valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-08 18:23:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
5,728 Commits 20 Branches 25 Tags 21 MiB
f461becc58
Commit Graph

5728 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Thomas Patzke
2e4c98115d Removed ES query tests 2020-11-30 02:29:35 +01:00
Thomas Patzke
6e690ad313 Removed ES query tests 2020-11-30 02:27:50 +01:00
Thomas Patzke
3d47d17769 Removed ES query tests 2020-11-30 02:17:02 +01:00
Thomas Patzke
9649cccfbc restore tests 2020-11-30 02:16:13 +01:00
Thomas Patzke
38a58ec3e7 Removed ES query tests 2020-11-30 02:12:47 +01:00
Thomas Patzke
68153b237f Removed ES query tests 2020-11-30 02:11:23 +01:00
Thomas Patzke
68cf2a441a Removed ES query tests 2020-11-30 02:10:16 +01:00
yugoslavskiy
56f94a19f7
Update win_regedit_export_keys.yml 2020-11-30 02:08:54 +01:00
Thomas Patzke
353546d970 Removed ES query tests 2020-11-30 02:06:20 +01:00
yugoslavskiy
0414d7a498
Merge branch 'oscd' into master 2020-11-30 02:04:03 +01:00
Thomas Patzke
13576a63d9 Removed ES query tests 2020-11-30 02:02:05 +01:00
Thomas Patzke
4179c21bbb add sigma-test.yml 2020-11-30 02:01:50 +01:00
Thomas Patzke
38154c014e Removed ES query tests 2020-11-30 01:55:53 +01:00
Thomas Patzke
73ce8b2e3b Removed ES query tests 2020-11-30 01:54:51 +01:00
Thomas Patzke
1417d0332d Removed ES query tests 2020-11-30 01:53:09 +01:00
Thomas Patzke
a62d0669e7 Removed ES query tests 2020-11-30 01:52:06 +01:00
Thomas Patzke
f4c9ff037d Removed ES query tests 2020-11-30 01:48:57 +01:00
yugoslavskiy
424f1523d8
restore original rule 2020-11-30 01:32:06 +01:00
yugoslavskiy
e1cd98c97d
restore original rule 2020-11-30 01:31:00 +01:00
Yugoslavskiy Daniil
d812a3e08e resolve conflict restoring rule win_susp_replace_lolbin.yml 2020-11-30 01:09:24 +01:00
Yugoslavskiy Daniil
98617609d6 Merge branch 'oscd' into HEAD 2020-11-30 01:07:26 +01:00
Thomas Patzke
c6e381bcd5 Removed ES query tests 2020-11-30 00:57:34 +01:00
Yugoslavskiy Daniil
50623544a2 remove possible duplicate filter 2020-11-29 22:03:19 +01:00
Thomas Patzke
578d2f0585
Merge pull request #1283 from 404d/mdatp-fixes 
mdatp: Mapping and generic event changes, case insensitive search
 2020-11-29 21:56:17 +01:00
yugoslavskiy
69de4598fd
restore the original file 2020-11-29 21:32:46 +01:00
yugoslavskiy
871f965109
Update lnx_susp_named.yml 2020-11-29 21:31:54 +01:00
yugoslavskiy
769ef23ccf
restore the original file 2020-11-29 21:30:50 +01:00
OG
70fb078a56
Update sysmon_office_test_regadd.yml 2020-11-29 18:02:37 +05:30
OG
8e801ede32
Update win_susp_psexec_eula.yml 2020-11-29 17:45:29 +05:30
yugoslavskiy
02ea91ec8b
Update proxy_ursnif_malware.yml 2020-11-28 19:09:07 +01:00
yugoslavskiy
e932eda645
Update proxy_cobalt_onedrive.yml 2020-11-28 19:07:07 +01:00
yugoslavskiy
ffaad33acd
Update zeek_smb_converted_win_susp_psexec.yml 2020-11-28 19:05:30 +01:00
yugoslavskiy
e97c4b0ac5
Update zeek_smb_converted_win_susp_psexec.yml 2020-11-28 19:05:22 +01:00
yugoslavskiy
68a62a5428
Update zeek_smb_converted_win_impacket_secretdump.yml 2020-11-28 19:02:53 +01:00
yugoslavskiy
207623d2d7
Update proxy_susp_flash_download_loc.yml 2020-11-28 18:59:00 +01:00
yugoslavskiy
8c2f884504
restore the rule 2020-11-28 18:53:13 +01:00
yugoslavskiy
5afb445b8b
restored the rule 2020-11-28 18:52:43 +01:00
Jonhnathan
a9fde0117b
Merge branch 'oscd' into oscd_rules_improvement 2020-11-28 14:52:31 -03:00
yugoslavskiy
7dc5233dd9
Update win_susp_commands_recon_activity.yml 2020-11-28 18:43:04 +01:00
yugoslavskiy
5196926d60
Update sysmon_stickykey_like_backdoor.yml 2020-11-28 18:33:21 +01:00
yugoslavskiy
39c2258848
Update sysmon_registry_persistence_search_order.yml 2020-11-28 18:30:41 +01:00
yugoslavskiy
9f8ef95571
Update win_webshell_detection.yml 2020-11-28 18:25:09 +01:00
yugoslavskiy
c761d05a17
Update win_system_exe_anomaly.yml 2020-11-28 18:03:19 +01:00
yugoslavskiy
1fec90e8f3
Update win_susp_wmi_execution.yml 2020-11-28 18:01:16 +01:00
yugoslavskiy
258334d6d1
Update win_susp_wmi_execution.yml 2020-11-28 18:01:06 +01:00
Jonhnathan
95eb7424aa
Update sysmon_susp_run_key_img_folder.yml 2020-11-28 13:54:59 -03:00
Jonhnathan
f504ccc33f
Update sysmon_susp_reg_persist_explorer_run.yml 2020-11-28 13:52:36 -03:00
Jonhnathan
986800056c
Update sysmon_stickykey_like_backdoor.yml 2020-11-28 13:50:13 -03:00
yugoslavskiy
c0c74a05df
Update win_susp_sysvol_access.yml 2020-11-28 17:49:21 +01:00
Jonhnathan
ef34c94e6a
Update sysmon_registry_persistence_search_order.yml 2020-11-28 13:49:18 -03:00