CSEC_PUBLIC/hayabusa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
804 Commits 6 Branches 18 Tags
74ba4e45de00fa498df4039a58b8ac96ebe3cbad
Commit Graph

155 Commits

Author SHA1 Message Date
DustInDark
4a2184b71e added loading detections rules output #583 2022-06-11 00:32:28 +09:00
DustInDark
50855fba15 refactor and fixed clippy:format_push_string 2022-06-07 22:21:59 +09:00
DustInDark
0bbad7de6c fixed clippy::format_push_string error 2022-06-07 21:32:50 +09:00
DustInDark
d072b9d3cd cargo fmt 2022-06-07 21:17:51 +09:00
DustInDark
d480ebef0f fixed cargo error 2022-06-07 21:15:41 +09:00
DustInDark
4220a9b5e2 replaced unnecessary clone use 2022-06-07 20:55:01 +09:00
DustInDark
9362e81f53 fixed cargo clippy error 2022-06-07 20:39:08 +09:00
DustInDark
c8d2ab1d4c fixed cargo clippy error 2022-06-07 20:16:28 +09:00
DustInDark
0df42b67ba output saving results message (#563) 
* added Results Summary title #561

* added results message when output option is enabled. #561

* version number update

* added newline

* removed newline

* tuned output #561

* fixed bug that console output table header color is same with 1st row color #561

* cargo fmt
 2022-06-03 20:49:26 +09:00
DustInDark
4c1aa94eba display logo in green (#552) 
* added termcolor reset function #537

* added logo green output #537

* fixed test

* cargo fmt

* updated changelog #537

* fixed clippy error

* update logo screenshot

* updated rules

* changed no colored logo when --no-color option is enabled

* fixed colored reset bug when --update-rules option is enabled

* fixed color reset bug when --level-tuning option is enabled

* cargo fmt

Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com>
 2022-05-31 17:06:12 +09:00
DustInDark
2653e87588 start timeline and end timeline do not work (#547) 
* fixed dont work start-timeline and end-timeline #546

* fixed condition

* added changelog #546

* changelog update

* changed stop analysis when start-timeline and end-timeline happend parse error #546

* cargo fmt

* fixed alert message

* fixed lack of timestamp convert

* cargo fmt

* readme/usage update

Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com>
 2022-05-28 10:07:39 +09:00
DustInDark
69c41c4859 540 enhancement print total evtx file size (#545) 
* added ByteSize crate  #540

* displayed total evtx file size #540

* updated CHANGELOG #540

* cargo fmt

* added blank like, updated cargo

Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com>
 2022-05-27 11:11:44 +09:00
DustInDark
7be79efc21 fixed event timeline frequency font color changed when use f option #542 (#544) 
* fixed event timeline frequency font color changed when use f option #542

* fixed duplicate count detection to same record in data reduction #543

* fixed error #542

* fixed fmt

* fixed error

* changed no frequency timeline output when events is less than 5 record.

* Error message update

* added newline after progress bar

* fixed  frequency timeline logic to pass test

* cargo fmt

* Added CHANGELOG #533 #538 #525

* changelog update

* updated readme #533 #538

* readme update

* startup logo update

Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com>
 2022-05-27 10:13:40 +09:00
DustInDark
dac2a80726 Display total event count and data reduction (#539) 
* added reduction percent and all records cnt #538

* version updated v1.3.0-dev

* added events word

* added side margin to sparkline #533

* fixed centering

* change margin from 5 to 3

* readme warning typo fix

Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com>
 2022-05-24 11:13:43 +09:00
DustInDark
d654c2cb6b logon summary (#523) 
* logon summary #110

* logon summary #110

* english update

* add sort #110

* add sort #110

* Formatting the output string

* Fixed the check process.

* added document #110

* Fixed login failure eventID.

* Fixed clipy err

* prevent rule load output with logon-summary option #110

* fixed bug of  level-tuning execute when option is -s or -L only #110

Co-authored-by: garigariganzy <tosada31@hotmail.co.jp>
Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com>
 2022-05-17 09:36:45 +09:00
DustInDark
274123256a remove unnecessary hard reset 2022-04-22 15:31:36 +09:00
DustInDark
0414b5af78 changed force update to hayabusa-rules #490 (#509) 
* changed force update to hayabusa-rules #490

