valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 01:45:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
71785b91b5
SigmaHQ/rules/windows/network_connection
History
Jonhnathan 71785b91b5
Update sysmon_susp_prog_location_network_connection.yml
2020-10-15 16:25:25 -03:00
..
sysmon_dllhost_net_connections.yml Update sysmon_dllhost_net_connections.yml 2020-10-15 16:19:43 -03:00
sysmon_malware_backconnect_ports.yml Update sysmon_malware_backconnect_ports.yml 2020-10-15 16:20:27 -03:00
sysmon_notepad_network_connection.yml Update sysmon_notepad_network_connection.yml 2020-10-15 16:21:38 -03:00
sysmon_powershell_network_connection.yml Update sysmon_powershell_network_connection.yml 2020-10-15 16:22:13 -03:00
sysmon_rdp_reverse_tunnel.yml Update sysmon_rdp_reverse_tunnel.yml 2020-10-15 16:23:17 -03:00
sysmon_regsvr32_network_activity.yml added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes 2020-08-25 23:51:22 +00:00
sysmon_remote_powershell_session_network.yml added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes 2020-08-25 23:51:22 +00:00
sysmon_rundll32_net_connections.yml Update sysmon_rundll32_net_connections.yml 2020-10-15 16:24:38 -03:00
sysmon_susp_prog_location_network_connection.yml Update sysmon_susp_prog_location_network_connection.yml 2020-10-15 16:25:25 -03:00
sysmon_susp_rdp.yml added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes 2020-08-25 23:51:22 +00:00
sysmon_suspicious_outbound_kerberos_connection.yml added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes 2020-08-25 23:51:22 +00:00
sysmon_win_binary_github_com.yml added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes 2020-08-25 23:51:22 +00:00
sysmon_win_binary_susp_com.yml added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes 2020-08-25 23:51:22 +00:00