bcf8a33e8c
v1.2 pre-release marge ( #495 )
...
* Fix/fix clippy warn (#434 )
- Fixed following Clippy Warnings(previous warning count: 671 -> after: 4)
- clippy::needless_return
- clippy::println_empty_string
- clippy::redundant_field_names
- clippy::single_char_pattern
- clippy::len_zero
- clippy::iter_nth_zero
- clippy::bool_comparison
- clippy::question_mark
- clippy::needless_collect
- clippy::unnecessary_unwrap
- clippy::ptr_arg
- clippy::needless_collect
- clippy::needless_borrow
- clippy::new_without_default
- clippy::assign_op_pattern
- clippy::bool_assert_comparison
- clippy::into_iter_on_ref
- clippy::deref_addrof
- clippy::while_let_on_iterator
- clippy::match_like_matches_macro
- clippy::or_fun_call
- clippy::useless_conversion
- clippy::let_and_return
- clippy::redundant_clone
- clippy::redundant_closure
- clippy::cmp_owned
- clippy::upper_case_acronyms
- clippy::map_identity
- clippy::unused_io_amount
- clippy::assertions_on_constants
- clippy::op_ref
- clippy::useless_vec
- clippy::vec_init_then_push
- clippy::useless_format
- clippy::bind_instead_of_map
- clippy::bool_comparison
- clippy::clone_on_copy
- clippy::too_many_arguments
- clippy::module_inception
- fixed clippy::needless_lifetimes
- fixed clippy::borrowed_box (Thanks for helping by hach1yon!)
* Merge main and output fix#443#444 (#445 )
* removed tools/sigmac (#441 )
* removed tools/sigmac
- moved tools/sigmac to hayabusa-rules repo
* fixed doc link tools/sigmac
* fixed submodule track
* fixed submodule track from latest to v1.1.0 tag
* fixed link
* erased enter #444
* erased enter #444
* reverted logo enter
* fixed rules submodule target commit #444
Co-authored-by: Yamato Security <71482215+YamatoSecurity@users.noreply.github.com >
* readme update screenshots etc (#448 )
* Opensslを静的にコンパイルするためにCargo.tomlの設定変更 (#437 )
* cargo update - openssl static
* updated cargo
* macos2apple
* cargo update
* cargo update
* aliasキーがない場合もEvent.EventDataを自動で走査する (#442 )
* add no event key
* support not-register-alias search
* added checking EventData when key do not match in alias #290
- added checking key in Event.EventData, if key is not exist in eventkey_alias.txt.
* cargo fmt
* fixed panic when filter files does not exists
* fixed errorlog format when filter config files does not exist
Co-authored-by: DustInDark <nextsasasa@gmail.com >
* changed downcast library from mopa to downcast_rs #447 (#450 )
* Fixed Clippy Warnings (#451 )
* fixed clippy warn
* fixed cargo clippy warnging
* fixed clippy warngings in clippy ver 0.1.59
* fixed clippy warnings clippy::unnecessary_to_owned
* added temporary blackhat arsenal badge
* added rust report card badges #453
* added repository maintenance levels badge #453
* documentation update macOS usage etc
* update
* added clippy workflow #428 (#429 )
* added clippy workflow #428
* fixed action yaml to run clippy #428
* fixed indent
* fixed workflow
* fixed workflow error
* fixed indent
* changed no annotation #428
* adujusted annotation version
* fixed clippy::needless_match
* remove if let exception
* removed unnecessary permission check #428
* statistics event id update (#457 )
* Feature/#440 refactoring #395 (#464 )
* updated submodule
* fix degrade for pull req #464 (#468 )
* fix degrade for pull req #464
* add trim
* Fearture/ added output update result#410 (#452 )
* add git2 crate #391
* added Update option #391
* updated readme #391
* fixed cargo.lock
* fixed option if-statement #391
* changed utc short option and rule-update short option #391
* updated readme
* updated readme
* fixed -u long option & version number update #391
* added fast-forwarding rules repository #391
* updated command line option #391
* moved output logo prev update rule
* fixed readme #391
* removed recursive option in readme
* changed rules update from clone and pull to submodule update #391
* fixed document
* changed unnecessary clone recursively to clone only
* English message update.
* cargo fmt
* English message update. ( 4657c35e5c#420
* fixed error #410
* changed update rule list seq
* added test
* fixed output #410
* fixed output and fixed output date field when modified field is lacked #410
* fixed compile error
* fixed output
- added enter after Latest rule update output
- added output when no exist new rule
- fixed Latest rule update date format
- changed output from 'Latest rule update' to 'Latest rules update'
* fixed compile error
* changed modified date source from rules folder to each yml rule file
* formatting use chrono in main.rs
* merge develop clippy ci
* fixed output when no update rule #410
- removed Latest rule update
- no output "Rules update successfully" when No rule changed
* Change English
Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com >
* Remove unnecessary code from timeline_event_info and rename files for… (#470 )
* Remove unnecessary code from timeline_event_info and rename files for issue462
* Remove unnecessary code #462
* add equalsfield pipe (#467 )
* Enhancement: add config config #456 (#471 )
* added config option #456
* added process of option to speicifed config folder #456
following files adjust config option.
