Threat hunting with Wazuh and Yara
Tags
attack-pattern: | Server - T1583.004 Server - T1584.004 Tool - T1588.002 Rootkit - T1014 Sudo - T1169 Rootkit |
Common Information
Type | Value |
---|---|
UUID | 7714919f-b39a-43cd-83f0-bd941ac5a6d9 |
Fingerprint | b37008c53111884b |
Analysis status | DONE |
Considered CTI value | 0 |
Text language | |
Published | June 22, 2023, 7:02 a.m. |
Added to db | June 22, 2023, 9:30 a.m. |
Last updated | Dec. 23, 2024, 3:24 a.m. |
Headline | Threat hunting with Wazuh and Yara |
Title | Threat hunting with Wazuh and Yara |
Detected Hints/Tags/Attributes | 26/1/8 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 17 | packages.wazuh.com |
|
Details | Domain | 4694 | github.com |
|
Details | File | 3 | alerts.log |
|
Details | Github username | 14 | yara-rules |
|
Details | Url | 3 | https://packages.wazuh.com/key/gpg-key-wazuh |
|
Details | Url | 3 | https://packages.wazuh.com/4.x/apt |
|
Details | Url | 1 | https://packages.wazuh.com/4.x/yum |
|
Details | Url | 7 | https://github.com/yara-rules/rules |