valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-08 18:23:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
c761d05a17
SigmaHQ/rules/windows
History
yugoslavskiy c761d05a17
Update win_system_exe_anomaly.yml
2020-11-28 18:03:19 +01:00
..
builtin Update win_susp_net_recon_activity.yml 2020-11-28 08:00:07 +01:00
deprecated fix: buggy rule 2020-05-23 18:32:02 +02:00
driver_load Update sysmon_susp_driver_load.yml 2020-11-19 22:56:34 -03:00
file_event Remove additional backslash 2020-11-19 23:04:26 -03:00
image_load Remove additional backslash 2020-11-19 23:09:50 -03:00
malware Remove additional backslash 2020-11-19 23:15:38 -03:00
network_connection Remove additional backslash 2020-11-20 00:53:13 -03:00
other Update win_wmi_persistence.yml 2020-11-20 00:58:49 -03:00
powershell Update powershell_clear_powershell_history.yml 2020-11-28 09:26:18 +01:00
process_access Update sysmon_in_memory_assembly_execution.yml 2020-11-28 10:55:18 +01:00
process_creation Update win_system_exe_anomaly.yml 2020-11-28 18:03:19 +01:00
registry_event Update sysmon_susp_run_key_img_folder.yml 2020-11-28 13:54:59 -03:00
sysmon Update detection Logic 2020-11-20 02:10:27 -03:00