Skip to content

Commit

Permalink
Update Readme, rules
Browse files Browse the repository at this point in the history
Clean deprecated tools
  • Loading branch information
wagga40 committed Jun 1, 2024
1 parent 79187c9 commit 0257ea7
Show file tree
Hide file tree
Showing 18 changed files with 205,585 additions and 202,118 deletions.
8 changes: 6 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,8 @@ The use of [evtx_dump](https://github.com/omerbenamram/evtx) is **optional but r

## Quick start

Check tutorials made by other (EN, SP and FR) [here](#tutorials).

### EVTX files :

Help is available with `zircolite.py -h`. If your EVTX files have the extension ".evtx" :
Expand Down Expand Up @@ -96,9 +98,11 @@ The Mini-GUI can be used totally offline, it allows the user to display and sear

### Tutorials

- [Russ McRee](https://holisticinfosec.io) has published a pretty good [tutorial](https://holisticinfosec.io/post/2021-09-28-zircolite/) on SIGMA and **Zircolite** in his [blog](https://holisticinfosec.io/post/2021-09-28-zircolite/)
- (EN) [Russ McRee](https://holisticinfosec.io) has published a pretty good [tutorial](https://holisticinfosec.io/post/2021-09-28-zircolite/) on SIGMA and **Zircolite** in his [blog](https://holisticinfosec.io/post/2021-09-28-zircolite/)

- (SP) **César Marín** has published a tutorial in **spanish** [here](https://derechodelared.com/zircolite-ejecucion-de-reglas-sigma-en-ficheros-evtx/)

- **César Marín** has published a tutorial in **spanish** [here](https://derechodelared.com/zircolite-ejecucion-de-reglas-sigma-en-ficheros-evtx/)
- (FR) [IT-connect.fr](https://www.it-connect.fr/) has published [a very extensive tutorial](https://www.it-connect.fr/) in **French** on Zircolite

### References

Expand Down
Empty file modified docs/Advanced.md
100755 → 100644
Empty file.
Binary file modified docs/Zircolite_manual.pdf
Binary file not shown.
3,304 changes: 1,661 additions & 1,643 deletions rules/rules_linux.json

Large diffs are not rendered by default.

27,775 changes: 13,963 additions & 13,812 deletions rules/rules_windows_generic.json

Large diffs are not rendered by default.

52,938 changes: 26,733 additions & 26,205 deletions rules/rules_windows_generic_full.json

Large diffs are not rendered by default.

27,775 changes: 13,963 additions & 13,812 deletions rules/rules_windows_generic_high.json

Large diffs are not rendered by default.

49,005 changes: 24,718 additions & 24,287 deletions rules/rules_windows_generic_medium.json

Large diffs are not rendered by default.

44,589 changes: 22,578 additions & 22,011 deletions rules/rules_windows_generic_pysigma.json

Large diffs are not rendered by default.

27,775 changes: 13,963 additions & 13,812 deletions rules/rules_windows_sysmon.json

Large diffs are not rendered by default.

52,938 changes: 26,733 additions & 26,205 deletions rules/rules_windows_sysmon_full.json

Large diffs are not rendered by default.

Loading

0 comments on commit 0257ea7

Please sign in to comment.