SigmaHQ

mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-06 17:35:19 +00:00

Author	SHA1	Message	Date
Cyb3rEng	e3b376e945	Completed Changes Based on Comments Removed : unnecessary event ID	2021-09-07 21:26:42 -06:00
Cyb3rEng	4130ceb208	Completed Changes Based on Comments Removed : unnecessary event ID	2021-09-07 21:25:52 -06:00
Cyb3rEng	8d47f9531b	Completed Changes Based on Comments Removed : unnecessary event ID	2021-09-07 21:22:01 -06:00
Cyb3rEng	13e6262055	Completed Changes Based on Comments Removed : unnecessary event ID	2021-09-07 21:20:51 -06:00
Cyb3rEng	8dc1b03fef	Completed Changes Based on Comments Removed : unnecessary event ID	2021-09-07 21:19:43 -06:00
Cyb3rEng	932b7cf2ba	Merge branch 'SigmaHQ:master' into master	2021-09-07 19:58:09 -06:00
Thomas Patzke	143744bc12	Various fixes * Backslashes in regular expressions * Casing of condition operators * Further small errors	2021-09-07 23:38:07 +02:00
$frack113$ frack113	be442182fe	convert to LF	2021-09-06 21:10:08 +02:00
$frack113$ frack113	9ef299c4f4	Change to LF	2021-09-06 21:07:49 +02:00
$frack113$ frack113	d02ee1eddd	Update global ID	2021-09-02 21:16:55 +02:00
$frack113$ frack113	f90c7558a7	update global id	2021-09-02 21:03:25 +02:00
$frack113$ frack113	086a15fc45	Update global ID	2021-09-02 20:07:03 +02:00
Cyb3rEng	c5507658c0	Updated Rule updated title	2021-08-31 22:13:31 -06:00
Cyb3rEng	785fc98ee3	Updated Rule Completed the following updates on the rule: - Modified the title - incremented 4 spaces for references and tags - updated false positives - updated author - updated description in detection section. - Removed the service: Sysmon, updated selection1.	2021-08-31 22:05:10 -06:00
Cyb3rEng	d5f73a8910	Updated Rule Completed the following updates on the rule: - Modified the title - incremented 4 spaces for references and tags - updated false positives - updated author - updated description in detection section. - Removed the service: Sysmon, updated selection1.	2021-08-31 22:03:31 -06:00
Cyb3rEng	fa3b882fdc	Updated Rule Removed " " from falsepositives section	2021-08-31 21:58:50 -06:00
Cyb3rEng	c7c49c55d2	Updated Rule - Modified the title - incremented 4 spaces for references and tags - updated false positives - updated author - updated description in detection section. - Removed the service: Sysmon, updated selection1.	2021-08-31 21:58:09 -06:00
Cyb3rEng	d5fa226180	Updated Rule Completed the following updates on the rule: - Modified the title - incremented 4 spaces for references and tags - updated author - updated description in detection section. - Removed the service: Sysmon, updated selection1.	2021-08-31 21:54:32 -06:00
Cyb3rEng	900f71e6b2	Rule Update Review Completed the following updates on the rule: - Modified the title - incremented 4 spaces for references and tags - updated false positives - updated author - updated description in detection section. - Removed the service: Sysmon, updated selection1.	2021-08-31 21:50:44 -06:00
Cyb3rEng	6c9b2a2f37	Add files via upload	2021-08-30 21:48:03 -06:00
$frack113$ frack113	a4021842de	Fix invalid tags	2021-08-25 09:15:57 +02:00
$frack113$ frack113	c2302a15da	fix cve tags	2021-08-24 10:10:45 +02:00
Max Altgelt	6f05e33feb	fix: Correct incorrect message / keyword usage Correct a number of rules where message or keyword were incorrectly used as field names in events (typically windows event logs). However, neither field actually exists and as such these strings could never match.	2021-08-12 16:28:07 +02:00
