Rule Info
Name
Enable BPF Kprobes Tracing
Author
Nasreddine Bencherchali (Nextron Systems)
Description
Detects common command used to enable bpf kprobes tracing
Date
2023-01-25 00:00:00
Modified
None
Id
7692f583-bd30-4008-8615-75dab3f08a99
Tags
attack.execution attack.defense_evasion DEMO
Type
Community Rule
Link to Public Repo
Rule History
Author
Title
Date
Commit
github-actions[bot]
Merge PR #4611 from @nasbench - Promote Older Rules Status From `experimental` To `test`
2023-12-01