CSEC_PUBLIC/hayabusa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,496 Commits 6 Branches 18 Tags
af3e77913b0ce20c79d60865ec7c63a5b51c788f
Commit Graph

1496 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tanaka Zakku
0a66cbd349 Readme-EN-update 2021-12-16 14:49:41 +09:00
DustInDark
c6d54ce7b4 adjust 12/12 SIGMA rules #274 2021-12-15 01:08:25 +09:00
DustInDark
ba1beafdd0 removed duplicated eventkeys #274 2021-12-14 19:19:57 +09:00
DustInDark
fa9531a615 added eventkeys #274 2021-12-14 19:17:51 +09:00
kazuminn
7a6d264be0 feature : statusがdeprecatedなルールを読み込まない (#272) 
* feature status deprecated exclude

* clean

* change logic and option name

* fix option description
 2021-12-14 18:42:23 +09:00
kazuminn
5be79a1806 update to edition 2021 (#283) 2021-12-14 18:41:44 +09:00
James Takai / hach1yon
fd200c54b0 tuning (#280) 
* remove unnecessary to_string

* remove unnecessary RWLock

* change hashmap crate

* remove unneccesarry to_string

* fmt

* remove rustc warning

* remove unnecessary to_string

* remove unnecessary comment

* remove unused functions

* remove unneccesary code.

* change compile option

* fmt

* remove unneccesarry split

* fmt

* remove unneccesary Option
 2021-12-14 16:57:49 +09:00
DustInDark
3fae98934b Feature/change level option#250 (#259) 
* fixed level option #250

* changed output
 2021-12-13 01:52:21 +09:00
itiB
906319bae5 Merge branch 'main' into feature/start_finish_time 2021-12-11 15:30:22 +09:00
itiB
721bf993f7 cargo fmt --all 2021-12-11 15:28:13 +09:00
itiB
708305c958 Add: TargetTimefilter testcase 2021-12-11 15:27:11 +09:00
Tanaka Zakku
f0722e38b7 English readme updates 2021-12-11 11:30:37 +09:00
Tanaka Zakku
1f80a3b263 Merge branch 'main' of https://github.com/Yamato-Security/hayabusa into main 2021-12-11 08:37:22 +09:00
Tanaka Zakku
9d8d6cba9d hayabusa.py timeflame -> timeframe 2021-12-11 08:37:17 +09:00
kazuminn
5ae170bcc0 refactor : rename variables and fix typo and add test (#270) 
* rename variables and fix typo and add test

* fix typo
 2021-12-11 04:25:35 +09:00
James Takai / hach1yon
d3574134f7 fix max record number (#279) 2021-12-11 01:45:47 +09:00
Tanaka Zakku
794b8f2431 English readme update 2021-12-11 01:13:25 +09:00
Tanaka Zakku
f7006a83f3 Merge branch 'main' of https://github.com/Yamato-Security/hayabusa into main 2021-12-11 00:54:47 +09:00
Tanaka Zakku
8ab54883de English readme update 2021-12-11 00:54:39 +09:00
DustInDark
2ff94b6e2c added win_rare_schtask_creation to noisy-rule #263 (#277) 2021-12-11 00:26:50 +09:00
kazuminn
a00a114101 refactor : rename variables and fix typo and add test (#270) 2021-12-10 23:01:47 +09:00
Yamato Security
9941a5dc90 Update sigmac tool readme and ruletype name (#267) 2021-12-09 09:28:54 +09:00
Yamato Security
5da9dc748f Merge pull request #248 from Yamato-Security/feature/fill_no_use_rules 
feature : exclude rules by their ID in case of duplicates, etc...
 2021-12-09 06:41:15 +09:00
kazuminn
a2495b6b50 fix miss 2021-12-09 01:35:53 +09:00
kazuminn
db3616b56d add test rule files 2021-12-09 01:29:23 +09:00
kazuminn
360d80b578 clear 2021-12-09 01:15:01 +09:00
kazuminn
3f11e426ba add test rule file 2021-12-09 01:06:50 +09:00
kazuminn
b9831ca38a add test for exclude rules 2021-12-09 00:57:40 +09:00
kazuminn
c8473b7668 remove comment 2021-12-08 23:16:46 +09:00
DustInDark
493c5ddec1 Trivia/eastereggs#212 (#266) 
* add ninja arts #212

