SigmaHQ/rules/network/zeek
2021-09-22 16:21:07 +02:00
..
zeek_dce_rpc_domain_user_enumeration.yml fix filename 2021-09-22 16:21:07 +02:00
zeek_dce_rpc_mitre_bzar_execution.yml docs: MITRE ATT&CK(R) trademark references removed or adjusted 2020-09-30 08:53:52 +02:00
zeek_dce_rpc_mitre_bzar_persistence.yml docs: MITRE ATT&CK(R) trademark references removed or adjusted 2020-09-30 08:53:52 +02:00
zeek_dce_rpc_potential_petit_potam_efs_rpc_call.yml condition fix and add fields 2021-08-23 14:59:06 -04:00
zeek_dce_rpc_printnightmare_print_driver_install.yml Update cve tags 2021-08-24 10:50:01 +02:00
zeek_dce_rpc_smb_spoolss_named_pipe.yml add modified 2021-08-24 08:01:01 +02:00
zeek_default_cobalt_strike_certificate.yml add modified 2021-08-24 07:59:36 +02:00
zeek_dns_mining_pools.yml Various fixes 2021-09-07 23:38:07 +02:00
zeek_dns_suspicious_zbit_flag.yml Various fixes 2021-09-07 23:38:07 +02:00
zeek_dns_torproxy.yml update fix 2021-08-19 17:55:41 +02:00
zeek_http_executable_download_from_webdav.yml fix condition operator case 2021-09-10 13:51:52 +02:00
zeek_http_exfiltration_compressed_files.yml Fixes&improvements 2021-04-08 01:06:40 +02:00
zeek_http_omigod_no_auth_rce.yml Zeek detection for OMIGOD HTTP RCE 2021-09-20 12:26:01 -04:00
zeek_http_webdav_put_request.yml Fixes&improvements 2021-04-08 01:06:40 +02:00
zeek_rdp_public_listener.yml correct fields for zeek_rdp_public_listener.yml 2021-08-23 14:16:55 -04:00
zeek_smb_converted_win_atsvc_task.yml att&ck tags review: web, network/zeek 2020-09-03 17:06:37 +03:00
zeek_smb_converted_win_impacket_secretdump.yml Update zeek_smb_converted_win_impacket_secretdump.yml 2020-11-28 19:02:53 +01:00
zeek_smb_converted_win_lm_namedpipe.yml att&ck tags review: web, network/zeek 2020-09-03 17:06:37 +03:00
zeek_smb_converted_win_susp_psexec.yml Update zeek_smb_converted_win_susp_psexec.yml 2020-11-28 19:05:22 +01:00
zeek_smb_converted_win_susp_raccess_sensitive_fext.yml Update zeek_smb_converted_win_susp_raccess_sensitive_fext.yml 2020-10-15 23:14:34 -03:00
zeek_smb_converted_win_transferring_files_with_credential_data.yml att&ck tags review: web, network/zeek 2020-09-03 17:06:37 +03:00
zeek_susp_kerberos_rc4.yml test author for Detection Rule License 1.1 2021-08-14 19:16:36 +02:00