valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-06 17:35:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
e5383be163
SigmaHQ/rules/apt
History
Florian Roth ad53cc7cc2 Rule: Sysmon Turla Commands
2017-11-08 00:33:17 +01:00
..
apt_apt29_tor.yml Converted Windows 4688-only rules into 4688 and Sysmon/1 collections 2017-11-01 22:12:14 +01:00
apt_carbonpaper_turla.yml Rule: Carbon Paper Framework Service (Turla) 2017-03-31 19:25:41 +02:00
apt_cloudhopper.yml Added field names to first rules 2017-09-12 23:54:04 +02:00
apt_equationgroup_c2.yml Fix: Rule identifier in EQGRP C2 rule 2017-04-15 23:32:56 +02:00
apt_equationgroup_lnx.yml Equation Group Script/Tool Commands 2017-04-09 20:11:56 +02:00
apt_pandemic.yml Added field names to first rules 2017-09-12 23:54:04 +02:00
apt_stonedrill.yml Improved StoneDrill Rule 2017-03-31 19:25:10 +02:00
apt_ta17_293a_ps.yml US CERT TA17-293A report - renamed PsExec execution 2017-10-22 12:55:26 +02:00
apt_turla_commands.yml Rule: Sysmon Turla Commands 2017-11-08 00:33:17 +01:00
apt_turla_namedpipes.yml Sysmon: Named Pipe detection for Turla malware by @markus_neis 2017-11-06 14:22:09 +01:00
apt_zxshell.yml Added field names to first rules 2017-09-12 23:54:04 +02:00
crime_fireball.yml Added field names to first rules 2017-09-12 23:54:04 +02:00