SigmaHQ

mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-08 10:13:57 +00:00

History

Karneades 18bbec4bcd improve(rule): add Empire links and userland match Add default task name and powershell task command to match what the rule name says: detects default config.		2019-08-09 11:58:43 +02:00
..
builtin	Rule: renamed and reworked hacktool Ruler rule	2019-07-26 14:49:09 +02:00
malware	Rule: separate Ryuk rule created for VBurovs strings	2019-08-06 10:33:46 +02:00
other	Converted to use the new process_creation data source	2019-03-09 20:57:59 +03:00
powershell	fixed typos	2019-06-29 15:35:59 +03:00
process_creation	fix: removed mmc susp rule due to many FPs	2019-08-07 14:26:15 +02:00
sysmon	improve(rule): add Empire links and userland match	2019-08-09 11:58:43 +02:00