| .. |
|
builtin
|
Update win_cobaltstrike_service_installs.yml
|
2021-06-01 21:53:25 +02:00 |
|
create_remote_thread
|
Update Threat Hunter Playbook Reference
|
2021-05-22 01:00:39 -03:00 |
|
create_stream_hash
|
Clean-up service: sysmon as it will be replaced by filling the category
|
2021-04-15 02:02:25 +02:00 |
|
deprecated
|
fix: buggy rule
|
2020-05-23 18:32:02 +02:00 |
|
dns_query
|
NCCGroup rules from rclone blog post
|
2021-05-27 12:49:40 +02:00 |
|
driver_load
|
Update sysmon_vuln_dell_driver_load.yml
|
2021-05-05 14:31:01 +02:00 |
|
file_delete
|
Clean-up service: sysmon as it will be replaced by filling the category
|
2021-04-15 02:02:25 +02:00 |
|
file_event
|
Merge pull request #1514 from SigmaHQ/rule-devel
|
2021-05-27 16:30:30 +02:00 |
|
image_load
|
Merge branch 'master' into falsepositives_NOT_a_list
|
2021-05-27 10:23:19 +02:00 |
|
malware
|
Merge pull request #1479 from SigmaHQ/rule-devel
|
2021-05-15 13:42:34 +02:00 |
|
network_connection
|
Update Threat Hunter Playbook Reference
|
2021-05-22 01:02:19 -03:00 |
|
other
|
category other is useless
|
2021-05-30 09:17:41 +02:00 |
|
pipe_created
|
refactor: reworked CS pipe rule
|
2021-05-26 17:22:34 +02:00 |
|
powershell
|
Merge pull request #1471 from d4rk-d4nph3/master
|
2021-05-27 12:55:03 +02:00 |
|
process_access
|
Merge pull request #1484 from ZikyHD/filter_sysmon_in_memory_assembly_execution
|
2021-05-27 12:55:31 +02:00 |
|
process_creation
|
added rule for rundll32 launch of fsecure C3
|
2021-06-02 19:57:39 +01:00 |
|
raw_access_thread
|
- Remove 'service: sysmon' since defining the categories made the rules generic
|
2020-10-02 09:37:52 +02:00 |
|
registry_event
|
Merge pull request #1527 from SigmaHQ/rule-devel
|
2021-06-01 18:18:22 +02:00 |
|
sysmon
|
Merge branch 'master' into falsepositives_NOT_a_list
|
2021-05-27 10:23:19 +02:00 |
|
wmi_event
|
Merge branch 'master' of https://github.com/SigmaHQ/sigma
|
2021-04-15 01:25:48 +02:00 |
