valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-08 18:23:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
932dabf7ea
SigmaHQ/rules/windows
History
Jonhnathan 932dabf7ea
Update win_susp_comsvcs_procdump.yml
2020-10-15 19:21:11 -03:00
..
builtin Update win_vul_cve_2020_0688.yml 2020-10-15 15:56:36 -03:00
deprecated fix: buggy rule 2020-05-23 18:32:02 +02:00
driver_load Update sysmon_susp_driver_load.yml 2020-10-15 15:57:05 -03:00
file_event Update sysmon_tsclient_filewrite_startup.yml 2020-10-15 16:02:52 -03:00
image_load Update sysmon_svchost_dll_search_order_hijack.yml 2020-10-15 16:10:23 -03:00
malware Update win_mal_ursnif.yml 2020-10-15 16:18:38 -03:00
network_connection Update sysmon_win_binary_susp_com.yml 2020-10-15 16:27:01 -03:00
other Update win_wmi_persistence.yml 2020-10-15 17:08:15 -03:00
powershell Update powershell_winlogon_helper_dll.yml 2020-10-15 17:15:23 -03:00
process_access Update sysmon_malware_verclsid_shellcode.yml 2020-10-15 17:19:06 -03:00
process_creation Update win_susp_comsvcs_procdump.yml 2020-10-15 19:21:11 -03:00
registry_event added event type & changed technique 2020-10-02 09:22:14 +05:30
sysmon Revert "att&ck tags review: windows/process_creation part 5" 2020-09-07 01:28:08 +04:00