-
-
Notifications
You must be signed in to change notification settings - Fork 203
Pull requests: rabbitstack/fibratus
Author
Label
Projects
Milestones
Reviews
Assignee
Sort
Pull requests list
feat(rules): New Anything related to detection rules
Suspicious activity from a reflected process rule
rules
#598
opened Feb 3, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Suspicious virtual path redirection rule
rules
#597
opened Feb 3, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Suspicious MSHTA execution via HTML smuggling rule
rules
#596
opened Feb 3, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Suspicious file delivery via HTML smuggling rule
rules
#595
opened Feb 3, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Process spawned from unusual directory rule
rules
#594
opened Feb 3, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Suspicious process execution from archive via shortcut file rule
rules
#593
opened Feb 2, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Process execution from compressed file via Explorer rule
rules
#592
opened Feb 2, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Process creation from a stomped module rule
rules
#591
opened Feb 2, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Potential LSA secrets registry dumping rule
rules
#590
opened Feb 2, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Activity from unhooked NTDLL module rule
rules
#589
opened Feb 2, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Potential NTLM hash leak via shortcut file rule
rules
#585
opened Feb 1, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Embedded script execution via shortcut file rule
rules
#584
opened Feb 1, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Embedded executable file run via shortcut rule
rules
#583
opened Jan 29, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Credential Manager access via known tools rule
rules
#582
opened Jan 28, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Clickfix phishing via browser dialog box rule
rules
#581
opened Jan 28, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Process execution from remote memory section rule
rules
#580
opened Jan 28, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Potential NTDLL unhooking via file mapping rule
rules
#579
opened Jan 28, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Suspicious child spawned via reflected process rule
rules
#578
opened Jan 28, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Suspicious child process integrity level rule
rules
#577
opened Jan 28, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Thread context manipulation from exception handler rule
rules
#576
opened Jan 28, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Potential mandatory profile registry persistence rule
rules
#575
opened Jan 27, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Potential shellcode injection via Windows Debugging API rule
rules
#574
opened Jan 26, 2026 by
rabbitstack
Loading…
feat(rules): New Anything related to detection rules
Potential NTLM hash leak via MS Photos rule
rules
#559
opened Jan 2, 2026 by
rabbitstack
Loading…
chore(deps): bump golang.org/x/crypto from 0.36.0 to 0.45.0
deps
Anything related to dependencies
#537
opened Nov 20, 2025 by
dependabot
bot
Loading…
Previous Next
ProTip!
Filter pull requests by the default branch with base:master.