valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-08 18:23:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
de53a08746
SigmaHQ/rules/windows/file_event
History
Brad Kish c758ca0eb9 Re-fix sysmon rules that are lost changes with category refactoring. 
Several fixes for sysmon rules got lost when the rules were refactored to use
categories.

Re-add the fixes.

38afd8b5de

422b2bffd7

dfae2a6df6
2020-07-06 10:55:42 -04:00
..
sysmon_creation_system_file.yml Re-fix sysmon rules that are lost changes with category refactoring. 2020-07-06 10:55:42 -04:00
sysmon_cred_dump_tools_dropped_files.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_ghostpack_safetykatz.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_hack_dumpert.yml Fixes for rules in the sysmon file_event category 2020-07-03 16:22:29 -04:00
sysmon_lsass_memory_dump_file_creation.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_office_persistence.yml refactor: sysmon rule cleanup > generlization 2020-07-01 10:58:39 +02:00
sysmon_powershell_exploit_scripts.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_quarkspw_filedump.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_redmimicry_winnti_filedrop.yml fix: renamed files and lien break change 2020-07-01 09:48:48 +02:00
sysmon_susp_adsi_cache_usage.yml Re-fix sysmon rules that are lost changes with category refactoring. 2020-07-06 10:55:42 -04:00
sysmon_susp_desktop_ini.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_susp_procexplorer_driver_created_in_tmp_folder.yml Re-fix sysmon rules that are lost changes with category refactoring. 2020-07-06 10:55:42 -04:00
sysmon_tsclient_filewrite_startup.yml Fixes for rules in the sysmon file_event category 2020-07-03 16:22:29 -04:00
sysmon_webshell_creation_detect.yml Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
sysmon_wmi_persistence_script_event_consumer_write.yml Fixes for rules in the sysmon file_event category 2020-07-03 16:22:29 -04:00
win_susp_desktopimgdownldr_file.yml docs: more references 2020-07-03 13:19:44 +02:00