시그니처 리스트, Signature List
번호날짜ID시그니처 (Total Ruleset: 27,111개)
14,9112015/01/20 2017814  ET CURRENT_EVENTS Safe/CritX/FlashPack URI Struct .php?id=Hex;  
14,9102015/01/20 2017813  ET CURRENT_EVENTS Safe/CritX/FlashPack Payload;  
14,9092015/01/20 2017812  ET CURRENT_EVENTS Safe/CritX/FlashPack URI with Windows Plugin-Detect Data;  
14,9082015/01/20 2017811  ET CURRENT_EVENTS Magnitude EK (formerly Popads) Java Jar Download;  
14,9072015/01/20 2017810  ET EXPLOIT Metasploit Browser Exploit Server Plugin Detect;  
14,9062015/01/20 2017809  ET CURRENT_EVENTS Angler EK XOR'd Payload;  
14,9052015/01/20 2017808  ET WEB_SERVER Possible MySQL SQLi Attempt Information Schema Access; [1
14,9042015/01/20 2017807  ET WEB_SERVER Possible MySQL SQLi User-Dump Attempt; [1
14,9032015/01/20 2017806  ET WEB_SERVER Possible WebLogic Operator Login With Default Creds; [1
14,9022015/01/20 2017805  ET WEB_SERVER Possible WebLogic Monitor Login With Default Creds; [1
14,9012015/01/20 2017804  ET WEB_SERVER Possible WebLogic Admin Login With Default Creds; [1
14,9002015/01/20 2017803  ET WEB_SERVER Possible WebLogic Admin Login With Default Creds; [1
14,8992015/01/20 2017802  ET WEB_SPECIFIC_APPS SAP Possible CTC Auth/HTTP Verb Bypass Attempt; [1
14,8982015/01/20 2017801  ET WEB_SPECIFIC_APPS PeopleSoft Portal Command with Default Creds; [1
14,8972015/01/20 2017800  ET EXPLOIT Zollard PHP Exploit Telnet Outbound; [1
14,8962015/01/20 2017799  ET EXPLOIT Zollard PHP Exploit Telnet Inbound; [1
14,8952015/01/20 2017798  ET EXPLOIT Zollard PHP Exploit UA; [1
14,8942015/01/20 2017797  ET CURRENT_EVENTS HiMan EK - TDS - POST hyt=;  
14,8932015/01/20 2017796  ET CURRENT_EVENTS HiMan EK - Landing Page;  
14,8922015/01/20 2017795  ET DELETED HiMan EK - Payload Downloaded - EXE in ZIP Downloaded by Java;  
14,8912015/01/20 2017794  ET CURRENT_EVENTS HiMan EK - Flash Exploit;  
14,8902015/01/20 2017793  ET CURRENT_EVENTS HiMan EK - Payload Requested;  
14,8892015/01/20 2017792  ET CURRENT_EVENTS Hostile fake DHL mailing campaign;  
14,8882015/01/20 2017791  ET CURRENT_EVENTS Polling/Check-in/Compromise from fake DHL mailing campaign;  
14,8872015/01/20 2017790  ET EXPLOIT Adobe PDF CVE-2013-0640; [1
14,8862015/01/20 2017789  ET CURRENT_EVENTS JJEncode Encoded Script Inside of PDF Likely Evil;  
14,8852015/01/20 2017788  ET MOBILE_MALWARE Android.KorBanker Successful Fake Banking App Install CnC Server Acknowledgement; [1
14,8842015/01/20 2017787  ET MOBILE_MALWARE Android.KorBanker Fake Banking App Install CnC Beacon; [1
14,8832015/01/20 2017786  ET CURRENT_EVENTS SNET EK Activity Nov 27 2013;  
14,8822015/01/20 2017785  ET CURRENT_EVENTS Nuclear EK IE Exploit CVE-2013-2551;  
14,8812015/01/20 2017784  ET TROJAN WORM_VOBFUS Checkin Generic 2; [1,2
14,8802015/01/20 2017783  ET CURRENT_EVENTS Possible Android InMobi SDK SideDoor Access registerMicListener; [1
14,8792015/01/20 2017782  ET CURRENT_EVENTS Possible Android InMobi SDK SideDoor Access sendSMS; [1
14,8782015/01/20 2017781  ET CURRENT_EVENTS Possible Android InMobi SDK SideDoor Access sendMail; [1
14,8772015/01/20 2017780  ET CURRENT_EVENTS Possible Android InMobi SDK SideDoor Access postToSocial; [1
14,8762015/01/20 2017779  ET CURRENT_EVENTS Possible Android InMobi SDK SideDoor Access makeCall; [1
14,8752015/01/20 2017778  ET CURRENT_EVENTS Possible Android InMobi SDK SideDoor Access getGalleryImage; [1
14,8742015/01/20 2017777  ET CURRENT_EVENTS Possible Android InMobi SDK SideDoor Access takeCameraPicture; [1
14,8732015/01/20 2017776  ET TROJAN Darkness DDoS Common Intial Check-in Response wtf;  
14,8722015/01/20 2017775  ET TROJAN Darkness DDoS HTTP Target/EXE;  
14,8712015/01/20 2017774  ET CURRENT_EVENTS Nuclear EK CVE-2013-2551 URI Struct Nov 26 2013;  
14,8702015/01/20 2017773  ET CURRENT_EVENTS SUSPICIOUS Java Request With Uncompressed JAR/Class Importing Classe used in CVE-2013-2465/2463;  
14,8692015/01/20 2017772  ET CURRENT_EVENTS SUSPICIOUS Java Request With Uncompressed JAR/Class Importing Classe used in CVE-2013-2471/2472/2473;  
14,8682015/01/20 2017771  ET CURRENT_EVENTS SUSPICIOUS Java Request With Uncompressed JAR/Class Importing Classes used in awt exploits;  
14,8672015/01/20 2017770  ET CURRENT_EVENTS SUSPICIOUS Java Request With Uncompressed JAR/Class Importing tracing Provider Factory;  
14,8662015/01/20 2017769  ET CURRENT_EVENTS SUSPICIOUS Java Request With Uncompressed JAR/Class Hex Encoded Class file;  
14,8652015/01/20 2017768  ET CURRENT_EVENTS SUSPICIOUS Java Request With Uncompressed JAR/Class Mozilla JS Class Creation;  
14,8642015/01/20 2017767  ET CURRENT_EVENTS SUSPICIOUS Java Request With Uncompressed JAR/Class Importing management MBeanServer;  
14,8632015/01/20 2017766  ET CURRENT_EVENTS SUSPICIOUS Java Request With Uncompressed JAR/Class Importing glassfish external statistics impl;  
14,8622015/01/20 2017765  ET CURRENT_EVENTS SUSPICIOUS Java Request With Uncompressed JAR/Class Importing mbeanserver Introspector;  
< 241  242  243  244  245  246  247  248  249  250 >
GigaVPN & GigaIPS is based MikroTik, Suricata and EmergingThreats.
Copyright ⓒ 2010 . All Rights Reserved.