* added note when update option is used

* readme update

* cargo and changelog updates

* changed jp translation

Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com>
 2022-04-21 21:20:31 +09:00
DustInDark
06ccf8382b fixed to include noisy and exclude rules when level tuning #511 2022-04-20 18:30:05 +09:00
Tanaka Zakku
c6b2879eb5 change path 2022-04-20 10:16:25 +09:00
Tanaka Zakku
c09f9d4f5f small english fix 2022-04-12 08:38:57 +09:00
itiB
9fa60dd26d Add: show logo, and some infos 2022-04-12 00:27:02 +09:00
Yamato Security
861e1c5c4e Merge branch 'develop' into feature/level-tuning#390 2022-04-11 17:24:28 +09:00
DustInDark
620b6f375d Enhance/warning architecture#478 (#482) 
* added  enhance of architecture check #478

* changed check architecture process after output logo #478

* English msg update

* fixed detect method of os-bit to windows and linux

* removed mac and unix architecture and binary and updated its process of windows

* fix clippy

* added check on Wow64 env #478

* Update contributors.txt

Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com>
 2022-04-10 02:21:24 +09:00
itiB
bb834618d6 rm: debug line 2022-04-10 00:52:06 +09:00
itiB
8061733fd9 Fix: show usage when hayabusa has no args 2022-04-10 00:50:40 +09:00
DustInDark
a35e8ad5cb fixed config to show level-tuning option 2022-04-07 00:08:32 +09:00
DustInDark
0c27b13c85 added run args rules path to check test easy #390 2022-04-06 23:28:55 +09:00
kazuminn
c8efa95447 Pivot Keyword List機能の追加 (#412) 
* add get_pivot_keyword() func

* change function name and call it's function

* [WIP] support config file

* compilete output

* cargo fmt

* [WIP] add test

* add test

* support -o option in pivot

* add pivot mod

* fix miss

* pass test in pivot.rs

* add comment

* pass all test

* add fast return

* fix output

* add test config file

* review

* rebase

* cargo fmt

* test pass

* fix clippy in my commit

* cargo fmt

* little refactor

* change file input logic and config format

* [WIP] change output

* [wip] change deta structure

* change output & change data structure

* pass test

* add config

* cargo fmt & clippy & rebase

* fix cllipy

* delete /rules/ in .gitignore

* clean comment

* clean

* clean

* fix rebase miss

* fix rebase miss

* fix clippy

* file name output on -o to stdout

* add pivot_keywords.txt to ./config

* updated english

* Documentation update

* cargo fmt and clean

* updated translate japanese

* readme update

* readme update

Co-authored-by: DustInDark <nextsasasa@gmail.com>
Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com>
 2022-04-05 21:17:23 +09:00
itiB
373dd0f8c7 Add: id, level validation 2022-04-05 01:53:24 +09:00
itiB
026d18a605 Add: Error handlings 2022-04-05 01:30:11 +09:00
itiB
6805bd6a0a Reface: split to options file 2022-04-04 00:31:21 +09:00
itiB
9149500b40 Add: level-tuning function 2022-04-03 23:41:32 +09:00
itiB
814f5a61cb cargo fmt 2022-04-03 22:01:40 +09:00
itiB
d38834e20e Add: input rule_level.txt files & read rules 2022-04-03 21:58:33 +09:00
itiB
a15bef4b30 Add: read Rule files 2022-04-03 21:58:33 +09:00
itiB
276889338d Add: --level-tuning option's outline 2022-04-03 21:57:50 +09:00
DustInDark
fa86a9a027 Fearture/ added output update result#410 (#452) 
* add git2 crate #391

* added Update option #391

* updated readme #391

* fixed cargo.lock

* fixed option if-statement #391

* changed utc short option and rule-update short option #391

* updated readme

* updated readme

* fixed -u long option & version number update #391

* added fast-forwarding rules repository #391

* updated command line option #391

* moved output logo prev update rule

* fixed readme #391

* removed recursive option in readme

* changed rules update from clone and pull to submodule update #391

* fixed document

* changed unnecessary clone recursively to clone only

* English message update.

* cargo fmt

* English message update. ( 4657c35e5c cherry-pick)

* added create rules folder when rules folder is not exist

* fixed gitmodules github-rules url from ssh to https

* added output of updated file #420

* fixed error #410

* changed update rule list seq

* added test

* fixed output #410

* fixed output and fixed output date field  when  modified field is lacked #410

* fixed compile error

* fixed output

- added enter after Latest rule update output
- added output when no exist new rule
- fixed Latest rule update date format
- changed output from 'Latest rule update' to 'Latest rules update'

* fixed compile error

* changed modified date source from rules folder to each yml rule file

* formatting use chrono in main.rs

* merge develop clippy ci

* fixed output when no update rule #410

- removed Latest rule update

- no output "Rules update successfully" when No rule changed

* Change English

Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com>
 2022-03-29 13:09:54 +09:00
DustInDark
7c7a86f7c9 Fixed Clippy Warnings (#451) 
* fixed clippy warn

