├── .github ├── FUNDING.yml └── workflows │ └── go.yml ├── LICENSE ├── README.md ├── assets ├── logo-src.svg └── logo.svg ├── engine ├── attack.go ├── buffer.go ├── conditions.go ├── containers.go ├── detection.go ├── detection_test.go ├── engine.go ├── engine_test.go ├── event.go ├── event_test.go ├── extract_test.go ├── filter_test.go ├── filters.go ├── log_types.go ├── matches.go ├── parser_test.go ├── path.go ├── path_test.go ├── rules.go ├── template.go ├── template_test.go ├── test │ └── data │ │ ├── 1000rules.json │ │ ├── compiled.gen │ │ ├── events.json.gz │ │ └── rule-test1.gen ├── validation_test.go ├── var_test.go ├── version.go └── version_test.go ├── gene.go ├── go.mod ├── go.sum ├── makefile ├── reducer ├── reducer.go ├── reducer_test.go └── test │ └── compiled.gen ├── scripts ├── ci │ └── coverage.sh ├── migraterule.py ├── requirements.txt └── sigma2gene.py └── template ├── template.go └── template_test.go /.github/FUNDING.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/.github/FUNDING.yml -------------------------------------------------------------------------------- /.github/workflows/go.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/.github/workflows/go.yml -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/README.md -------------------------------------------------------------------------------- /assets/logo-src.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/assets/logo-src.svg -------------------------------------------------------------------------------- /assets/logo.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/assets/logo.svg -------------------------------------------------------------------------------- /engine/attack.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/attack.go -------------------------------------------------------------------------------- /engine/buffer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/buffer.go -------------------------------------------------------------------------------- /engine/conditions.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/conditions.go -------------------------------------------------------------------------------- /engine/containers.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/containers.go -------------------------------------------------------------------------------- /engine/detection.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/detection.go -------------------------------------------------------------------------------- /engine/detection_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/detection_test.go -------------------------------------------------------------------------------- /engine/engine.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/engine.go -------------------------------------------------------------------------------- /engine/engine_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/engine_test.go -------------------------------------------------------------------------------- /engine/event.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/event.go -------------------------------------------------------------------------------- /engine/event_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/event_test.go -------------------------------------------------------------------------------- /engine/extract_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/extract_test.go -------------------------------------------------------------------------------- /engine/filter_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/filter_test.go -------------------------------------------------------------------------------- /engine/filters.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/filters.go -------------------------------------------------------------------------------- /engine/log_types.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/log_types.go -------------------------------------------------------------------------------- /engine/matches.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/matches.go -------------------------------------------------------------------------------- /engine/parser_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/parser_test.go -------------------------------------------------------------------------------- /engine/path.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/path.go -------------------------------------------------------------------------------- /engine/path_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/path_test.go -------------------------------------------------------------------------------- /engine/rules.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/rules.go -------------------------------------------------------------------------------- /engine/template.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/template.go -------------------------------------------------------------------------------- /engine/template_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/template_test.go -------------------------------------------------------------------------------- /engine/test/data/1000rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/test/data/1000rules.json -------------------------------------------------------------------------------- /engine/test/data/compiled.gen: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/test/data/compiled.gen -------------------------------------------------------------------------------- /engine/test/data/events.json.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/test/data/events.json.gz -------------------------------------------------------------------------------- /engine/test/data/rule-test1.gen: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/test/data/rule-test1.gen -------------------------------------------------------------------------------- /engine/validation_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/validation_test.go -------------------------------------------------------------------------------- /engine/var_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/var_test.go -------------------------------------------------------------------------------- /engine/version.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/version.go -------------------------------------------------------------------------------- /engine/version_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/engine/version_test.go -------------------------------------------------------------------------------- /gene.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/gene.go -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/go.mod -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/go.sum -------------------------------------------------------------------------------- /makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/makefile -------------------------------------------------------------------------------- /reducer/reducer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/reducer/reducer.go -------------------------------------------------------------------------------- /reducer/reducer_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/reducer/reducer_test.go -------------------------------------------------------------------------------- /reducer/test/compiled.gen: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/reducer/test/compiled.gen -------------------------------------------------------------------------------- /scripts/ci/coverage.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/scripts/ci/coverage.sh -------------------------------------------------------------------------------- /scripts/migraterule.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/scripts/migraterule.py -------------------------------------------------------------------------------- /scripts/requirements.txt: -------------------------------------------------------------------------------- 1 | PyYAML>=3.11 2 | -------------------------------------------------------------------------------- /scripts/sigma2gene.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/scripts/sigma2gene.py -------------------------------------------------------------------------------- /template/template.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/template/template.go -------------------------------------------------------------------------------- /template/template_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/0xrawsec/gene/HEAD/template/template_test.go --------------------------------------------------------------------------------