Skip to content

Actions: mandiant/capa-rules

Update rules number badge and sync rules submodule in capa

Actions

Loading...
Loading

Show workflow options

Create status badge

Loading
103 workflow runs
103 workflow runs

Filter by Event

Filter by Status

Filter by Branch

Filter by Actor

Add 38 new registry-based persistence techniques (#954)
Update rules number badge and sync rules submodule in capa #626: Commit e033410 pushed by mr-tz
December 9, 2024 10:29 34s master
December 9, 2024 10:29 34s
Improve existing persistence rules (#953)
Update rules number badge and sync rules submodule in capa #625: Commit ce5e041 pushed by mr-tz
December 9, 2024 09:51 40s master
December 9, 2024 09:51 40s
Add 10 file system-based persistence techniques (#955)
Update rules number badge and sync rules submodule in capa #624: Commit ed816a8 pushed by mr-tz
December 3, 2024 16:26 31s master
December 3, 2024 16:26 31s
extend rule features and rename (#969)
Update rules number badge and sync rules submodule in capa #623: Commit 1adcf13 pushed by mr-tz
December 3, 2024 13:12 40s master
December 3, 2024 13:12 40s
Add .NET AoT & TouchSocket linking detection (#948)
Update rules number badge and sync rules submodule in capa #622: Commit 1649218 pushed by mr-tz
November 28, 2024 10:33 41s master
November 28, 2024 10:33 41s
Merge pull request #956 from jorik-utwente/add-miscellaneous-persiste…
Update rules number badge and sync rules submodule in capa #621: Commit f3bb093 pushed by mr-tz
November 25, 2024 08:21 34s master
November 25, 2024 08:21 34s
Merge pull request #952 from jorik-utwente/narrow-dyn-scope-atomic-op…
Update rules number badge and sync rules submodule in capa #620: Commit e50d824 pushed by mr-tz
November 19, 2024 16:42 33s master
November 19, 2024 16:42 33s
Merge pull request #963 from mandiant/mr-tz-patch-1
Update rules number badge and sync rules submodule in capa #619: Commit 5d02084 pushed by mr-tz
November 19, 2024 15:51 36s master
November 19, 2024 15:51 36s
Add rules for various stealer techniques (#960)
Update rules number badge and sync rules submodule in capa #618: Commit 993785d pushed by mr-tz
November 15, 2024 10:12 36s master
November 15, 2024 10:12 36s
added detections for reading/writing shadow file, password database (…
Update rules number badge and sync rules submodule in capa #617: Commit f880b13 pushed by mr-tz
October 30, 2024 15:19 31s master
October 30, 2024 15:19 31s
Merge pull request #950 from mandiant/fix/enc-scope
Update rules number badge and sync rules submodule in capa #616: Commit b325cf8 pushed by mr-tz
October 28, 2024 10:23 32s master
October 28, 2024 10:23 32s
Merge pull request #947 from mandiant/rules-remove-py38-support
Update rules number badge and sync rules submodule in capa #615: Commit 125419b pushed by mr-tz
October 22, 2024 13:09 33s master
October 22, 2024 13:09 33s
get-process-filename.yml: added reference, corrected structure element
Update rules number badge and sync rules submodule in capa #614: Commit 9917a93 pushed by mwilliams31
October 18, 2024 19:09 26s master
October 18, 2024 19:09 26s
get-process-filename.yml: added x86 support (#945)
Update rules number badge and sync rules submodule in capa #613: Commit 01e45df pushed by mr-tz
October 16, 2024 16:11 35s master
October 16, 2024 16:11 35s
access-peb-ldr_data.yml: reference update
Update rules number badge and sync rules submodule in capa #612: Commit 60fcf98 pushed by mwilliams31
October 15, 2024 15:03 41s master
October 15, 2024 15:03 41s
Merge pull request #942 from mandiant/mr-tz-patch-1
Update rules number badge and sync rules submodule in capa #611: Commit 64b174e pushed by mr-tz
October 4, 2024 09:18 31s master
October 4, 2024 09:18 31s
New rule: open-recentdocs-registry-key.yml (#938)
Update rules number badge and sync rules submodule in capa #610: Commit 2317949 pushed by mr-tz
October 3, 2024 09:38 31s master
October 3, 2024 09:38 31s
Merge pull request #932 from jtothej/netfw1
Update rules number badge and sync rules submodule in capa #609: Commit 003341b pushed by mr-tz
October 2, 2024 08:40 29s master
October 2, 2024 08:40 29s
add packed-with-nmm-protect (#940)
Update rules number badge and sync rules submodule in capa #608: Commit 896d912 pushed by williballenthin
September 30, 2024 12:05 29s master
September 30, 2024 12:05 29s
add rule for driver major function ID (#939)
Update rules number badge and sync rules submodule in capa #607: Commit 109890c pushed by mr-tz
September 30, 2024 12:05 25s master
September 30, 2024 12:05 25s
Merge pull request #937 from mandiant/mr-tz-patch-1
Update rules number badge and sync rules submodule in capa #606: Commit bd3f812 pushed by mr-tz
September 27, 2024 07:31 29s master
September 27, 2024 07:31 29s
Add rule get-process-filename.yml (#936)
Update rules number badge and sync rules submodule in capa #605: Commit 627395d pushed by mike-hunhoff
September 26, 2024 17:36 2m 0s master
September 26, 2024 17:36 2m 0s
Add rule for detecting hiding shutdown actions (#935)
Update rules number badge and sync rules submodule in capa #604: Commit 9da73be pushed by mr-tz
September 26, 2024 12:25 36s master
September 26, 2024 12:25 36s
Add SysWhispers2 detection & add 0x2e syscall detection (#888)
Update rules number badge and sync rules submodule in capa #603: Commit 1fd0d8e pushed by mr-tz
September 24, 2024 11:24 26s master
September 24, 2024 11:24 26s
Merge pull request #931 from mandiant/new/20240920
Update rules number badge and sync rules submodule in capa #602: Commit 1bf58dc pushed by mr-tz
September 22, 2024 12:09 26s master
September 22, 2024 12:09 26s