CSEC_PUBLIC/hayabusa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,504 Commits 6 Branches 18 Tags
dc67fd3f053202ca5b788a85d4d1ff184062ef93
Commit Graph

887 Commits

Author SHA1 Message Date
James ea9f6b96c7 Feature/and or not #107 (#117) 
* wip

* wip

* wip

* wip

* wip

* wip

* wip

* dekita

* cargo fmt --all

* change message

* count parse implementedgit add .!

* Update: use docstring in rule.rs (#118)

* add testcase.

* add testcase.

* fix comment

Co-authored-by: itiB <is0312vx@ed.ritsumei.ac.jp>
 2021-06-04 00:35:03 +09:00
itiB b22051e207 Feature/str exact match#79 (#100) 
* Add: LeafMatch struct 'StartsWithMatcher'

* Add: LeafMatch struct 'EndsWithMatcher'

* Add: LeafMatch struct 'ContainsMatcher'

* WIP: StrFeature

* Add: get strFeature's from rule file

* refact

* Revert "refact"
This reverts commit 5439b4d6d52dff4a90307206404e38ff20fe792e.

Revert "Add: get strFeature's from rule file"
This reverts commit 152ad10a03f67f23e6de3db93be9b4e7eaf6a7a8.

Revert "WIP: StrFeature"
This reverts commit bf7271348d30b24f6063cfe8ce5b27e956143d60.

* Add: matcher selector for string options

* Add: rm |xxx text from rule file

* fix: leafNodes's |xxx command overwritten

* test: startswith, endswith, contains LeafNodeTest

* test: use string MethodNode in OrSelectionNode

* cargo fmt --all

* Update: when undefined rule option occur, raise err
 2021-05-28 23:19:43 +09:00
James 9b8bed70f8 Feature/timeline template #104 (#106) 
* under constructing

* add statistics template

* fix

* add comment

* change for statistics
 2021-05-16 01:34:48 +09:00
ichiichi11 ee23fc9a66 cargo fmt --all 2021-05-13 22:07:41 +09:00
ichiichi11 e960586ede fix comment 2021-05-13 22:05:49 +09:00
HajimeTakai 7cd0691764 cargo fmt --all 2021-05-12 23:19:03 +09:00
HajimeTakai e504a36d0a refactoring 2021-05-12 23:16:11 +09:00
HajimeTakai 4e68e75cb2 add testcase 2021-05-12 22:45:38 +09:00
HajimeTakai b9752e567d underconstructing 2021-05-10 00:41:20 +09:00
HajimeTakai 61ae299e4b underconstructing 2021-05-10 00:14:50 +09:00
HajimeTakai 7913fbfb95 refactoring 2021-05-09 17:26:17 +09:00
James 2f24dc775f Feature/filter record by eventid#94 (#95) 
* add function to get event id from rootnode.

* refactoring #76

* maybe fix bug.

* before test

* fix source files.

* cargo fmt --all

* add threadnum parameter
 2021-05-06 20:58:43 +09:00
Alan Smithee a68a59417d Feature/add eventfilepath to csv #76 (#89) 
* Feature/call error message struct#66 (#69)

* change  way to use write trait #66

* change call error message struct #66

* erase finished TODO #66

* erase comment in error message format test #66

* resolve conflict #66

* Feature/call error message struct#66 (#71)

* change ERROR writeln struct #66

* add evtx file path export to csv #76

* fixed test case #76

* fix for #76

* forget cargo fmt -all

* fix testcase

Co-authored-by: ichiichi11 <takai.wa.hajime@gmail.com>
 2021-05-01 09:49:48 +09:00
ichiichi11 377213c294 change comment 2021-03-22 00:02:24 +09:00
ichiichi11 f7ae24a785 change comment 2021-03-21 23:53:06 +09:00
ichiichi11 61ce8415bd マルチスレッド対応 2021-03-21 18:10:09 +09:00
nishikawaakira 7b0357b120 Feature/changeSingleton#53,#65 (#67) 
* change from singleton to global variable

