SigmaHQ

mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-08 02:08:54 +00:00

History

Florian Roth 73a3a1e5cd Merge pull request #1360 from d4rk-d4nph3/master Added sigma rule for vSphere RCE CVE-2021-21972		2021-03-03 09:32:05 +01:00
..
sysmon_creation_system_file.yml	att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other	2020-08-25 01:09:17 +02:00
sysmon_cred_dump_tools_dropped_files.yml	att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other	2020-08-25 01:09:17 +02:00
sysmon_cve_2021_26858_msexchange.yml	Added rules for successful exploitation fo CVE-2021-26857/8 in Exchannge	2021-03-03 12:46:50 +05:45
sysmon_ghostpack_safetykatz.yml	att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other	2020-08-25 01:09:17 +02:00
sysmon_hack_dumpert.yml	att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other	2020-08-25 01:09:17 +02:00
sysmon_lsass_memory_dump_file_creation.yml	att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other	2020-08-25 01:09:17 +02:00
sysmon_office_persistence.yml	att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other	2020-08-25 01:09:17 +02:00
sysmon_powershell_exploit_scripts.yml	att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other	2020-08-25 01:09:17 +02:00
sysmon_quarkspw_filedump.yml	att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other	2020-08-25 01:09:17 +02:00
sysmon_redmimicry_winnti_filedrop.yml	fix: renamed files and lien break change	2020-07-01 09:48:48 +02:00
sysmon_susp_adsi_cache_usage.yml	Merge pull request #989 from oscd-initiative/master	2020-09-08 13:27:58 +02:00
sysmon_susp_desktop_ini.yml	att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other	2020-08-25 01:09:17 +02:00
sysmon_susp_procexplorer_driver_created_in_tmp_folder.yml	att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other	2020-08-25 01:09:17 +02:00
sysmon_tsclient_filewrite_startup.yml	Fixes for rules in the sysmon file_event category	2020-07-03 16:22:29 -04:00
sysmon_webshell_creation_detect.yml	fixed various spelling errors all over rules and source code	2021-02-24 14:43:13 +00:00
sysmon_wmi_persistence_script_event_consumer_write.yml	att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other	2020-08-25 01:09:17 +02:00
win_susp_desktopimgdownldr_file.yml	docs: more references	2020-07-03 13:19:44 +02:00