Florian Roth
|
e79e99c4aa
|
fix: fixed missing date fields in remaining files
|
2020-01-30 16:07:37 +01:00 |
|
Thomas Patzke
|
0592cbb67a
|
Added UUIDs to rules
|
2019-11-12 23:12:27 +01:00 |
|
Karneades
|
68fd20cb66
|
fix: bound windows event log rules to message field
Fixed rules
- rules/windows/builtin/win_susp_msmpeng_crash.yml
- rules/windows/builtin/win_alert_active_directory_user_control.yml
- rules/windows/builtin/win_av_relevant_match.yml
- rules/windows/builtin/win_mal_creddumper.yml
- rules/windows/builtin/win_susp_sam_dump.yml
- rules/windows/builtin/win_alert_mimikatz_keywords.yml
- rules/windows/builtin/win_alert_enable_weak_encryption.yml
|
2019-11-02 11:25:29 +01:00 |
|
Sherif Eldeeb
|
23eddafb39
|
Replace "logsource: description" with "definition" to match the specs
|
2018-11-15 09:00:06 +03:00 |
|
Thomas Patzke
|
81515b530c
|
ATT&CK tagging QA
|
2018-09-20 12:44:44 +02:00 |
|
Florian Roth
|
d94c1d2046
|
fix: duplicate 'tag' key in rule
|
2018-09-04 14:56:55 +02:00 |
|
Thomas Patzke
|
0d8bc922a3
|
Merge branch 'master' into master
|
2018-07-24 08:23:37 +02:00 |
|
David Spautz
|
e275d44462
|
Add tags to windows builtin rules
|
2018-07-24 07:50:32 +02:00 |
|
James Dickenson
|
c4edc26267
|
windows builtin mitre attack tags
|
2018-07-23 21:34:20 -07:00 |
|
Thomas Patzke
|
84645f4e59
|
Simplified rule conditions with new condition constructs
|
2018-03-06 23:14:43 +01:00 |
|
Florian Roth
|
aca70e57ec
|
Massive Title Cleanup
|
2018-01-27 10:57:30 +01:00 |
|
Thomas Patzke
|
f768bf3d61
|
Fixed parse errors
|
2017-08-02 22:49:15 +02:00 |
|
Florian Roth
|
707e5a948f
|
Rules: Password dumper activity and lateral movement
|
2017-03-27 15:20:50 +02:00 |
|