* issue #65

* #65 test mode implemented

* cargo fmt --all
 2021-03-19 04:46:52 +09:00
Alan Smithee f594bb1432 Feature/emessageformat#62 (#64) 
* add struct to alert error message refs #62

* add pub to call module #62
 2021-03-11 20:04:51 +09:00
ichiichi11 7bd044272c #60 2021-03-03 23:29:27 +09:00
ichiichi11 4f42e21529 testcase 修正 2021-02-26 20:44:55 +09:00
ichiichi11 185acd83cd issue57に伴うデグレの修正。検知したログの時間が取得できなくなった問題の修正 2021-02-26 20:37:24 +09:00
ichiichi11 af2331e6ad format 2021-02-25 23:23:43 +09:00
ichiichi11 3e1c4a2942 fix issue#57 2021-02-25 23:04:12 +09:00
nishikawaakira 631dda679a Merge pull request #55 from YamatoSecurity/feature/append_emit_data 
Feat: output detected rule's title
 2020-12-25 11:32:56 +09:00
itiB c130ca08dd refactor 2020-12-17 19:38:00 +09:00
itiB 857e22e6f8 Feat: output detected rule's title 2020-12-17 18:55:56 +09:00
itiB c7dd0adfe1 Merge pull request #43 from YamatoSecurity/feature/emit_csv2 
Update: release csv-timeline function
 2020-12-15 03:00:44 +09:00
ichiichi d9beb3c71b Merge pull request #50 from YamatoSecurity/fix/#40 
resolved #40
 2020-12-13 18:14:18 +09:00
akiranishikawa a87058743e cargo fmt 2020-12-13 17:28:00 +09:00
nishikawaakira 83cf1e398c Merge branch 'main' into feature/emit_csv2 2020-12-13 08:18:29 +00:00
nishikawaakira ca68005d90 Merge pull request #49 from YamatoSecurity/feature/main_refactor 
refactor
 2020-12-10 20:28:11 +00:00
itiB f1844882e6 Refact: after_fact.rs emit time format 2020-12-10 01:57:53 +09:00
kazuminn cec683408e refactor 2020-12-07 17:45:05 +09:00
akiranishikawa f58d5f316b resolved #40 2020-12-07 12:18:48 +09:00
kazuminn d94d18f9cd refactor 2020-12-06 22:50:20 +09:00
kazuminn b9189f8e31 refactor 2020-12-06 22:28:00 +09:00
ichiichi11 b6c89c754b implement directory option 2020-12-05 23:30:09 +09:00
itiB 7d43885d05 feat: emit DateTime with selected timezone 
@fox
 2020-12-05 02:47:19 +09:00
itiB 12110a4687 Update: release csv-timeline function 2020-12-03 23:26:17 +09:00
ichiichi11 9b5f243ff9 refactoring 2020-11-30 21:52:56 +09:00
ichiichi11 0e3d2ebaf4 refactoring 2020-11-30 21:17:30 +09:00
akiranishikawa cd8948de4c merge emit_csv 2020-11-30 08:38:01 +09:00
akiranishikawa 43cfd814a5 message print 2020-11-29 10:16:08 +09:00
itiB 90bf79f85b rm: after_fact()'s return val(Error) 2020-11-29 02:04:28 +09:00
kazuminn acd226edc6 refactor 2020-11-25 21:42:30 +09:00
kazuminn 7933b20271 add credits template 2020-11-25 21:37:34 +09:00
ichiichi11 540eb8f4f5 modify comment 2020-11-22 23:49:46 +09:00
itiB d4ceb8ea8f Add: test for emit_csv 2020-11-22 17:05:44 +09:00
ichiichi11 b2a2b5e672 remove unneccesary file. 2020-11-22 16:16:40 +09:00
ichiichi11 2663d3001b refacotring 2020-11-22 16:04:39 +09:00