SigmaHQ/rules/windows/sysmon
2021-07-17 00:02:15 +07:00
..
sysmon_abusing_windows_telemetry_for_persistence.yml escape / in regex 2021-07-15 08:13:49 +02:00
sysmon_accessing_winapi_in_powershell_credentials_dumping.yml Merge branch 'master' into falsepositives_NOT_a_list 2021-05-27 10:23:19 +02:00
sysmon_config_modification.yml Update sysmon_config_modification.yml 2021-06-16 15:34:23 +02:00
sysmon_cve_2021_31979_cve-2021_33771_exploits.yml Update and rename sysmon_devilstongue_CVE_2021_31979_exploit.yml to sysmon_cve_2021_31979_cve-2021_33771_exploits.yml 2021-07-17 00:02:15 +07:00
sysmon_dcom_iertutil_dll_hijack.yml Updated rules with modifiers instead of '*' and remove trailing '\\' 2021-06-27 14:51:29 +02:00
sysmon_dns_hybridconnectionmgr_servicebus.yml Convert eventID 22 to category dns_query 2021-06-10 16:43:33 +02:00
sysmon_pingback_backdoor.yml Fixed too many spaces after hyphen error 2021-05-05 12:48:29 +05:45
sysmon_wmiprvse_wbemcomn_dll_hijack.yml forget to add modified 2021-06-10 17:27:15 +02:00