valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-06 17:35:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
ab613af365
SigmaHQ/rules/windows/sysmon
History
frack113 92999468ee
Merge pull request #2012 from frack113/upgrade_test 
Upgrade test_rules.py
2021-09-11 15:29:19 +02:00
..
Monitor_executable_and_script_files_creation_by_Office_applications_using_file_extentions.yml Merge pull request #2012 from frack113/upgrade_test 2021-09-11 15:29:19 +02:00
Monitor_Office_Applications_from_proxy_executing_regsvr32_with_payload.yml Merge pull request #2012 from frack113/upgrade_test 2021-09-11 15:29:19 +02:00
Office_Applications_Spawning_WMI_command-line.yml fix condition operator case 2021-09-10 13:51:52 +02:00
sysmon_accessing_winapi_in_powershell_credentials_dumping.yml Merge branch 'master' into falsepositives_NOT_a_list 2021-05-27 10:23:19 +02:00
sysmon_config_modification_error.yml Split global rules 2021-09-07 13:30:32 +02:00
sysmon_config_modification_status.yml Split global rules 2021-09-07 13:30:32 +02:00
sysmon_dcom_iertutil_dll_hijack.yml Updated rules with modifiers instead of '*' and remove trailing '\\' 2021-06-27 14:51:29 +02:00