* noisy_rules.txt
* exclude_rules.txt
* fixed usage in readme
* updated rules submodule:
* fixed process when yml file exist in .git folder
* ignore when yml file exist in .git folder
* Add: --level-tuning option's outline
* Add: read Rule files
* Add: input rule_level.txt files & read rules
* cargo fmt
* Add: level-tuning function
* Reface: split to options file
* WIP: Text overwrite failed...
* Fix: Text overwrite was failed
* Add: Error handlings
* Add: id, level validation
* mv: IDS_REGEX to configs file
* fix: level tuning's file name
* Cargo fmt
* Pivot Keyword List機能の追加 (#412 )
* add get_pivot_keyword() func
* change function name and call it's function
* [WIP] support config file
* compilete output
* cargo fmt
* [WIP] add test
* add test
* support -o option in pivot
* add pivot mod
* fix miss
* pass test in pivot.rs
* add comment
* pass all test
* add fast return
* fix output
* add test config file
* review
* rebase
* cargo fmt
* test pass
* fix clippy in my commit
* cargo fmt
* little refactor
* change file input logic and config format
* [WIP] change output
* [wip] change deta structure
* change output & change data structure
* pass test
* add config
* cargo fmt & clippy & rebase
* fix cllipy
* delete /rules/ in .gitignore
* clean comment
* clean
* clean
* fix rebase miss
* fix rebase miss
* fix clippy
* file name output on -o to stdout
* add pivot_keywords.txt to ./config
* updated english
* Documentation update
* cargo fmt and clean
* updated translate japanese
* readme update
* readme update
Co-authored-by: DustInDark <nextsasasa@gmail.com >
Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com >
* Add: test
* Add: README.md
* Cargo fmt
* Use
#[cfg(test)]
* Fixed output stop when control char exist in windows terminal (#485 )
* added control character filter in details #382
* fixed document
- removed fixed windows teminal caution in readme
* fixed level tuning test and added test files #390
* changed level_tuning.txt header from next_level to new_level
* fixed convert miss change to low level
* added run args rules path to check test easy #390
* fixed comment out processing in level_tuning.txt
* fixed config to show level-tuning option
* fixed level-tuning option usage from required to option
* reduce output mitre attack detail tachnique No. by config file (#483 )
* reduced mitre attck tag output by config file #477
* prepared 1.2.0 version toml
* added test files and mitre attck strategy tag file #477
* fixed cargo.toml version
* updated cargo.lock
* output tag english update
* cargo fmt
Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com >
* Fix: test file's path was incorrect
* Add: add test_files/config/level_tuning.txt
* Add: Flush method.
* inserted debug data
* reverted config usage
* fixed test yaml file path
* Feature/#216 output allfields csvnewcolumn (#469 )
* refactoring
* refactoring
* under constructing
* underconstructing
* under construction
* underconstructing
* fix existing testcase
* finish implement
* fmt
* add option
* change name
* fix control code bug
* fix disp
* change format and fix testcase
* fix help
* Fix: show usage when hayabusa has no args
* rm: debug line
* Enhance/warning architecture#478 (#482 )
* added enhance of architecture check #478
* changed check architecture process after output logo #478
* English msg update
* fixed detect method of os-bit to windows and linux
* removed mac and unix architecture and binary and updated its process of windows
* fix clippy
* added check on Wow64 env #478
* Update contributors.txt
Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com >
* added --level-tuning option to usage
* Revert "added --level-tuning option to usage"
This reverts commit e6a74090a3#486 )
* added feature of tag output reducing to agg condition #477 (#488 )
* changed level output from informational to info #491
* updated rules submodule
* v1.2 changelog update (#473 )
* changelog update
* Update CHANGELOG.md
added contributor in "Fields that are not defined in eventkey_alias.txt will automatically be searched in Event.EventData."
ref #442
* Update CHANGELOG-Japanese.md
Fields that are not defined in eventkey_alias.txt will automatically be searched in Event.EventData.
added contributor in "Fields that are not defined in eventkey_alias.txt will automatically be searched in Event.EventData."
ref #442
* Update CHANGELOG.md
added bug fixes (#444 ) and `Performance and. accuracy` add contributor ref(#395 )
* Update CHANGELOG-Japanese.md
* Translated v1.2 change log to Japanese
v1.2の内容を日本語に修正
* fixed typo
added lacked back quote.
