valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 17:58:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
c7e9522f29
SigmaHQ/rules/windows/process_access
History
yugoslavskiy c7e9522f29
Merge pull request #1077 from uchakin/oscd 
[OSCD] UAC bypass added
2021-01-05 23:06:24 +03:00
..
sysmon_cmstp_execution.yml Update sysmon_cmstp_execution.yml 2020-10-15 17:16:50 -03:00
sysmon_cred_dump_lsass_access.yml att&ck tags review: windows/powershell, windows/process_access, windows/network_connection 2020-08-24 23:31:26 +00:00
sysmon_in_memory_assembly_execution.yml Update sysmon_in_memory_assembly_execution.yml 2020-11-28 10:55:18 +01:00
sysmon_invoke_phantom.yml Update sysmon_invoke_phantom.yml 2020-11-20 01:30:58 -03:00
sysmon_lazagne_cred_dump_lsass_access.yml Update sysmon_lazagne_cred_dump_lsass_access.yml 2020-11-20 01:33:04 -03:00
sysmon_load_undocumented_autoelevated_com_interface.yml Update sysmon_load_undocumented_autoelevated_com_interface.yml 2020-10-15 23:37:11 +03:00
sysmon_lsass_memdump.yml Update sysmon_lsass_memdump.yml 2020-10-15 17:17:57 -03:00
sysmon_malware_verclsid_shellcode.yml Update sysmon_malware_verclsid_shellcode.yml 2020-11-20 01:34:43 -03:00
sysmon_mimikatz_trough_winrm.yml added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes 2020-08-25 23:51:22 +00:00