SigmaHQ/rules/windows
2021-03-04 00:01:54 +07:00
..
builtin Merge pull request #1357 from Neo23x0/rule-devel 2021-02-26 11:05:00 +01:00
deprecated fix: buggy rule 2020-05-23 18:32:02 +02:00
driver_load att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other 2020-08-25 01:09:17 +02:00
file_event Merge pull request #1360 from d4rk-d4nph3/master 2021-03-03 09:32:05 +01:00
image_load fixed various spelling errors all over rules and source code 2021-02-24 14:43:13 +00:00
malware fixed various spelling errors all over rules and source code 2021-02-24 14:43:13 +00:00
network_connection rework: impossible rule with Sysmon 2021-01-19 14:12:40 +01:00
other fix service from system to security for rule win_pcap_drivers.yml 2021-01-22 09:10:02 +01:00
powershell fix: search for keywords within message 2021-02-26 09:42:12 +01:00
process_access Split up cmstp rule into 3 separate rules and remove duplicates 2020-12-23 12:17:39 -05:00
process_creation Detect HAFNIUM operations 2021-03-04 00:01:54 +07:00
registry_event Merge pull request #1366 from Neo23x0/rule-devel 2021-02-26 18:09:44 +01:00
sysmon fixed various spelling errors all over rules and source code 2021-02-24 14:43:13 +00:00