SigmaHQ

mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 09:48:58 +00:00

Author	SHA1	Message	Date
Thomas Patzke	d1de168295	Merge branch 'oscd'	2021-04-06 00:05:35 +02:00
BlueTeamOps	8916459bab	Added additional CS signatures	2021-03-25 22:44:24 +11:00
markus-nclose	67d3d5e220	Fixed CobaltStrike typo	2021-02-25 07:25:20 +02:00
Jonhnathan	dea145cd5e	Update av_exploiting.yml	2020-10-15 16:11:24 -03:00
Florian Roth	30d872f98f	Merge pull request #492 from booberry46/master Bypass Windows Defender	2020-01-30 14:27:30 +01:00
Thomas Patzke	0592cbb67a	Added UUIDs to rules	2019-11-12 23:12:27 +01:00
booberry46	cfe7ddbe5b	Update av_exploiting.yml Not sure if the '' affects.	2019-11-06 16:16:49 +08:00
Florian Roth	d096ab0e21	rules: AV rules updated to reflect 1.7.2 auf AV cheat sheet	2019-10-04 16:17:34 +02:00
darkquasar	87994ca46b	adding MPreter as McAfee classifies it McAfee classifies some Meterpreter events with the "Mpreter" keyword	2019-02-22 15:22:10 +11:00
Florian Roth	5645c75576	Rule: updated relevant AV signatures - exploiting https://twitter.com/haroldogden/status/1085556071891173376	2019-01-16 18:43:28 +01:00
Thomas Patzke	81515b530c	ATT&CK tagging QA	2018-09-20 12:44:44 +02:00
Florian Roth	84b8eb5154	Rule: AV alerts - exploiting frameworks	2018-09-09 11:04:27 +02:00