valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 17:58:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
794865c79d
SigmaHQ/rules/windows
History
phantinuss 794865c79d
fix: adding filter to condition and reintroducing the users folder constraint
2021-04-01 14:37:17 +02:00
..
builtin Merge pull request #1398 from SigmaHQ/rule-devel 2021-03-20 17:21:31 +01:00
deprecated fix: buggy rule 2020-05-23 18:32:02 +02:00
driver_load att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other 2020-08-25 01:09:17 +02:00
file_event Merge pull request #1360 from d4rk-d4nph3/master 2021-03-03 09:32:05 +01:00
image_load fixed various spelling errors all over rules and source code 2021-02-24 14:43:13 +00:00
malware Added detection for Dumpert 2021-03-27 07:34:05 +11:00
network_connection rework: impossible rule with Sysmon 2021-01-19 14:12:40 +01:00
other fix service from system to security for rule win_pcap_drivers.yml 2021-01-22 09:10:02 +01:00
powershell fix: search for keywords within message 2021-02-26 09:42:12 +01:00
process_access Split up cmstp rule into 3 separate rules and remove duplicates 2020-12-23 12:17:39 -05:00
process_creation fix: adding filter to condition and reintroducing the users folder constraint 2021-04-01 14:37:17 +02:00
registry_event Merge pull request #1376 from SigmaHQ/rule-devel 2021-03-05 18:17:20 +01:00
sysmon fix: adding only as a known false positive as it cannot be filtered out in a generic and public way 2021-04-01 14:37:15 +02:00