CSEC_PUBLIC/hayabusa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
299 Commits 6 Branches 18 Tags
ac5c5c2917e4a6716bb8e3449ed498682f0ddde5
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
DustInDark ac5c5c2917 Bugfix/yml alias not found all data output#227 (#241) 
* removed no use alias #227

* changed case of object type  return none #227

- serde json value is object type when alias key dont exist in detected record.

* adjust serde_number_to_string function return value change #227

* adjust yml rule to change of aliaskey_alias.txt #227

* merged same regex as static

* create new struct to reduce same output in rule and keyword warn message #227

* changed output position

* removed regression warnings #227

* removed output wanring

* Fixed a possible panic when None. #227

* added parse_message test #227

* added get_serde_number_to_string tests #227

* removed unnecessary test data part in get_serde_numuber_to_string test #227
2021-12-04 11:49:38 +09:00
.github/workflows
github actions file add
2020-10-17 15:49:59 +09:00
art
Feature/output logo#206 (#222)
2021-11-21 15:16:44 +09:00
config
Bugfix/yml alias not found all data output#227 (#241)
2021-12-04 11:49:38 +09:00
doc
Hotfix/load rule level changed info to informational#237#238 (#240)
2021-11-28 18:27:58 +09:00
rules
rule update (#249)
2021-12-03 15:52:43 +09:00
rules-noisy
Rule tuning
2021-11-18 10:31:28 +09:00
sample-evtx
sample-evtx
2021-11-15 05:54:24 +09:00
src
Bugfix/yml alias not found all data output#227 (#241)
2021-12-04 11:49:38 +09:00
test_files
Feature/risk level condition#45 (#186)
2021-11-11 23:47:29 +09:00
tools/sigmac
Feature/addruletype to sigma rule#230 (#235)
2021-11-28 18:14:51 +09:00
.env.example
Feature/slack_notify#134 (#139)
2021-09-30 20:43:50 +09:00
.gitignore
Feature/slack_notify#134 (#139)
2021-09-30 20:43:50 +09:00
Cargo.lock
added progress bar #199 (#247)
2021-12-03 10:12:31 +09:00
Cargo.toml
added progress bar #199 (#247)
2021-12-03 10:12:31 +09:00
contributors.txt
Feature/output unique detection#209 (#225)
2021-11-24 21:15:43 +09:00
hayabusa-logo.png
Readmeの更新
2021-11-06 08:14:27 +09:00
README-English.md
v1.0でリリースしない機能の削除、contributorsの表示、levelオプションのデフォルト値修正 #141 #211 (#218)
2021-11-20 09:56:59 +09:00
README-Japanese.md
v1.0でリリースしない機能の削除、contributorsの表示、levelオプションのデフォルト値修正 #141 #211 (#218)
2021-11-20 09:56:59 +09:00
README.md
Readmeの更新
2021-11-06 08:14:27 +09:00

README.md

Hayabusa Readme:

English

Japanese

Reference in New Issue View Git Blame Copy Permalink
Description
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
attackdetectiondfireventforensicshayabusahuntingincidentlogsninjaresponserustsecuritysigmatakoyakithreatwindowsyamato
Readme 106 MiB
Languages
Rust 99.7%
CSS 0.3%