$frack113$ frack113	cf8d8d3ed4	fix TargetFilename case error	2021-08-06 08:43:05 +02:00
Sittikorn S	d3a1fb8565	Update sysmon_cve_2021_31979_cve_2021_33771_exploits.yml	2021-07-17 06:49:37 +07:00
Sittikorn S	5e84a603d0	Update sysmon_cve_2021_31979_cve_2021_33771_exploits.yml	2021-07-17 01:04:07 +07:00
Sittikorn S	a3c4aa5dad	Update sysmon_cve_2021_31979_cve_2021_33771_exploits.yml	2021-07-17 01:02:14 +07:00
Sittikorn S	eea3675d4e	Rename sysmon_cve_2021_31979_cve-2021_33771_exploits.yml to sysmon_cve_2021_31979_cve_2021_33771_exploits.yml	2021-07-17 00:09:04 +07:00
Sittikorn S	90fc50e0a2	Update and rename sysmon_devilstongue_CVE_2021_31979_exploit.yml to sysmon_cve_2021_31979_cve-2021_33771_exploits.yml rename sysmon_cve_2021_31979_cve-2021_33771_exploits.yml	2021-07-17 00:02:15 +07:00
Sittikorn S	9fb589201e	Update and rename sysmon_devilstongue_exploit_0day.yml to sysmon_devilstongue_CVE_2021_31979_exploit.yml Change Title	2021-07-16 23:47:14 +07:00
Sittikorn S	f2187f05e6	Update and rename sysmon_devilstongue_CVE_2021_31979_CVE_2021_33771.yml to sysmon_devilstongue_exploit_0day.yml	2021-07-16 23:42:05 +07:00
Sittikorn S	91295cff21	Update sysmon_devilstongue_CVE_2021_31979_CVE_2021_33771.yml	2021-07-16 23:35:31 +07:00
Sittikorn S	dac72e2750	Update and rename sysmon_exploit_CVE_2021_31979_CVE_2021_33771.yml to sysmon_devilstongue_CVE_2021_31979_CVE_2021_33771.yml	2021-07-16 23:30:05 +07:00
Sittikorn S	10b7b6d640	Update sysmon_exploit_CVE_2021_31979_CVE_2021_33771.yml	2021-07-16 23:11:14 +07:00
Sittikorn S	94ba194b42	Update sysmon_exploit_CVE_2021_31979_CVE_2021_33771.yml	2021-07-16 23:09:51 +07:00
Sittikorn S	477ec060d2	Update and rename sysmon_susp_devilstongue_CVE_2021_31979_CVE_2021_33771.yml to sysmon_exploit_CVE_2021_31979_CVE_2021_33771.yml	2021-07-16 22:47:04 +07:00
Sittikorn S	99e5990416	Update sysmon_susp_devilstongue_CVE_2021_31979_CVE_2021_33771.yml	2021-07-16 22:30:06 +07:00
Sittikorn S	dc94c4e51e	Update sysmon_susp_devilstongue_CVE_2021_31979_CVE_2021_33771.yml	2021-07-16 22:21:34 +07:00
Sittikorn S	0954163e9d	Update sysmon_susp_devilstongue_CVE_2021_31979_CVE_2021_33771.yml	2021-07-16 22:19:07 +07:00
Sittikorn S	e094c76098	Update sysmon_susp_devilstongue_CVE_2021_31979_CVE_2021_33771.yml	2021-07-16 22:14:22 +07:00
Sittikorn S	0506e10697	Create sysmon_susp_devilstongue_CVE_2021_31979_CVE_2021_33771.yml	2021-07-16 22:09:07 +07:00
$frack113$ frack113	0ef3dc2082	escape / in regex	2021-07-15 08:13:49 +02:00
Florian Roth	382d5b2adb	Merge pull request #1674 from frack113/fix_small_errors Fix some typo error	2021-07-12 15:23:55 +02:00
$frack113$ frack113	af140ebf84	fix some typo error	2021-07-12 09:40:18 +02:00
mlp1515	29a6a2d5fb	Merge branch 'SigmaHQ:master' into master	2021-07-07 08:25:04 +02:00
wagga40	11df697cdc	Updated rules with modifiers instead of '*' and remove trailing '\\'	2021-06-27 14:51:29 +02:00
mlp1515	53632d4def	Update sysmon_config_modification.yml	2021-06-16 15:34:23 +02:00
Florian Roth	e5cd850640	Merge pull request #1556 from frack113/PR_617_V2 Fix all the rules to pass the test	2021-06-16 08:22:51 +02:00
$frack113$ frack113	558bcd5ceb	Fix all the rules to pass the test	2021-06-14 07:33:26 +02:00
$frack113$ frack113	fb2d0092f1	forget to add modified	2021-06-10 17:27:15 +02:00

1 2 3 4 5 ...

824 Commits