SigmaHQ

mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 17:58:52 +00:00

Author	SHA1	Message	Date
Jonhnathan	e5506f4de1	Update win_exploit_cve_2017_11882.yml	2020-10-15 17:51:20 -03:00
Jonhnathan	e163bb18ef	Update win_exploit_cve_2017_0261.yml	2020-10-15 17:51:09 -03:00
Jonhnathan	890e256305	Update win_exploit_cve_2015_1641.yml	2020-10-15 17:50:55 -03:00
Jonhnathan	a3f59d6f03	Update win_dnscat2_powershell_implementation.yml	2020-10-15 17:49:36 -03:00
Jonhnathan	9f467f66e6	Update win_dns_exfiltration_tools_execution.yml	2020-10-15 17:49:18 -03:00
Jonhnathan	1f7f0956af	Update win_crime_fireball.yml	2020-10-15 17:48:37 -03:00
Jonhnathan	9d2ae693fc	Update win_control_panel_item.yml	2020-10-15 17:47:25 -03:00
Jonhnathan	1ea8adea31	Update win_cmdkey_recon.yml	2020-10-15 17:46:14 -03:00
Jonhnathan	f995f9fa1d	Update win_bypass_squiblytwo.yml Changed selection a bit	2020-10-15 17:44:51 -03:00
Jonhnathan	63dc8ce837	Update win_attrib_hiding_files.yml	2020-10-15 17:41:44 -03:00
Jonhnathan	afc52e5da5	Update win_apt_zxshell.yml	2020-10-15 17:40:07 -03:00
Jonhnathan	ae95b5e998	Update win_apt_wocao.yml	2020-10-15 17:38:05 -03:00
Jonhnathan	5e3b9dc8ba	Update win_apt_unidentified_nov_18.yml	2020-10-15 17:36:20 -03:00
Jonhnathan	126fc47101	Update win_apt_tropictrooper.yml	2020-10-15 17:35:41 -03:00
Jonhnathan	3b78c473c8	Update win_apt_slingshot.yml	2020-10-15 17:35:05 -03:00
Jonhnathan	c547011499	Update win_apt_mustangpanda.yml	2020-10-15 17:33:44 -03:00
Jonhnathan	82fbfed2c2	Update win_apt_mustangpanda.yml	2020-10-15 17:33:02 -03:00
Jonhnathan	a06114d611	Update win_apt_lazarus_session_highjack.yml	2020-10-15 17:31:50 -03:00
Jonhnathan	01bf24b4fc	Update win_apt_judgement_panda_gtr19.yml	2020-10-15 17:31:09 -03:00
Jonhnathan	7f5c75ab3e	Update win_apt_hurricane_panda.yml	2020-10-15 17:30:34 -03:00
Jonhnathan	0926d76449	Update win_apt_equationgroup_dll_u_load.yml	2020-10-15 17:29:44 -03:00
Jonhnathan	8b593aa309	Update win_apt_empiremonkey.yml	2020-10-15 17:29:19 -03:00
Jonhnathan	00232982b2	Update win_apt_emissarypanda_sep19.yml	2020-10-15 17:28:33 -03:00
Jonhnathan	54f1a0c583	Update win_apt_elise.yml	2020-10-15 17:28:07 -03:00
Jonhnathan	d074ea110f	Update win_apt_dragonfly.yml	2020-10-15 17:27:42 -03:00
Jonhnathan	5eac9e5161	Update win_apt_cloudhopper.yml	2020-10-15 17:27:27 -03:00
Jonhnathan	2cdead8778	Update win_apt_chafer_mar18.yml	2020-10-15 17:26:58 -03:00
Jonhnathan	96ef4733c3	Update win_apt_bluemashroom.yml	2020-10-15 17:25:17 -03:00
Jonhnathan	ca31849be1	Update win_apt_bear_activity_gtr19.yml	2020-10-15 17:24:56 -03:00
Jonhnathan	10522becc3	Update win_apt_apt29_thinktanks.yml	2020-10-15 17:24:03 -03:00
Jonhnathan	bc1efd9843	Update sysmon_logon_scripts_userinitmprlogonscript_proc.yml	2020-10-15 17:23:44 -03:00
Jonhnathan	fdd9234acc	Revert "Create win_susp_replace_lolbin.yml" This reverts commit `e6a6549676`.	2020-10-15 14:57:18 -03:00
Jonhnathan	17e7eee3a6	Revert "Changed the rule to download only and not the copy" This reverts commit `1324bc1ad1`.	2020-10-15 14:57:14 -03:00
Jonhnathan	1324bc1ad1	Changed the rule to download only and not the copy	2020-10-07 16:18:21 -03:00
Jonhnathan	e6a6549676	Create win_susp_replace_lolbin.yml Item 77 of #1014	2020-10-07 10:37:15 -03:00
Florian Roth	c17ca6d5fe	Merge pull request #1018 from savvyspoon/wcry-dns WannaCry Killswitch domain DNS query	2020-09-29 09:27:21 +02:00
Florian Roth	d7d9c0e772	Merge pull request #1021 from hieuttmmo/master Sigma rule to detect AdFind.exe execution	2020-09-27 09:50:41 +02:00
Florian Roth	8020fe3c40	false positive condition	2020-09-26 17:03:29 +02:00
Florian Roth	60795f7050	Update win_susp_adfind.yml Fear that a simple adfind.exe causes too many false positives	2020-09-26 17:02:39 +02:00
Florian Roth	dbdd758365	Duplicate Rule we already have a rule for that	2020-09-26 17:01:32 +02:00
Tran Trung Hieu	d4dd0600ad	Fix logsource service to process_creation	2020-09-26 21:45:23 +07:00
Tran Trung Hieu	c756fc8576	Detect Suspicious AdFind Execution	2020-09-26 21:34:06 +07:00
Mike Wade	7b1ef9ea64	fixing test runner issues	2020-09-15 15:45:33 -06:00
Mike Wade	6ed36b0e41	fixed issues with tabs and duplicate tags	2020-09-15 08:52:00 -06:00
Mike Wade	da9b32bdd6	we	2020-09-15 06:24:44 -06:00
Mike Wade	8ce73bd8df	Fixed issues with tags and missing files	2020-09-15 06:10:57 -06:00
Thomas Patzke	378d9c94cf	Merge branch 'master' of https://github.com/socprime/sigma into pr-981	2020-09-15 12:14:49 +02:00
Mike Wade	249c255435	No Idea why these files are deleted	2020-09-13 22:00:30 -06:00
Yugoslavskiy Daniil	1fc202fe5d	fix typos, update tags	2020-09-13 15:46:45 +02:00
Tran Trung Hieu	49ba107dce	Fixed Title	2020-09-10 17:36:37 +07:00

1 2 3 4 5 ...

776 Commits