* add takoyakiday eggs #212

* add christmas eggs #212

* add happy newyear eggs #212

* changed encode from UTF-8 BOM to UTF-8

* add output easteregg #212

- changed analysis datetime from Utc to Local
- added output easteregg #213

* changed happynewyear arts #212

* fix ninja day #212

* fix christmas #212
 2021-12-07 01:52:27 +09:00
itiB
f8bd738984 fix: input time format 2021-12-07 01:25:21 +09:00
itiB
0e4136e9cf fix: option's documents 2021-12-07 01:00:18 +09:00
itiB
a1ec06cc6c rm: comments 2021-12-07 00:52:57 +09:00
itiB
4bb445d4f5 Add: time filter 2021-12-07 00:50:00 +09:00
itiB
e09cfb7231 Add: datetime util 2021-12-07 00:11:34 +09:00
itiB
cc7697a319 Merge branch 'main' into feature/start_finish_time 2021-12-06 23:07:08 +09:00
DustInDark
50daf1d716 Feature/improve rule file read time#254 (#260) 
* fixed cached aggregation parser regex #254

* fixed cached condition parser regex #254

* fixed cached condition parser regex re_pipe #254
 2021-12-05 15:05:09 +09:00
James Takai / hach1yon
b10b714b36 SIGMAルールの変換ツールのテストケース作成とバグFIX (#261) 
* grep検索に数値を指定されていると、sigmaルールの変換に失敗する問題を修正しました。

* add test files and bugfix for no timeframe.
 2021-12-05 15:02:54 +09:00
James Takai / hach1yon
2222211ccd Merge branch 'main' into feature/fill_no_use_rules 2021-12-04 19:31:35 +09:00
ichiichi11
191d1df9f0 add exclude files and fix bugs. 2021-12-04 19:23:50 +09:00
ichiichi11
9169214553 fix bug. 2021-12-04 19:09:41 +09:00
ichiichi11
c961c3768c change from hashmap to hashset and remove unnecessary copy. 2021-12-04 18:46:11 +09:00
DustInDark
ac5c5c2917 Bugfix/yml alias not found all data output#227 (#241) 
* removed no use alias #227

* changed case of object type  return none #227

- serde json value is object type when alias key dont exist in detected record.

* adjust serde_number_to_string function return value change #227

* adjust yml rule to change of aliaskey_alias.txt #227

* merged same regex as static

* create new struct to reduce same output in rule and keyword warn message #227

* changed output position

* removed regression warnings #227

* removed output wanring

* Fixed a possible panic when None. #227

* added parse_message test #227

* added get_serde_number_to_string tests #227

* removed unnecessary test data part in get_serde_numuber_to_string test #227
 2021-12-04 11:49:38 +09:00
DustInDark
d112129771 changed stdout result delimiter #244 (#245) 
* changed stdout result delimiter #244

* removed unnecessary space #244

* added display output test #244

- added static map clear function (only test use)
- added outputformat test case of stdout (change sequencial process in emit_csv test To prevent the contents of static variables from changing depending on the order of execution)

* fixed typo
 2021-12-04 11:20:11 +09:00
Yamato Security
e0936ab2d1 rule update (#249) 2021-12-03 15:52:43 +09:00
DustInDark
8b9dac961a added progress bar #199 (#247) 2021-12-03 10:12:31 +09:00
kazuminn
446e540d6f merge main into feature/fill_no_use_rules 2021-12-02 00:49:54 +09:00
kazuminn
b9c415eab5 add 2021-12-02 00:43:31 +09:00
kazuminn
838a935d34 pass test 2021-12-02 00:33:19 +09:00
kazuminn
341a5e4f86 feature fillter no use rules 2021-11-30 22:54:36 +09:00