.. |
silenttrinity_stager_msbuild_activity.yml
|
fixed more legal issues
|
2021-05-15 13:09:08 +02:00 |
sysmon_dllhost_net_connections.yml
|
Update sysmon_dllhost_net_connections.yml
|
2020-10-15 16:19:43 -03:00 |
sysmon_malware_backconnect_ports.yml
|
Update sysmon_malware_backconnect_ports.yml
|
2020-10-15 16:20:27 -03:00 |
sysmon_notepad_network_connection.yml
|
Update sysmon_notepad_network_connection.yml
|
2020-10-15 16:21:38 -03:00 |
sysmon_powershell_network_connection.yml
|
Move ipv6 check to selection fields as filter is negated
|
2021-07-02 22:02:43 +01:00 |
sysmon_rdp_reverse_tunnel.yml
|
Correct cast-sensitive Key "DestinationIp"
|
2021-05-11 10:49:10 +02:00 |
sysmon_regsvr32_network_activity.yml
|
added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes
|
2020-08-25 23:51:22 +00:00 |
sysmon_remote_powershell_session_network.yml
|
Update sysmon_remote_powershell_session_network.yml
|
2021-07-03 14:25:55 +08:00 |
sysmon_rundll32_net_connections.yml
|
Update sysmon_rundll32_net_connections.yml
|
2020-10-15 16:24:38 -03:00 |
sysmon_susp_prog_location_network_connection.yml
|
Update sysmon_susp_prog_location_network_connection.yml
|
2020-10-27 22:56:32 -03:00 |
sysmon_susp_rdp.yml
|
Update sysmon_susp_rdp.yml
|
2020-10-15 16:25:58 -03:00 |
sysmon_suspicious_outbound_kerberos_connection.yml
|
added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes
|
2020-08-25 23:51:22 +00:00 |
sysmon_win_binary_github_com.yml
|
Remove additional backslash
|
2020-11-20 00:52:54 -03:00 |
sysmon_win_binary_susp_com.yml
|
Remove additional backslash
|
2020-11-20 00:53:13 -03:00 |
sysmon_wuauclt_network_connection.yml
|
Fixes&improvements
|
2021-04-08 01:06:40 +02:00 |