valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-08 10:13:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,964 Commits 20 Branches 25 Tags 21 MiB
7ee3974428
Commit Graph

8 Commits

Author SHA1 Message Date
ecco
4c54e8322a sysmon eventid 3: filter on outgoing connections (initiated: true) to avoid false positives 2019-09-25 11:11:22 -04:00
mrblacyk
99595a7f89 Added missing tags and some minor improvements 2019-03-05 23:25:49 +01:00
Tareq AlKhatib
8b94860ee6 Corrected class B private IP range to prevent false negatives 2019-01-04 12:50:41 +03:00
James Dickenson
5fc118dcac added a few mitre attack tags to windows sysmon rules 2018-07-26 21:15:07 -07:00
Lurkkeli
0e9c5bb14a
Update sysmon_rundll32_net_connections.yml 2018-07-24 20:01:47 +02:00
SherifEldeeb
48441962cc Change All "str" references to be "list"to mach schema update 2018-01-28 02:24:16 +03:00
SherifEldeeb
112a0939d7 Change "reference" to "references" to match new schema 2018-01-28 02:12:19 +03:00
Florian Roth
37cea85072 Rundll32.exe suspicious network connections 2017-11-04 14:44:30 +01:00