pr · Workflow runs · rabbitstack/fibratus

Actions

All workflows
Workflows
- CodeQL CodeQL
- Dependabot Updates Dependabot Updates
- master master
- pages-build-deployment pages-build-deployment
- pr pr
- release release
Management
- Caches
- Deployments

pr

Actions

Loading...
Loading

pr.yml

340 workflow runs

feat(rules): New LSASS access from unsigned executable rule pr #711: Pull request #476 opened by rabbitstack

30m 51s lsass-access-from-unsigned-executable

lsass-access-from-unsigned-executable

30m 51s

feat(rules): New LSASS handle leak via Seclogon rule pr #710: Pull request #475 opened by rabbitstack

21m 7s lsass-handle-leak-via-seclogon

lsass-handle-leak-via-seclogon

21m 7s

chore(deps): bump github.com/spf13/viper from 1.6.2 to 1.20.1 pr #709: Pull request #474 opened by dependabot bot

33m 1s dependabot/go_modules/github.com/spf13/viper-1.20.1

dependabot/go_modules/github.com/spf13/viper-1.20.1

33m 1s

feat(rules): New DLL loaded via LdrpKernel32 overwrite rule pr #708: Pull request #473 opened by rabbitstack

4m 52s dll-loaded-via-ldrpkernel32-overwrite

dll-loaded-via-ldrpkernel32-overwrite

4m 52s

feat(rules): New Suspicious access to the hosts file rule pr #707: Pull request #472 opened by rabbitstack

32m 45s suspicious-access-to-hosts-file

suspicious-access-to-hosts-file

32m 45s

chore(rules): Format rule conditions pr #706: Pull request #471 synchronize by rabbitstack

15m 45s reformat-rules

reformat-rules

15m 45s

chore(rules): Format rule conditions pr #705: Pull request #471 opened by rabbitstack

1m 51s reformat-rules

reformat-rules

1m 51s

feat(rules): New Potential ClickFix infection chain via Run window rule pr #704: Pull request #470 synchronize by rabbitstack

17m 32s potential-clickfix-infection-via-run-dialog

potential-clickfix-infection-via-run-dialog

17m 32s

feat(rules): New Potential ClickFix infection chain via Run window rule pr #703: Pull request #470 synchronize by rabbitstack

31m 46s potential-clickfix-infection-via-run-dialog

potential-clickfix-infection-via-run-dialog

31m 46s

feat(rules): New Potential ClickFix infection chain via Run window rule pr #702: Pull request #470 synchronize by rabbitstack

26m 32s potential-clickfix-infection-via-run-dialog

potential-clickfix-infection-via-run-dialog

26m 32s

feat(rules): New Potential ClickFix infection chain via Run window rule pr #701: Pull request #470 opened by rabbitstack

31m 37s potential-clickfix-infection-via-run-dialog

potential-clickfix-infection-via-run-dialog

31m 37s

feat(rules): New LSASS memory dump via MiniDumpWriteDump rule pr #700: Pull request #469 synchronize by rabbitstack

3m 20s lsass-memory-dump-via-minidumpwritedump

lsass-memory-dump-via-minidumpwritedump

3m 20s

feat(rules): New LSASS memory dump via MiniDumpWriteDump rule pr #699: Pull request #469 opened by rabbitstack

16m 56s lsass-memory-dump-via-minidumpwritedump

lsass-memory-dump-via-minidumpwritedump

16m 56s

fix(rules): Exclusion for OneDrive to tune false positives in Potential process hollowing rule pr #698: Pull request #450 synchronize by rabbitstack

17m 53s correct-potential-process-hollowing-injection-rule

correct-potential-process-hollowing-injection-rule

17m 53s

feat(filter): Thread pool filter fields pr #697: Pull request #468 opened by rabbitstack

28m 46s threadpool-accessor

threadpool-accessor

28m 46s

chore(rules): Improve Unsigned DLL injection via remote thread rule pr #696: Pull request #466 opened by rabbitstack

24m 18s solidfy-unsigned-dll-inject-via-remote-thread-rule

solidfy-unsigned-dll-inject-via-remote-thread-rule

24m 18s

fix(rule-engine): Add expire sequence condition for CreateThread event pr #695: Pull request #465 opened by rabbitstack

23m 18s expire-sequence-remote-thread-process

expire-sequence-remote-thread-process

23m 18s

fix(rules): Add process executable exceptions for Potential process injection via tainted memory section rule pr #694: Pull request #460 synchronize by rabbitstack

29m 19s add-exceptions-for-potential-process-injection-via-tainted-memory-section

add-exceptions-for-potential-process-injection-via-tainted-memory-section

29m 19s

feat(rules): New Suspicious object symbolic link creation rule pr #693: Pull request #463 synchronize by rabbitstack

26m 3s suspicious-object-symbolic-link-creation-rule

suspicious-object-symbolic-link-creation-rule

26m 3s

fix(rules): Add process executable exceptions for Potential process injection via tainted memory section rule pr #692: Pull request #460 synchronize by rabbitstack

29m 43s add-exceptions-for-potential-process-injection-via-tainted-memory-section

add-exceptions-for-potential-process-injection-via-tainted-memory-section

29m 43s

fix(ci): Only consider modified rules pr #691: Pull request #464 synchronize by rabbitstack

16m 27s only-consider-modified-rules

only-consider-modified-rules

16m 27s

fix(ci): Only consider modified rules pr #690: Pull request #464 opened by rabbitstack

2m 49s only-consider-modified-rules

only-consider-modified-rules

2m 49s

feat(rules): New Suspicious object symbolic link creation rule pr #689: Pull request #463 opened by rabbitstack

28m 45s suspicious-object-symbolic-link-creation-rule

suspicious-object-symbolic-link-creation-rule

28m 45s

fix(rules): Add process executable exceptions for Potential process injection via tainted memory section rule pr #688: Pull request #460 synchronize by rabbitstack

27m 12s add-exceptions-for-potential-process-injection-via-tainted-memory-section

add-exceptions-for-potential-process-injection-via-tainted-memory-section

27m 12s

fix(filter): Interpolation for arg-based fields pr #687: Pull request #462 opened by rabbitstack

22m 44s fix-field-argument-interpolation

fix-field-argument-interpolation

22m 44s

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Actions

Workflows

Management

pr

Actions

Loading...
Loading

pr

Uh oh!

Create status badge

Uh oh!

Filter by Event

Sorry, something went wrong.

Sorry, something went wrong.

No matching events.

Filter by Status

Sorry, something went wrong.

Sorry, something went wrong.

No matching statuses.

Filter by Branch

Sorry, something went wrong.

Sorry, something went wrong.

No matching branches.

Filter by Actor

Sorry, something went wrong.

Sorry, something went wrong.

No matching users.

Uh oh!

Actions: rabbitstack/fibratus

Actions

pr pr Actions Loading... Loading Sorry, something went wrong. Uh oh! There was an error while loading. Please reload this page.

pr

pr

Actions

Loading...
Loading