SigmaHQ

mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-08 10:13:57 +00:00

Author	SHA1	Message	Date
Jonhnathan	af5c88e5d5	Update sysmon_lazagne_cred_dump_lsass_access.yml	2020-10-15 17:17:39 -03:00
Jonhnathan	a554c3df23	Update sysmon_invoke_phantom.yml	2020-10-15 17:17:19 -03:00
Jonhnathan	1878aa5fbd	Update sysmon_cmstp_execution.yml	2020-10-15 17:16:50 -03:00
Jonhnathan	ce4e22750d	Update powershell_winlogon_helper_dll.yml	2020-10-15 17:15:23 -03:00
Jonhnathan	efe9c2d3d6	Update powershell_shellcode_b64.yml	2020-10-15 17:14:01 -03:00
Jonhnathan	013533fceb	Update powershell_prompt_credentials.yml	2020-10-15 17:13:16 -03:00
Jonhnathan	8cf2596068	Update powershell_malicious_keywords.yml	2020-10-15 17:12:08 -03:00
Jonhnathan	ec10d5a61f	Update powershell_malicious_commandlets.yml	2020-10-15 17:11:20 -03:00
Jonhnathan	4a3607d50b	Update powershell_exe_calling_ps.yml	2020-10-15 17:09:47 -03:00
Jonhnathan	09c43b7517	Update win_wmi_persistence.yml	2020-10-15 17:08:15 -03:00
Jonhnathan	b769728d0b	Update win_pcap_drivers.yml	2020-10-15 17:07:22 -03:00
Jonhnathan	fb851e1f41	Update sysmon_win_binary_susp_com.yml	2020-10-15 16:27:01 -03:00
Jonhnathan	5dc02f3a87	Update sysmon_win_binary_github_com.yml	2020-10-15 16:26:28 -03:00
Jonhnathan	554adb8562	Update sysmon_susp_rdp.yml	2020-10-15 16:25:58 -03:00
Jonhnathan	71785b91b5	Update sysmon_susp_prog_location_network_connection.yml	2020-10-15 16:25:25 -03:00
Jonhnathan	9c58db9271	Update sysmon_rundll32_net_connections.yml	2020-10-15 16:24:38 -03:00
Jonhnathan	bbf0210f70	Update sysmon_rdp_reverse_tunnel.yml	2020-10-15 16:23:17 -03:00
Jonhnathan	689bea2681	Update sysmon_powershell_network_connection.yml	2020-10-15 16:22:13 -03:00
Jonhnathan	e20027965f	Update sysmon_notepad_network_connection.yml	2020-10-15 16:21:38 -03:00
Jonhnathan	b479cbdb10	Update sysmon_malware_backconnect_ports.yml	2020-10-15 16:20:27 -03:00
Jonhnathan	22e5f83a6c	Update sysmon_dllhost_net_connections.yml	2020-10-15 16:19:43 -03:00
Jonhnathan	acfe0633e2	Update win_mal_ursnif.yml	2020-10-15 16:18:38 -03:00
Jonhnathan	983e9cb9ae	Update win_mal_ryuk.yml	2020-10-15 16:18:14 -03:00
Jonhnathan	8d44548a2c	Update win_mal_flowcloud.yml	2020-10-15 16:16:08 -03:00
Jonhnathan	ef646e74d8	Update mal_azorult_reg.yml	2020-10-15 16:15:25 -03:00
Jonhnathan	69c90570ec	Update av_webshell.yml	2020-10-15 16:14:08 -03:00
Jonhnathan	cdaa5ef3a6	Update av_relevant_files.yml	2020-10-15 16:13:22 -03:00
Jonhnathan	7dc720cf13	Update av_password_dumper.yml	2020-10-15 16:11:52 -03:00
Jonhnathan	dea145cd5e	Update av_exploiting.yml	2020-10-15 16:11:24 -03:00
Jonhnathan	7adfd75c0a	Update sysmon_svchost_dll_search_order_hijack.yml	2020-10-15 16:10:23 -03:00
Jonhnathan	b6cf10fdd2	Update sysmon_susp_winword_wmidll_load.yml	2020-10-15 16:09:44 -03:00
Jonhnathan	efe5ad92c3	Update sysmon_susp_winword_vbadll_load.yml	2020-10-15 16:09:21 -03:00
Jonhnathan	7c196aed22	Update sysmon_susp_office_kerberos_dll_load.yml	2020-10-15 16:09:03 -03:00
Jonhnathan	38ef5976dc	Update sysmon_susp_office_dsparse_dll_load.yml	2020-10-15 16:08:55 -03:00
Jonhnathan	8aa2f8582b	Update sysmon_susp_office_dsparse_dll_load.yml	2020-10-15 16:07:46 -03:00
Jonhnathan	4de241d44c	Update sysmon_susp_office_dotnet_gac_dll_load.yml	2020-10-15 16:07:10 -03:00
Jonhnathan	ecbec06709	Update sysmon_susp_office_dotnet_clr_dll_load.yml	2020-10-15 16:06:47 -03:00
Jonhnathan	0d4f372351	Update sysmon_susp_office_dotnet_assembly_dll_load.yml	2020-10-15 16:06:21 -03:00
Jonhnathan	1136725728	Update sysmon_susp_image_load.yml	2020-10-15 16:05:50 -03:00
Jonhnathan	56594a5a06	Update sysmon_mimikatz_inmemory_detection.yml	2020-10-15 16:05:11 -03:00
Jonhnathan	569f14eb1e	Update sysmon_tsclient_filewrite_startup.yml	2020-10-15 16:02:52 -03:00
Jonhnathan	7d5e404b32	Update sysmon_susp_procexplorer_driver_created_in_tmp_folder.yml	2020-10-15 16:02:16 -03:00
Jonhnathan	5790cc2ea7	Update sysmon_susp_adsi_cache_usage.yml	2020-10-15 16:01:46 -03:00
Jonhnathan	9eedeabda9	Update sysmon_quarkspw_filedump.yml	2020-10-15 16:01:24 -03:00
Jonhnathan	d2d49c445a	Update sysmon_powershell_exploit_scripts.yml	2020-10-15 16:00:20 -03:00
Jonhnathan	b6b34b37d9	Update sysmon_ghostpack_safetykatz.yml	2020-10-15 15:59:09 -03:00
Jonhnathan	099843470e	Update sysmon_creation_system_file.yml	2020-10-15 15:58:10 -03:00
Jonhnathan	427962937b	Update sysmon_susp_driver_load.yml	2020-10-15 15:57:05 -03:00
Jonhnathan	1cd56f5dae	Update win_vul_cve_2020_0688.yml	2020-10-15 15:56:36 -03:00
Jonhnathan	ef3af551e9	Update win_user_driver_loaded.yml	2020-10-15 15:56:16 -03:00

1 2 3 4 5 ...

2628 Commits