valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 17:58:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
d263b937b4
SigmaHQ/rules/windows/sysmon
History
Steven 7b679cc1f7 - Modified rules to use categories instead of hardcoded event IDs 
- Added file_delete category (Sysmon Event ID 23) to the generic translation file
2021-04-15 01:40:31 +02:00
..
.keep Keep empty sysmon directory so tests will still run 2020-10-02 11:25:30 +02:00
sysmon_accessing_winapi_in_powershell_credentials_dumping.yml Update sysmon_accessing_winapi_in_powershell_credentials_dumping.yml 2020-10-13 22:32:55 +02:00
sysmon_dcom_iertutil_dll_hijack.yml update - GitHub Action / Test Sigma 2020-10-12 21:58:02 -04:00
sysmon_wmiprvse_wbemcomn_dll_hijack.yml Fixes&improvements 2021-04-08 01:06:40 +02:00