SigmaHQ

mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 09:48:58 +00:00

History

Florian Roth 5d039dd138 rule: Cobalt Strike patterns		2021-07-27 11:24:40 +02:00
..
builtin	fix: avoid false positives with MSF psexec rule	2021-07-23 18:33:38 +02:00
create_remote_thread	Merging upstream updates	2021-07-01 12:18:30 +05:45
create_stream_hash	Merging upstream updates	2021-07-01 12:18:30 +05:45
deprecated	Merging upstream updates	2021-07-01 12:18:30 +05:45
dns_query	Merging upstream updates	2021-07-01 12:18:30 +05:45
driver_load	Merging upstream updates	2021-07-01 12:18:30 +05:45
file_delete	Added rule for deletion of DLLs by PrintNightmare	2021-07-01 16:33:55 +05:45
file_event	HiveNightmare and Relay attack tools adjustments	2021-07-26 10:59:35 +02:00
image_load	Merge branch 'config-adjustments' into rule-devel	2021-07-14 08:35:47 +02:00
malware	Fixed Spell Error	2021-07-02 11:47:20 -05:00
network_connection	Update sysmon_remote_powershell_session_network.yml	2021-07-03 14:25:55 +08:00
other	Added and updated Defender's tamper related rules	2021-07-05 20:30:07 +05:45
pipe_created	Merging upstream updates	2021-07-01 12:18:30 +05:45
powershell	Insert modified date	2021-07-06 20:56:31 +08:00
process_access	fix 3 times the same name file	2021-07-02 11:01:07 +02:00
process_creation	rule: Cobalt Strike patterns	2021-07-27 11:24:40 +02:00
raw_access_thread	Merging upstream updates	2021-07-01 12:18:30 +05:45
registry_event	PrinterNightmare rule updates	2021-07-08 14:35:51 +02:00
sysmon	Merging upstream updates	2021-07-01 12:18:30 +05:45
wmi_event	Merging upstream updates	2021-07-01 12:18:30 +05:45