix regexe and allowlist filename in document #187

Co-authored-by: DustInDark <nextsasasa@gmail.com>

config/regex/allowlist_legimate_serviceimage.txt

@@ -0,0 +1,2 @@
+^"C:\\Program Files\\Google\\Chrome\\Application\\chrome\.exe"
+^"C:\\Program Files\\Google\\Update\\GoogleUpdate\.exe"

config/regex/regexes_suspicous_service.txt

@@ -0,0 +1,17 @@
+^cmd.exe /c echo [a-z]{6} > \\\\.\\pipe\\[a-z]{6}$
+^%SYSTEMROOT%\\[a-zA-Z]{8}\.exe$
+powershell.*FromBase64String.*IO.Compression.GzipStream
+DownloadString\(.http
+mimikatz
+Invoke-Mimikatz.ps
+PowerSploit.*ps1
+User-Agent
+[a-zA-Z0-9/+=]{500}
+powershell.exe.*Hidden.*Enc
+\\csc\.exe
+\\csc\.exe.*\\Appdata\\Local\\Temp\\[a-z0-9]{8}\.cmdline
+# Generic cvtres.exe alert
+\\cvtres\.exe.*
+\\cvtres\.exe.*\\AppData\\Local\\Temp\\[A-Z0-9]{7}\.tmp
+^[a-zA-Z]{22}$
+^[a-zA-Z]{16}$