| .. |
|
builtin
|
Back to upstream version.
|
2021-06-29 11:02:55 +02:00 |
|
create_remote_thread
|
Updated rules with modifiers instead of '*' and remove trailing '\\'
|
2021-06-27 14:51:29 +02:00 |
|
create_stream_hash
|
Clean-up service: sysmon as it will be replaced by filling the category
|
2021-04-15 02:02:25 +02:00 |
|
deprecated
|
fix category and TargetImage|endswith
|
2021-06-21 21:06:54 +02:00 |
|
dns_query
|
NCCGroup rules from rclone blog post
|
2021-05-27 12:49:40 +02:00 |
|
driver_load
|
Update sysmon_vuln_dell_driver_load.yml
|
2021-05-05 14:31:01 +02:00 |
|
file_delete
|
Clean-up service: sysmon as it will be replaced by filling the category
|
2021-04-15 02:02:25 +02:00 |
|
file_event
|
Merge pull request #1590 from SigmaHQ/rule-devel
|
2021-06-30 14:50:52 +02:00 |
|
image_load
|
Merge branch 'SigmaHQ:master' into master
|
2021-06-30 20:36:23 +07:00 |
|
malware
|
Merge pull request #1479 from SigmaHQ/rule-devel
|
2021-05-15 13:42:34 +02:00 |
|
network_connection
|
Update Threat Hunter Playbook Reference
|
2021-05-22 01:02:19 -03:00 |
|
other
|
Add rule to detect AD enumeration
|
2021-06-22 15:57:49 -04:00 |
|
pipe_created
|
refactor: reworked CS pipe rule
|
2021-05-26 17:22:34 +02:00 |
|
powershell
|
Typo on Find-DomainObjectPropertyOutlier
|
2021-06-25 10:35:33 +02:00 |
|
process_access
|
Updated rules with modifiers instead of '*' and remove trailing '\\'
|
2021-06-27 14:51:29 +02:00 |
|
process_creation
|
Suspicious behaviours related to SOURGUM
|
2021-07-16 14:13:48 +07:00 |
|
raw_access_thread
|
- Remove 'service: sysmon' since defining the categories made the rules generic
|
2020-10-02 09:37:52 +02:00 |
|
registry_event
|
Merge branch 'SigmaHQ:master' into master
|
2021-06-29 11:05:42 +02:00 |
|
sysmon
|
Updated rules with modifiers instead of '*' and remove trailing '\\'
|
2021-06-27 14:51:29 +02:00 |
|
wmi_event
|
Merge branch 'master' of https://github.com/SigmaHQ/sigma
|
2021-04-15 01:25:48 +02:00 |
