秋季更新

2022-09-20 18:31:15 +08:00
parent 5fcfd6ec02
commit 05aea0a27b
25 changed files with 781 additions and 849 deletions
--- a/Server/rules/py/attck/attck.py
+++ b/Server/rules/py/attck/attck.py
@@ -0,0 +1,8 @@
+rule = [
+    {'name': "Ransomware", 'rules': ['T1071',
+                                     'T1036.005', 'T1620', 'T1564.001', 'T1222.001', 'T1059.005', 'T1543.003', 'T1490'], 'hit_num': 7, 'score':100},
+    {'name': "APT-System discovery", 'rules': ['T1018',
+                                               'T1087.001', 'T1087.001', 'T1082', 'T1016'], 'hit_num': 3, 'score':65},
+    {'name': "APT-Hydra", 'rules': ['T1027.004',
+                                    'T1018', 'T1559.001', 'T1218.011', 'T1059.001', 'T1059.005', 'T1570', 'T1087.002', 'T1564', 'T1106', 'T1082', 'T1087.001', 'T1003', 'T1071'], 'hit_num': 10, 'score':100}
+]