hayabusa

hayabusa copied to clipboard

Enhancement: raise code coverage percentage

4

Now the code coverage percentage is 68%. We would like to raise it to at least 80% if possible.

YamatoSecurity

Timestamps not present when uploaded to elastic

1

**Describe the bug** A clear and concise description of what the bug is. Timestamps are not showing up when imported into Elasticsearch. **Step to Reproduce** Steps to reproduce the behavior:...

grizzlycode

auto completion

11

`$ ./target/release/hayabusa csv-timeline -f ../hayabusa-sample-evtx/YamatoSecurity/Sysmon/Sysmon-27-BlockExeWrite_AbusingCertutil.evtx` の状態からusageみたいなものを（他のオプションなど）を表示することが可能なら、便利かもしれない。 今は、 `$ ./target/release/hayabusa csv-timeline` とすると、表示できるがこの状態になるように、消さないといけない。 補完もできると、嬉しいかもしれない。

kazuminn

Separate the contents of src/detections/rule/mod.rs into modules

6

src/detections/rule/mod.rsの中に、DetectionNodeやRuleNodeが混じって入っていて、カオスになってきている気がする。 mod構文とそれらが入り混じっていて、読みにくく、管理しにくい問題がある。

kazuminn

refs https://github.com/Yamato-Security/hayabusa/issues/823#issuecomment-1367062269

hitenkoku

If it is possible to organize the commands into groups then this is better: ``` Analysis Commands: logon-summary Print a summary of successful and failed logons metrics Print event ID...

hitenkoku

To check performance easy, Benchmark in GitHub CI - TestData: hayabusa-sample-evtx repository data - BenchMarkListCandidate: - CPU Usage - Memory Usage - ProcessingTime -> Elapsed Time in hayabusa result

hitenkoku

refs https://github.com/Yamato-Security/hayabusa/issues/823#issuecomment-1367062269

hitenkoku

refs https://github.com/Yamato-Security/hayabusa/issues/823#issuecomment-1367062269

hitenkoku

Create GitHub Pages Documentation

2

I am currently thinking of doing this with Material for MkDocs: https://squidfunk.github.io/mkdocs-material/ Something similar to this: https://www.purplecloud.network/install/

YamatoSecurity