* added description
added following issue and pr description to readme
- #216 / #469 L8
- #390 / #459 L9
- #478 / #482 L19
- #477/ #483 L20
* added description README.md
added following issue and pr description to readme
- #216 / #469 L8
- #390 / #459 L9
- #478 / #482 L19
- #477/ #483 L20
* changelog update
* changelog update
* update
Co-authored-by: DustInDark <nextsasasa@gmail.com >
* updated rules #493 (#494 )
* Resolve conflict develop (#496 )
* removed tools/sigmac (#441 )
* removed tools/sigmac
- moved tools/sigmac to hayabusa-rules repo
* fixed doc link tools/sigmac
* fixed submodule track
* fixed submodule track from latest to v1.1.0 tag
* fixed link
* fixed rules submodule targe #444
* updated submodule
* updated rules submodule
Co-authored-by: Yamato Security <71482215+YamatoSecurity@users.noreply.github.com >
Co-authored-by: Yamato Security <71482215+YamatoSecurity@users.noreply.github.com >
Co-authored-by: kazuminn <warugaki.k.k@gmail.com >
Co-authored-by: James / hach1yon <32596618+hach1yon@users.noreply.github.com >
Co-authored-by: garigariganzy <tosada31@hotmail.co.jp >
Co-authored-by: itiB <is0312vx@ed.ritsumei.ac.jp >
2022-04-15 12:13:00 +09:00
b3cfedf4a5
removed tools/sigmac ( #441 )
...
* removed tools/sigmac
- moved tools/sigmac to hayabusa-rules repo
* fixed doc link tools/sigmac
* fixed submodule track
* fixed submodule track from latest to v1.1.0 tag
* fixed link
2022-03-05 22:26:22 +09:00
6694b9b4d5
Merge branch 'main' into develop
2022-03-02 20:19:27 +09:00
d498d3114b
Merge branch 'readme-update---32bit-cross-compile-add' of github.com:Yamato-Security/hayabusa into readme-update---32bit-cross-compile-add
2022-03-02 18:29:31 +09:00
5d4c465bcc
fixed janapese usage readme
2022-03-02 18:28:44 +09:00
b43f41e7f2
fixed command option in usage
...
- UTC option is changed from -u to -U
- Run onlive Windows machine is adjusted -l (--live-analysis)
2022-03-02 18:21:55 +09:00
7bc845ea81
cross compile command fix
2022-03-02 18:14:28 +09:00
5fdcd40179
usage update
2022-03-02 17:02:19 +09:00
4572bb98f4
add linux compile comment
2022-03-02 16:19:25 +09:00
02628526ec
use standard cargo build to compile
2022-03-02 13:34:33 +09:00
bd4f433b73
readme update - 32bit compile add
2022-03-02 10:13:45 +09:00
b0434726ca
readme update mac compile error ( #431 )
2022-02-28 15:23:32 +09:00
087529ee91
readme update-RuleDocToHayabusRulesRepo BugSub ( #427 )
2022-02-28 10:14:27 +09:00
92c472d451
Hotfix/moved rule configs to hayabusa rules repo#409 ( #414 )
...
* fixed target config path #409
* fixed target config file path in test #409
* fixed rules target #409
* Documentation fix, deleted unneeded config files
* added workflow
* changed submodule option
* fixed worksflow to ref submodule
* fixed gitmodules
* fixed workflow
* check code insert
* added update submodules command
* test rules update
* removed test runs
* fixed error
Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com >
2022-02-26 18:19:19 +09:00
02b1d7f07c
added update command #391 ( #392 )
...
* add git2 crate #391
* added Update option #391
* updated readme #391
* fixed cargo.lock
* fixed option if-statement #391
* changed utc short option and rule-update short option #391
* updated readme
* updated readme
* fixed -u long option & version number update #391
* added fast-forwarding rules repository #391
* updated command line option #391
* moved output logo prev update rule
* fixed readme #391
* removed recursive option in readme
* English message update.
* cargo fmt
* Added update command#391 submodule ver (#401 )
* changed rules update from clone and pull to submodule update #391
* fixed document
* changed unnecessary clone recursively to clone only
* English message update. ( 4657c35e5c71482215+YamatoSecurity@users.noreply.github.com >
* added caution case of update failed in readme #391
* fixed document
* added output error in case of loaded rule count is 0 #391 #392
https://github.com/Yamato-Security/hayabusa/pull/392#issuecomment-1050276570
* --update-rules typo
* removed unused library call
Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com >
2022-02-26 18:18:03 +09:00
47c1d42daf
Add: Table of Contents to README
2022-02-17 00:19:17 +09:00
0a559da580
Fixed Readme ( #399 )
...