* fixed cargo clippy warnging

* fixed clippy warngings in clippy ver 0.1.59

* fixed clippy warnings clippy::unnecessary_to_owned
 2022-03-17 08:43:48 +09:00
DustInDark
04b881cb66 changed downcast library from mopa to downcast_rs #447 (#450) 2022-03-11 14:49:47 +09:00
DustInDark
bb1f5f619d Fix/fix clippy warn (#434) 
- Fixed following Clippy Warnings(previous warning count: 671 -> after: 4)
  - clippy::needless_return
  - clippy::println_empty_string
  - clippy::redundant_field_names
  - clippy::single_char_pattern
  - clippy::len_zero
  - clippy::iter_nth_zero
  - clippy::bool_comparison
  - clippy::question_mark
  - clippy::needless_collect
  - clippy::unnecessary_unwrap
  - clippy::ptr_arg
  - clippy::needless_collect
  - clippy::needless_borrow
  - clippy::new_without_default
  - clippy::assign_op_pattern
  - clippy::bool_assert_comparison
  - clippy::into_iter_on_ref
  - clippy::deref_addrof
  - clippy::while_let_on_iterator
  - clippy::match_like_matches_macro
  - clippy::or_fun_call
  - clippy::useless_conversion
  - clippy::let_and_return
  - clippy::redundant_clone
  - clippy::redundant_closure
  - clippy::cmp_owned
  - clippy::upper_case_acronyms
  - clippy::map_identity
  - clippy::unused_io_amount
  - clippy::assertions_on_constants
  - clippy::op_ref
  - clippy::useless_vec
  - clippy::vec_init_then_push
  - clippy::useless_format
  - clippy::bind_instead_of_map
  - clippy::bool_comparison
  - clippy::clone_on_copy
  - clippy::too_many_arguments
  - clippy::module_inception
  - fixed clippy::needless_lifetimes
  - fixed clippy::borrowed_box (Thanks for helping by hach1yon!)
 2022-03-07 08:38:05 +09:00
Alan Smithee
0fdabf0d70 added process of remove submodule cache #432 2022-03-01 03:17:55 +09:00
Alan Smithee
6e5b24282f cargo fmt 2022-02-28 18:27:06 +09:00
Alan Smithee
c3c9423b74 fixed clippy warn 2022-02-28 18:25:54 +09:00
Alan Smithee
28ded269de fixed process case of not exist hayabusa .git folder #432 2022-02-28 18:24:49 +09:00
Alan Smithee
b22798fddd added merge process when submodule update option #422 2022-02-27 21:04:33 +09:00
Alan Smithee
d1553e3ab1 changed crate load together 2022-02-27 21:02:43 +09:00
Yamato Security
fb007ee3a6 Small edits on help screen. (#417) 2022-02-27 09:04:30 +09:00
DustInDark
02b1d7f07c added update command #391 (#392) 
* add git2 crate #391

* added Update option #391

* updated readme #391

* fixed cargo.lock

* fixed option if-statement #391

* changed utc short option and rule-update short option #391

* updated readme

* updated readme

* fixed -u long option & version number update #391

* added fast-forwarding rules repository #391

* updated command line option #391

* moved output logo prev update rule

* fixed readme #391

* removed recursive option in readme

* English message update.

* cargo fmt

* Added update command#391 submodule ver (#401)

* changed rules update from clone and pull to submodule update #391

* fixed document

* changed unnecessary clone recursively to clone only

* English message update. ( 4657c35e5c cherry-pick)

* added create rules folder when rules folder is not exist

* fixed gitmodules github-rules url from ssh to https

Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com>

* added caution case of update failed in readme #391

* fixed document

* added output error in case of loaded rule count is 0  #391 #392

 https://github.com/Yamato-Security/hayabusa/pull/392#issuecomment-1050276570

* --update-rules typo

* removed unused library call

Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com>
 2022-02-26 18:18:03 +09:00
DustInDark
0dc5de4b73 Bug/ Fixed error when target environment is not installed vcc redistribute package (#408) 
* fixed error when target environment has not installed vcc redistribute package

* added cfg to static_vcruntime when target os is windows.
 2022-02-25 10:07:12 +09:00
DustInDark
df86958850 added live analysys feature (#398) 
* added windows live analysis option #125

* added live analysis option #125

* fixed live analysys condition #125

* changed live analysis option #125

* added live-analysis option in readme #125

* fixed live-analysis check condition #125

* is_elevated crate is only windows #125

* fixed is_elevated build error #125

* fixed is_elevated library crate load

* fixed call way os dependencies crate #125

* fix build error on linux and removed unnecessary create #125

* fixed lack of load crate when build at windows #125

* Update error message

Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com>
 2022-02-15 02:12:45 +09:00