| .. |
|
builtin
|
Merge pull request #1494 from Karneades/patch-1
|
2021-05-21 10:35:18 +02:00 |
|
create_remote_thread
|
Merge branch 'master' of https://github.com/SigmaHQ/sigma
|
2021-04-15 01:25:48 +02:00 |
|
create_stream_hash
|
Clean-up service: sysmon as it will be replaced by filling the category
|
2021-04-15 02:02:25 +02:00 |
|
deprecated
|
fix: buggy rule
|
2020-05-23 18:32:02 +02:00 |
|
dns_query
|
- Remove 'service: sysmon' since defining the categories made the rules generic
|
2020-10-02 09:37:52 +02:00 |
|
driver_load
|
Update sysmon_vuln_dell_driver_load.yml
|
2021-05-05 14:31:01 +02:00 |
|
file_delete
|
Clean-up service: sysmon as it will be replaced by filling the category
|
2021-04-15 02:02:25 +02:00 |
|
file_event
|
Merge pull request #1430 from Scoubi/patch-1
|
2021-05-04 12:27:56 +02:00 |
|
image_load
|
Merge pull request #1475 from wagga40/master
|
2021-05-14 08:59:39 +02:00 |
|
malware
|
Merge pull request #1479 from SigmaHQ/rule-devel
|
2021-05-15 13:42:34 +02:00 |
|
network_connection
|
Merge pull request #1479 from SigmaHQ/rule-devel
|
2021-05-15 13:42:34 +02:00 |
|
other
|
Update and rename rules/windows/other/win_Outlook_C2_Registry_Key.yml to rules/windows/registry_event_write/win_outlook_C2_registry_key.yml
|
2021-05-04 09:41:38 +02:00 |
|
pipe_created
|
docs: extended authors of malicious pipe rule
|
2021-05-04 09:28:17 +02:00 |
|
powershell
|
Update powershell_suspicious_getprocess_lsass.yml
|
2021-05-04 14:04:52 +03:00 |
|
process_access
|
Update win_susp_shell_spawn_from_winrm.yml
|
2021-05-22 15:28:50 +02:00 |
|
process_creation
|
fix typo of fields
|
2021-05-24 10:34:56 +02:00 |
|
raw_access_thread
|
- Remove 'service: sysmon' since defining the categories made the rules generic
|
2020-10-02 09:37:52 +02:00 |
|
registry_event
|
registry_event is a category
|
2021-05-12 08:51:38 +02:00 |
|
sysmon
|
Merge pull request #1461 from d4rk-d4nph3/master
|
2021-05-05 12:42:27 +02:00 |
|
wmi_event
|
Merge branch 'master' of https://github.com/SigmaHQ/sigma
|
2021-04-15 01:25:48 +02:00 |
