| .. |
|
sysmon_cmstp_execution_by_access.yml
|
fix 3 times the same name file
|
2021-07-02 11:01:07 +02:00 |
|
sysmon_cobaltstrike_bof_injection_pattern.yml
|
Spelling Errors on Rules
|
2021-08-18 18:58:20 +00:00 |
|
sysmon_cred_dump_lsass_access.yml
|
Merging upstream updates
|
2021-07-01 12:18:30 +05:45 |
|
sysmon_direct_syscall_ntopenprocess.yml
|
Spelling Errors on Rules
|
2021-08-18 18:58:20 +00:00 |
|
sysmon_in_memory_assembly_execution.yml
|
Merging upstream updates
|
2021-07-01 12:18:30 +05:45 |
|
sysmon_invoke_phantom.yml
|
Merging upstream updates
|
2021-07-01 12:18:30 +05:45 |
|
sysmon_lazagne_cred_dump_lsass_access.yml
|
Merging upstream updates
|
2021-07-01 12:18:30 +05:45 |
|
sysmon_littlecorporal_generated_maldoc.yml
|
Spelling Errors on Rules
|
2021-08-18 18:58:20 +00:00 |
|
sysmon_load_undocumented_autoelevated_com_interface.yml
|
Merging upstream updates
|
2021-07-01 12:18:30 +05:45 |
|
sysmon_lsass_dump_comsvcs_dll.yml
|
Merging upstream updates
|
2021-07-01 12:18:30 +05:45 |
|
sysmon_lsass_memdump.yml
|
Merging upstream updates
|
2021-07-01 12:18:30 +05:45 |
|
sysmon_malware_verclsid_shellcode.yml
|
Merging upstream updates
|
2021-07-01 12:18:30 +05:45 |
|
sysmon_mimikatz_trough_winrm.yml
|
Replace old mitre techniques by new one
|
2021-08-22 13:57:56 +02:00 |
|
sysmon_pypykatz_cred_dump_lsass_access.yml
|
Added rule for pypykatz
|
2021-08-03 15:06:27 +05:45 |
|
sysmon_svchost_cred_dump.yml
|
Merging upstream updates
|
2021-07-01 12:18:30 +05:45 |
|
sysmon_uac_bypass_wow64_logger.yml
|
bulk of new rules to match working UACMe UAC bypasses
|
2021-08-31 12:51:21 +02:00 |
|
win_susp_shell_spawn_from_winrm.yml
|
Merging upstream updates
|
2021-07-01 12:18:30 +05:45 |
