SigmaHQ/rules/windows
2020-11-19 22:37:13 -03:00
..
builtin Improve detection logic 2020-11-19 22:37:13 -03:00
deprecated fix: buggy rule 2020-05-23 18:32:02 +02:00
driver_load Update sysmon_susp_driver_load.yml 2020-10-15 15:57:05 -03:00
file_event Update sysmon_susp_procexplorer_driver_created_in_tmp_folder.yml 2020-10-27 22:10:17 -03:00
image_load Update sysmon_susp_office_dsparse_dll_load.yml 2020-10-27 22:13:02 -03:00
malware Update win_mal_ryuk.yml 2020-10-27 22:47:41 -03:00
network_connection Update sysmon_susp_prog_location_network_connection.yml 2020-10-27 22:56:32 -03:00
other Fix 2020-10-15 20:29:02 -03:00
powershell Update powershell_malicious_commandlets.yml 2020-10-15 20:59:27 -03:00
process_access Update sysmon_malware_verclsid_shellcode.yml 2020-10-15 17:19:06 -03:00
process_creation Update win_apt_chafer_mar18.yml 2020-10-27 23:28:04 -03:00
registry_event Update sysmon_susp_service_installed.yml 2020-10-15 20:50:42 -03:00
sysmon Update sysmon_wmi_susp_scripting.yml 2020-10-15 20:15:22 -03:00