SigmaHQ

mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-08 02:08:54 +00:00

Author	SHA1	Message	Date
Jonhnathan	d074ea110f	Update win_apt_dragonfly.yml	2020-10-15 17:27:42 -03:00
Jonhnathan	5eac9e5161	Update win_apt_cloudhopper.yml	2020-10-15 17:27:27 -03:00
Jonhnathan	2cdead8778	Update win_apt_chafer_mar18.yml	2020-10-15 17:26:58 -03:00
Jonhnathan	96ef4733c3	Update win_apt_bluemashroom.yml	2020-10-15 17:25:17 -03:00
Jonhnathan	ca31849be1	Update win_apt_bear_activity_gtr19.yml	2020-10-15 17:24:56 -03:00
Jonhnathan	10522becc3	Update win_apt_apt29_thinktanks.yml	2020-10-15 17:24:03 -03:00
Jonhnathan	bc1efd9843	Update sysmon_logon_scripts_userinitmprlogonscript_proc.yml	2020-10-15 17:23:44 -03:00
Jonhnathan	e0c538fdd4	Update sysmon_malware_verclsid_shellcode.yml	2020-10-15 17:19:06 -03:00
Jonhnathan	93faca413e	Update sysmon_lsass_memdump.yml	2020-10-15 17:17:57 -03:00
Jonhnathan	af5c88e5d5	Update sysmon_lazagne_cred_dump_lsass_access.yml	2020-10-15 17:17:39 -03:00
Jonhnathan	a554c3df23	Update sysmon_invoke_phantom.yml	2020-10-15 17:17:19 -03:00
Jonhnathan	1878aa5fbd	Update sysmon_cmstp_execution.yml	2020-10-15 17:16:50 -03:00
Jonhnathan	ce4e22750d	Update powershell_winlogon_helper_dll.yml	2020-10-15 17:15:23 -03:00
Jonhnathan	efe9c2d3d6	Update powershell_shellcode_b64.yml	2020-10-15 17:14:01 -03:00
Jonhnathan	013533fceb	Update powershell_prompt_credentials.yml	2020-10-15 17:13:16 -03:00
Jonhnathan	8cf2596068	Update powershell_malicious_keywords.yml	2020-10-15 17:12:08 -03:00
Jonhnathan	ec10d5a61f	Update powershell_malicious_commandlets.yml	2020-10-15 17:11:20 -03:00
Jonhnathan	4a3607d50b	Update powershell_exe_calling_ps.yml	2020-10-15 17:09:47 -03:00
Jonhnathan	09c43b7517	Update win_wmi_persistence.yml	2020-10-15 17:08:15 -03:00
Jonhnathan	b769728d0b	Update win_pcap_drivers.yml	2020-10-15 17:07:22 -03:00
Jonhnathan	fb851e1f41	Update sysmon_win_binary_susp_com.yml	2020-10-15 16:27:01 -03:00
Jonhnathan	5dc02f3a87	Update sysmon_win_binary_github_com.yml	2020-10-15 16:26:28 -03:00
Jonhnathan	554adb8562	Update sysmon_susp_rdp.yml	2020-10-15 16:25:58 -03:00
Jonhnathan	71785b91b5	Update sysmon_susp_prog_location_network_connection.yml	2020-10-15 16:25:25 -03:00
Jonhnathan	9c58db9271	Update sysmon_rundll32_net_connections.yml	2020-10-15 16:24:38 -03:00
Jonhnathan	bbf0210f70	Update sysmon_rdp_reverse_tunnel.yml	2020-10-15 16:23:17 -03:00
Jonhnathan	689bea2681	Update sysmon_powershell_network_connection.yml	2020-10-15 16:22:13 -03:00
Jonhnathan	e20027965f	Update sysmon_notepad_network_connection.yml	2020-10-15 16:21:38 -03:00
Jonhnathan	b479cbdb10	Update sysmon_malware_backconnect_ports.yml	2020-10-15 16:20:27 -03:00
Jonhnathan	22e5f83a6c	Update sysmon_dllhost_net_connections.yml	2020-10-15 16:19:43 -03:00
Jonhnathan	acfe0633e2	Update win_mal_ursnif.yml	2020-10-15 16:18:38 -03:00
Jonhnathan	983e9cb9ae	Update win_mal_ryuk.yml	2020-10-15 16:18:14 -03:00
Jonhnathan	8d44548a2c	Update win_mal_flowcloud.yml	2020-10-15 16:16:08 -03:00
Jonhnathan	ef646e74d8	Update mal_azorult_reg.yml	2020-10-15 16:15:25 -03:00
Jonhnathan	69c90570ec	Update av_webshell.yml	2020-10-15 16:14:08 -03:00
Jonhnathan	cdaa5ef3a6	Update av_relevant_files.yml	2020-10-15 16:13:22 -03:00
Jonhnathan	7dc720cf13	Update av_password_dumper.yml	2020-10-15 16:11:52 -03:00
Jonhnathan	dea145cd5e	Update av_exploiting.yml	2020-10-15 16:11:24 -03:00
Jonhnathan	7adfd75c0a	Update sysmon_svchost_dll_search_order_hijack.yml	2020-10-15 16:10:23 -03:00
Jonhnathan	b6cf10fdd2	Update sysmon_susp_winword_wmidll_load.yml	2020-10-15 16:09:44 -03:00
Jonhnathan	efe5ad92c3	Update sysmon_susp_winword_vbadll_load.yml	2020-10-15 16:09:21 -03:00
Jonhnathan	7c196aed22	Update sysmon_susp_office_kerberos_dll_load.yml	2020-10-15 16:09:03 -03:00
Jonhnathan	38ef5976dc	Update sysmon_susp_office_dsparse_dll_load.yml	2020-10-15 16:08:55 -03:00
Jonhnathan	8aa2f8582b	Update sysmon_susp_office_dsparse_dll_load.yml	2020-10-15 16:07:46 -03:00
Jonhnathan	4de241d44c	Update sysmon_susp_office_dotnet_gac_dll_load.yml	2020-10-15 16:07:10 -03:00
Jonhnathan	ecbec06709	Update sysmon_susp_office_dotnet_clr_dll_load.yml	2020-10-15 16:06:47 -03:00
Jonhnathan	0d4f372351	Update sysmon_susp_office_dotnet_assembly_dll_load.yml	2020-10-15 16:06:21 -03:00
Jonhnathan	1136725728	Update sysmon_susp_image_load.yml	2020-10-15 16:05:50 -03:00
Jonhnathan	56594a5a06	Update sysmon_mimikatz_inmemory_detection.yml	2020-10-15 16:05:11 -03:00
Jonhnathan	569f14eb1e	Update sysmon_tsclient_filewrite_startup.yml	2020-10-15 16:02:52 -03:00

1 2 3 4 5 ...

4055 Commits