valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-06 17:35:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
c202d39acd
SigmaHQ/rules/windows/other
History
frack113 bcf40fa4e4 Fix logsource not a string
2021-09-27 18:59:05 +02:00
..
win_defender_amsi_trigger.yml add missing tags 2021-09-01 19:38:35 +02:00
win_defender_bypass.yml att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other 2020-08-25 01:09:17 +02:00
win_defender_disabled.yml split global win_defender_disabled.yml 2021-09-21 10:24:52 +02:00
win_defender_exclusions.yml split global win_defender_exclusions.yml 2021-09-21 10:16:25 +02:00
win_defender_history_delete.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
win_defender_psexec_wmi_asr.yml fix typos, update tags 2020-09-13 15:46:45 +02:00
win_defender_tamper_protection_trigger.yml Added and updated Defender's tamper related rules 2021-07-05 20:30:07 +05:45
win_defender_threat.yml add missing tags 2021-09-01 19:38:35 +02:00
win_exchange_proxyshell_certificate_generation.yml feat: Add rule for malicious CSR export on Exchange 2021-08-23 11:20:30 +02:00
win_exchange_proxyshell_mailbox_export.yml refactor: removed old rule that uses Message field 2021-08-12 09:27:50 +02:00
win_exchange_proxyshell_remove_mailbox_export.yml detection for proxyshell MSF module 2021-08-31 12:51:16 +02:00
win_exchange_transportagent_failed.yml fix filename 2021-09-22 18:45:08 +02:00
win_lateral_movement_condrv.yml Fix logsource not a string 2021-09-27 18:59:05 +02:00
win_ldap_recon.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
win_pcap_drivers.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
win_possible_zerologon_exploitation_using_wellknown_tools.yml fix: Correct incorrect message / keyword usage 2021-08-12 16:28:07 +02:00
win_rare_schtask_creation.yml att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other 2020-08-25 01:09:17 +02:00
win_security_wmi_persistence.yml split global win_wmi_persistence.yml 2021-09-21 09:56:03 +02:00
win_system_defender_disabled.yml split global win_defender_disabled.yml 2021-09-21 10:24:52 +02:00
win_tool_psexec.yml split global win_tool_psexec.yml 2021-09-21 10:10:48 +02:00
win_wmi_persistence.yml split global win_wmi_persistence.yml 2021-09-21 09:56:03 +02:00