* add shields to README-Japanese.md
* replaced README.md to README-English.md
* fixed tags url ref
* fixed reference typo
* fixed hayabusa logo view size
* fixed readme
2022-02-16 09:28:52 +09:00
df86958850
added live analysys feature ( #398 )
...
* added windows live analysis option #125
* added live analysis option #125
* fixed live analysys condition #125
* changed live analysis option #125
* added live-analysis option in readme #125
* fixed live-analysis check condition #125
* is_elevated crate is only windows #125
* fixed is_elevated build error #125
* fixed is_elevated library crate load
* fixed call way os dependencies crate #125
* fix build error on linux and removed unnecessary create #125
* fixed lack of load crate when build at windows #125
* Update error message
Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com >
2022-02-15 02:12:45 +09:00
9cb54a9192
Hotfix/no output colorcode in no true color#376 ( #378 )
...
* added color code emit_csv test
* replaced HashMap and HashSet to hashbrown #368
* removed debug output in test #368
* added color option #376
* fixed process of output check #376
* removed color output check from test #376
* english updates
* colored detections and rules count output by level #384
* refactoring in colored output process #384
* update usage #364 #376
* fixed markdown lint
* added windows terminal bug evasion way #382
* update readme
* fixed colored output test
Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com >
2022-02-09 09:29:36 +09:00
72864031cd
readme update
2022-01-30 11:50:32 +09:00
c9bb43eb37
readme update
2022-01-30 09:22:17 +09:00
6bf4b59c6a
readme update
2022-01-30 09:20:52 +09:00
3f8cf756c1
readme update
2022-01-30 09:16:20 +09:00
10858d574f
update readme
2022-01-29 17:01:44 +09:00
1e1300f6db
fixed WELA link
2022-01-28 15:41:16 +09:00
b56448a356
readme update
2022-01-28 14:03:59 +09:00
b12029de5c
Feature/colorlog#239 ( #365 )
...
* added color carete #239
* added hex library
* added color config file parser #239
* added color output feature #239
* changed fast hashmap library
* added color output description(Japanese) #239
* added color output description(English) #239
* fixed medium level typo
* removed white color font level #239
* added trim and loose colorcode condition #239
* fixed hex convert error panic #239
- output warn and go next iterator when happen hex convert panic
- added user input in hex convert warn output to use easily
2022-01-26 01:39:14 +09:00
41910c0813
Update: README for submodule
2022-01-14 00:33:43 +09:00
4ae2e196f1
fix typo link
2021-12-25 18:55:13 +09:00
0d48b12b23
fix japanese pdf link
2021-12-25 17:18:01 +09:00
dd2acfc061
fix image broken link and add PDFs
2021-12-25 16:58:15 +09:00
edd37039de
readme fix
2021-12-25 10:36:41 +09:00
182c1f1dfd
change readme
2021-12-25 10:29:52 +09:00
b4e34f8d31
update readme
2021-12-25 10:17:42 +09:00
474ed513b1
readmeを色々修正 ( #346 )
...
* 色々修正
* ちょっと修正
* fix camelcase
* fix
* little fix
* fix
* Added section on running from bin directory
* fix jp
Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com >
2021-12-25 09:29:06 +09:00
ea89393f7e
updated benchmark section
2021-12-23 04:39:25 +09:00
1263e5a528
readme change output field to details
2021-12-22 20:37:12 +09:00
04a5c6bb3e
Added about sample report
2021-12-22 14:06:54 +09:00
e8016486d5
timeframe explain update
2021-12-22 10:57:27 +09:00
1985bf91ef
add -Q explanation
2021-12-22 08:32:41 +09:00
479701ddb3
id filter section update
2021-12-22 08:26:09 +09:00
71d8e42614
readmeupdate
2021-12-21 20:34:24 +09:00
02489b4124
readme update
2021-12-21 20:01:08 +09:00
b1c9725797
readme update
2021-12-21 19:50:30 +09:00
9a97e81ff8
readme update
2021-12-21 14:20:08 +09:00
c4ea1ca155
Git clone and output sections added. syntax highL
2021-12-20 08:34:42 +09:00
197bef17a7
readme update
2021-12-19 22:08:36 +09:00
199a8231c1
v1.0でリリースしない機能の削除、contributorsの表示、levelオプションのデフォルト値修正 #141 #211 ( #218 )
...
* changed default level to Low #211
* fixed usage #211
* erased Lang option #195
* changed output credit to contributors #141
* Removed contributor information for uncreated features and features that will not be introduced in v1.0. #141
* removed slack notification feature #202
- removed config option
- removed artifact slack notification call
* removed description of slack notification #202
* fixed default level to Low #211
* removed description about slack notification #202
2021-11-20 09:56:59 +09:00
9273861d55
Readmeの更新
2021-11-06 08:14:27 +09:00
DustInDark
Tanaka Zakku
itiB
kazuminn
James Takai / hach1yon