Apply automatic changes

wikijm · github-actions[bot] · commit 49c737cbd4f5 · 2026-01-25T01:49:56.000Z
diff --git a/S1PQ-rules-linux-network_connection/net_connection_lnx_back_connect_shell_dev.md b/S1PQ-rules-linux-network_connection/net_connection_lnx_back_connect_shell_dev.md
@@ -1,5 +1,5 @@
 ```sql
-// Translated content (automatically translated on 24-01-2026 01:38:12):
+// Translated content (automatically translated on 25-01-2026 01:49:55):
 (event.category in ("dns","url","ip")) and (endpoint.os="linux" and (src.process.image.path contains "/bin/bash" and (not (dst.ip.address in ("127.0.0.1","0.0.0.0")))))
 ```
 
diff --git a/S1PQ-rules-linux-network_connection/net_connection_lnx_crypto_mining_indicators.md b/S1PQ-rules-linux-network_connection/net_connection_lnx_crypto_mining_indicators.md
@@ -1,5 +1,5 @@
 ```sql
-// Translated content (automatically translated on 24-01-2026 01:38:12):
+// Translated content (automatically translated on 25-01-2026 01:49:55):
 (event.category in ("dns","url","ip")) and (endpoint.os="linux" and ((url.address in ("pool.minexmr.com","fr.minexmr.com","de.minexmr.com","sg.minexmr.com","ca.minexmr.com","us-west.minexmr.com","pool.supportxmr.com","mine.c3pool.com","xmr-eu1.nanopool.org","xmr-eu2.nanopool.org","xmr-us-east1.nanopool.org","xmr-us-west1.nanopool.org","xmr-asia1.nanopool.org","xmr-jp1.nanopool.org","xmr-au1.nanopool.org","xmr.2miners.com","xmr.hashcity.org","xmr.f2pool.com","xmrpool.eu","pool.hashvault.pro","moneroocean.stream","monerocean.stream")) or (event.dns.request in ("pool.minexmr.com","fr.minexmr.com","de.minexmr.com","sg.minexmr.com","ca.minexmr.com","us-west.minexmr.com","pool.supportxmr.com","mine.c3pool.com","xmr-eu1.nanopool.org","xmr-eu2.nanopool.org","xmr-us-east1.nanopool.org","xmr-us-west1.nanopool.org","xmr-asia1.nanopool.org","xmr-jp1.nanopool.org","xmr-au1.nanopool.org","xmr.2miners.com","xmr.hashcity.org","xmr.f2pool.com","xmrpool.eu","pool.hashvault.pro","moneroocean.stream","monerocean.stream"))))
 ```
 
diff --git a/S1PQ-rules-linux-network_connection/net_connection_lnx_ngrok_tunnel.md b/S1PQ-rules-linux-network_connection/net_connection_lnx_ngrok_tunnel.md
@@ -1,5 +1,5 @@
 ```sql
-// Translated content (automatically translated on 24-01-2026 01:38:12):
+// Translated content (automatically translated on 25-01-2026 01:49:55):
 (event.category in ("dns","url","ip")) and (endpoint.os="linux" and ((url.address contains "tunnel.us.ngrok.com" or url.address contains "tunnel.eu.ngrok.com" or url.address contains "tunnel.ap.ngrok.com" or url.address contains "tunnel.au.ngrok.com" or url.address contains "tunnel.sa.ngrok.com" or url.address contains "tunnel.jp.ngrok.com" or url.address contains "tunnel.in.ngrok.com") or (event.dns.request contains "tunnel.us.ngrok.com" or event.dns.request contains "tunnel.eu.ngrok.com" or event.dns.request contains "tunnel.ap.ngrok.com" or event.dns.request contains "tunnel.au.ngrok.com" or event.dns.request contains "tunnel.sa.ngrok.com" or event.dns.request contains "tunnel.jp.ngrok.com" or event.dns.request contains "tunnel.in.ngrok.com")))
 ```
 
