valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 17:58:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
adbdb5b22f
SigmaHQ/rules/windows/process_access
History
Florian Roth adbdb5b22f
Merge branch 'master' into falsepositives_NOT_a_list
2021-05-27 10:23:19 +02:00
..
sysmon_cmstp_execution.yml Merge branch 'oscd' 2021-03-02 22:58:41 +03:00
sysmon_cred_dump_lsass_access.yml att&ck tags review: windows/powershell, windows/process_access, windows/network_connection 2020-08-24 23:31:26 +00:00
sysmon_in_memory_assembly_execution.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
sysmon_invoke_phantom.yml Update sysmon_invoke_phantom.yml 2020-11-20 01:30:58 -03:00
sysmon_lazagne_cred_dump_lsass_access.yml Update sysmon_lazagne_cred_dump_lsass_access.yml 2020-11-20 01:33:04 -03:00
sysmon_load_undocumented_autoelevated_com_interface.yml Fixes and improvements 2021-04-03 00:08:55 +02:00
sysmon_lsass_dump_comsvcs_dll.yml Fix falsepositives list 2021-05-21 12:38:44 +02:00
sysmon_lsass_memdump.yml Update sysmon_lsass_memdump.yml 2020-10-15 17:17:57 -03:00
sysmon_malware_verclsid_shellcode.yml Update sysmon_malware_verclsid_shellcode.yml 2020-11-20 01:34:43 -03:00
sysmon_mimikatz_trough_winrm.yml added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes 2020-08-25 23:51:22 +00:00
win_susp_shell_spawn_from_winrm.yml Update win_susp_shell_spawn_from_winrm.yml 2021-05-22 15:28:50 +02:00