SigmaHQ

mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 17:58:52 +00:00

Author	SHA1	Message	Date
BlueTeamOps	c3c706503e	Update win_sus_auditpol_usage.yml	2021-02-02 22:24:54 +11:00
BlueTeamOps	b0d0bb95b0	Created win_sus_auditpol_usage.yml This adds detection for suspicious behaviour of the auditpol binary	2021-02-02 19:12:13 +11:00