valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 17:58:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
8b3b312c4e
SigmaHQ/rules/windows/registry_event
History
Florian Roth 5f04fcccf5 fix: broken links
2020-07-03 11:22:06 +02:00
..
sysmon_apt_oceanlotus_registry.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_apt_pandemic.yml fix: bugfix and cosmetics 2020-06-24 18:10:58 +02:00
sysmon_asep_reg_keys_modification.yml fix: bugfix and cosmetics 2020-06-24 18:10:58 +02:00
sysmon_cmstp_execution.yml fix: broken links 2020-07-03 11:22:06 +02:00
sysmon_cve-2020-1048.yml refactor: sysmon rule cleanup > generlization 2020-07-01 10:58:39 +02:00
sysmon_dhcp_calloutdll.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_disable_security_events_logging_adding_reg_key_minint.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_dns_serverlevelplugindll.yml fix: bugfix and cosmetics 2020-06-24 18:10:58 +02:00
sysmon_etw_disabled.yml refactor: sysmon rule cleanup > generlization 2020-07-01 10:58:39 +02:00
sysmon_hack_wce_reg.yml fix: duplicate IDs and rule titles 2020-07-01 16:37:27 +02:00
sysmon_logon_scripts_userinitmprlogonscript_reg.yml fix: duplicate IDs and rule titles 2020-07-01 16:37:27 +02:00
sysmon_narrator_feedback_persistance.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_new_dll_added_to_appcertdlls_registry_key.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_new_dll_added_to_appinit_dlls_registry_key.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_possible_privilege_escalation_via_service_registry_permissions_weakness.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_rdp_registry_modification.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_rdp_settings_hijack.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_redmimicry_winnti_reg.yml fix: renamed files and lien break change 2020-07-01 09:48:48 +02:00
sysmon_reg_office_security.yml refactor: sysmon rule cleanup > generlization 2020-07-01 10:58:39 +02:00
sysmon_registry_persistence_key_linking.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_registry_persistence_search_order.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_registry_trust_record_modification.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_ssp_added_lsa_config.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_stickykey_like_backdoor.yml fix: bugfix and cosmetics 2020-06-24 18:10:58 +02:00
sysmon_susp_download_run_key.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_susp_lsass_dll_load.yml refactor: sysmon rule cleanup > generlization 2020-07-01 10:58:39 +02:00
sysmon_susp_mic_cam_access.yml refactor: sysmon rule cleanup > generlization 2020-07-01 10:58:39 +02:00
sysmon_susp_reg_persist_explorer_run.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_susp_run_key_img_folder.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_susp_service_installed.yml style: removed new lines 2020-07-01 09:11:00 +02:00
sysmon_suspicious_keyboard_layout_load.yml style: removed new lines 2020-07-01 09:11:00 +02:00
sysmon_sysinternals_eula_accepted.yml fix: bugfix and cosmetics 2020-06-24 18:10:58 +02:00
sysmon_uac_bypass_eventvwr.yml fix: bugfix and cosmetics 2020-06-24 18:10:58 +02:00
sysmon_uac_bypass_sdclt.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_win_reg_persistence.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00