SigmaHQ

mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-06 09:25:17 +00:00

Author	SHA1	Message	Date
Austin Songer	6401f9b4d9	Update okta_api_token_created.yml	2021-09-22 19:53:36 -05:00
Austin Songer	ecb18ec149	Update okta_admin_role_assigned_to_user_or_group.yml	2021-09-22 19:53:28 -05:00
Austin Songer	74452347fb	Update okta_user_account_locked_out.yml	2021-09-22 19:52:43 -05:00
Austin Songer	275ebf7884	Update okta_unauthorized_access_to_app.yml	2021-09-22 19:52:36 -05:00
Austin Songer	2ab5ba0a0c	Update okta_security_threat_detected.yml	2021-09-22 19:52:29 -05:00
Austin Songer	1aec430291	Update okta_policy_rule_modified_or_deleted.yml	2021-09-22 19:52:23 -05:00
Austin Songer	cead26637b	Update okta_policy_modified_or_deleted.yml	2021-09-22 19:52:17 -05:00
Austin Songer	e1eb8c6222	Update okta_network_zone_deactivated_or_deleted.yml	2021-09-22 19:52:10 -05:00
Austin Songer	38e09f061d	Update okta_mfa_reset_or_deactivated.yml	2021-09-22 19:52:04 -05:00
Austin Songer	12f76cdf6b	Update okta_application_sign-on_policy_modified_or_deleted.yml	2021-09-22 19:51:58 -05:00
Austin Songer	11732970fc	Update okta_application_modified_or_deleted.yml	2021-09-22 19:51:51 -05:00
Austin Songer	8dfae4c785	Update okta_api_token_revoked.yml	2021-09-22 19:51:44 -05:00
Austin Songer	1a64dc03a1	Update okta_api_token_created.yml	2021-09-22 19:51:31 -05:00
Austin Songer	f186235d8f	Update okta_admin_role_assigned_to_user_or_group.yml	2021-09-22 19:51:25 -05:00
$frack113$ frack113	3ac0d93f5b	Merge pull request #2062 from Pooch11/win-apt-greenbug-fix win-apt-greenbug-fix small change to B64encoded value of '/server='	2021-09-22 20:05:37 +02:00
$frack113$ frack113	5989127035	optimization of name detection	2021-09-22 19:02:44 +02:00
$frack113$ frack113	6e6d57b019	fix filename	2021-09-22 18:45:08 +02:00
unknown	9924cc3946	win-apt-greenbug-fix amend b64 value of /server= as seen in IOC	2021-09-22 10:33:04 -04:00
$frack113$ frack113	ab5f5f95bc	fix filename	2021-09-22 16:27:05 +02:00
$frack113$ frack113	3c906b52a0	fix filename	2021-09-22 16:21:07 +02:00
$frack113$ frack113	edb19013d5	fix test_file_names	2021-09-22 16:11:29 +02:00
Florian Roth	b7b0bd4275	Update lnx_clear_syslog.yml	2021-09-22 09:46:05 +02:00
$frack113$ frack113	7b995f2d99	Merge pull request #2057 from secDre4mer/master Add two rules	2021-09-22 09:15:32 +02:00
$frack113$ frack113	ac639bb9ec	Merge pull request #2060 from zakibro/master New Rule - Linux - Auditd - Screencapture with Import Tool	2021-09-22 08:41:50 +02:00
$frack113$ frack113	045e87058b	add definition	2021-09-22 08:40:08 +02:00
unknown	3ace73f9fd	win-apt-greenbug-fix - change modified date as well	2021-09-21 16:59:32 -04:00
unknown	993bf46550	win-apt-greenbug-fix small change to B64encoded value of '/server=' in detection criteria	2021-09-21 16:56:01 -04:00
$frack113$ frack113	e16e9e8ea7	fix timeframe compare error	2021-09-21 22:54:45 +02:00
$frack113$ frack113	db9e6124e3	fix too many blank lines	2021-09-21 20:24:02 +02:00
$frack113$ frack113	6e08ba55c4	fix error	2021-09-21 20:16:26 +02:00
$frack113$ frack113	7a52da3b40	split global cleartext_protocols.yml	2021-09-21 19:56:47 +02:00
$frack113$ frack113	e377e4e96f	split global net_high_dns_bytes_out.yml	2021-09-21 19:53:25 +02:00
$frack113$ frack113	6777ca7a82	split global net_high_dns_requests_rate.yml	2021-09-21 19:51:11 +02:00
$frack113$ frack113	00f3055035	split global net_susp_network_scan.yml	2021-09-21 19:47:28 +02:00
$frack113$ frack113	b5e91d7185	fix field name and date	2021-09-21 19:41:46 +02:00
$frack113$ frack113	d37685d7cc	split global win_cobaltstrike_service_installs.yml	2021-09-21 19:36:34 +02:00
$frack113$ frack113	06a07605fd	split global win_mal_creddumper.yml	2021-09-21 19:31:52 +02:00
Pawel Mazur	e20e5033e7	New Rule - Linux - Auditd - Screencapture with Import Tool	2021-09-21 18:55:48 +02:00
Florian Roth	d884f774f9	Update powershell_memorydump_getstoragediagnosticinfo.yml	2021-09-21 18:01:46 +02:00
Florian Roth	4242fea353	Merge pull request #2058 from phantinuss/master fix: remove rule, too many FPs and no better matching criteria	2021-09-21 18:01:04 +02:00
phantinuss	46febf48b0	fix: remove rule, too many FPs and no better matching criteria	2021-09-21 16:52:17 +02:00
$frack113$ frack113	dde3b17c20	split global win_mal_service_installs.yml	2021-09-21 16:17:59 +02:00
$frack113$ frack113	518d294ee9	fix id error	2021-09-21 16:06:27 +02:00
$frack113$ frack113	b9d14ef55a	split global win_metasploit_or_impacket_smb_psexec_service_install.yml	2021-09-21 16:02:47 +02:00
Max Altgelt	bf9bc03258	chore: properly name and describe rules	2021-09-21 15:59:01 +02:00
$frack113$ frack113	9dbc71ca2f	split global win_meterpreter_or_cobaltstrike_getsystem_service_installation.yml	2021-09-21 15:50:06 +02:00
$frack113$ frack113	0dd549ba67	fix selection name	2021-09-21 15:25:03 +02:00
$frack113$ frack113	7c8d1ab037	split global win_moriya_rootkit.yml	2021-09-21 15:18:25 +02:00
$frack113$ frack113	a4ad7e5358	split global win_net_ntlm_downgrade.yml	2021-09-21 15:10:08 +02:00
Max Altgelt	8c3faa390c	feat: Add rule for live memory dumping	2021-09-21 15:09:12 +02:00

... 3 4 5 6 7 ...

8340 Commits