valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 17:58:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
206adbb2b6
SigmaHQ/rules/windows/registry_event
History
Bhabesh Rai 206adbb2b6 Merging upstream updates
2021-07-01 12:18:30 +05:45
..
sysmon_apt_leviathan.yml att&ck tags review: windows/registry_event 2020-09-06 22:10:44 +03:00
sysmon_apt_oceanlotus_registry.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_apt_pandemic.yml Update sysmon_apt_pandemic.yml 2020-07-16 08:48:32 +02:00
sysmon_asep_reg_keys_modification.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_bypass_via_wsreset.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_cmstp_execution.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_cobaltstrike_service_installs.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_comhijack_sdclt.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_cve-2020-1048.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_dhcp_calloutdll.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_disable_microsoft_office_security_features.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_disable_security_events_logging_adding_reg_key_minint.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_disable_wdigest_credential_guard.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_dns_serverlevelplugindll.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_enabling_cor_profiler_env_variables.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_etw_disabled.yml refactor: sysmon rule cleanup > generlization 2020-07-01 10:58:39 +02:00
sysmon_hack_wce_reg.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_hybridconnectionmgr_svc_installation.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_logon_scripts_userinitmprlogonscript_reg.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_modify_screensaver_binary_path.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_narrator_feedback_persistance.yml att&ck tags review: windows/registry_event 2020-09-06 22:10:44 +03:00
sysmon_new_application_appcompat.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_new_dll_added_to_appcertdlls_registry_key.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_new_dll_added_to_appinit_dlls_registry_key.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_office_test_regadd.yml Update sysmon_office_test_regadd.yml 2020-11-29 18:02:37 +05:30
sysmon_office_vsto_persistence.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_possible_privilege_escalation_via_service_registry_permissions_weakness.yml att&ck tags review: windows/registry_event 2020-09-06 22:10:44 +03:00
sysmon_powershell_as_service.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_rdp_registry_modification.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_rdp_settings_hijack.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_redmimicry_winnti_reg.yml fix: renamed files and lien break change 2020-07-01 09:48:48 +02:00
sysmon_reg_office_security.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_reg_silentprocessexit_lsass.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_reg_silentprocessexit.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_reg_vbs_payload_stored.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_registry_add_local_hidden_user.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_registry_persistence_key_linking.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_registry_persistence_search_order.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_registry_trust_record_modification.yml att&ck tags review: windows/registry_event 2020-09-06 22:10:44 +03:00
sysmon_removal_amsi_registry_key.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_removal_com_hijacking_registry_key.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_runkey_winekey.yml ryuk changes 2020-10-30 13:15:11 +05:30
sysmon_runonce_persistence.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_ssp_added_lsa_config.yml att&ck tags review: windows/registry_event 2020-09-06 22:10:44 +03:00
sysmon_stickykey_like_backdoor.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_atbroker_change.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_download_run_key.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_lsass_dll_load.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_mic_cam_access.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_reg_persist_explorer_run.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_run_key_img_folder.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_service_installed.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_suspicious_keyboard_layout_load.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_sysinternals_eula_accepted.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_sysinternals_sdelete_registry_keys.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_taskcache_entry.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_uac_bypass_eventvwr.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_uac_bypass_sdclt.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_volume_shadow_copy_service_keys.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_wab_dllpath_reg_change.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_wdigest_enable_uselogoncredential.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_win_reg_persistence.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_win_reg_telemetry_persistence.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
win_outlook_c2_registry_key.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
win_outlook_registry_todaypage.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
win_outlook_registry_webview.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
win_portproxy_registry_key.yml Merging upstream updates 2021-07-01 12:18:30 +05:45