valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 17:58:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,425 Commits 20 Branches 25 Tags 21 MiB
32ecb81630
Commit Graph

123 Commits

Author SHA1 Message Date
Lurkkeli
db82322d17
Update powershell_NTFS_Alternate_Data_Streams 2018-07-24 20:03:07 +02:00
Lurkkeli
fd8c5c5bf6
Update powershell_NTFS_Alternate_Data_Streams 2018-07-24 20:00:21 +02:00
Lurkkeli
ad580635ea
Create powershell_NTFS_Alternate_Data_Streams 2018-07-24 19:49:08 +02:00
ntim
c99dc9f643 Tagged windows powershell, other and malware rules. 2018-07-24 10:56:41 +02:00
Florian Roth
fc72bd16af Fixed bugs 2018-06-27 09:20:41 +02:00
Thomas Patzke
8041f77abd Merged similar rules 2018-03-06 23:19:11 +01:00
Thomas Patzke
84645f4e59 Simplified rule conditions with new condition constructs 2018-03-06 23:14:43 +01:00
SherifEldeeb
348728bdd9 Cleaning up empty list items 2018-01-28 02:36:39 +03:00
SherifEldeeb
48441962cc Change All "str" references to be "list"to mach schema update 2018-01-28 02:24:16 +03:00
SherifEldeeb
112a0939d7 Change "reference" to "references" to match new schema 2018-01-28 02:12:19 +03:00
Florian Roth
d9f933fec9 Fixed the fixed PSAttack rule 2017-10-19 09:52:40 +02:00
Florian Roth
0b0435bf7a Fixed PSAttack rule 2017-10-18 21:49:38 +02:00
Thomas Patzke
f768bf3d61 Fixed parse errors 2017-08-02 22:49:15 +02:00
Florian Roth
abb01cc264 Rule: PowerShell credential prompt 2017-04-09 10:22:04 +02:00
Florian Roth
fa37f5afcf Rules: PowerShell Downgrade Attacks 2017-03-22 11:17:46 +01:00
Florian Roth
055992eb05 Bugfix: PowerShell rules log source inconstency 2017-03-21 10:22:13 +01:00
Florian Roth
a0047f7c67 Sysmon as 'service' of product 'windows' 2017-03-13 09:23:08 +01:00
Florian Roth
de689c32b5 Suspicious PowerShell Invocation 2017-03-12 17:06:53 +01:00
Florian Roth
294df21c56 Added expression 2017-03-05 22:45:54 +01:00
Florian Roth
7fae49b183 More PowerShell rules 2017-03-05 15:01:51 +01:00
Florian Roth
1e1cf9cb9e PowerShell Rules Revision 2017-03-05 14:14:31 +01:00
Omer Yampel
97b4078d01 Update powershell_malicious_commandlets.yml 
Added https://github.com/putterpanda/mimikittenz reference
 2017-03-04 20:26:39 -05:00
Florian Roth
d397ee9f68 First PowerShell Ruleset 2017-03-05 01:47:25 +01:00