valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 17:58:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
e5849a08f1
SigmaHQ/rules/windows/image_load
History
wagga40 ae670603e8 Updated PrintNightmare Sysmon Imageload based rule with modifiers
2021-07-01 21:34:53 +02:00
..
sysmon_abusing_azure_browser_sso.yml Update the azure image_load rule to be a generic sysmon rule 2020-12-23 16:29:49 -05:00
sysmon_alternate_powershell_hosts_moduleload.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_cve_2021_1675_print_nightmare.yml Updated PrintNightmare Sysmon Imageload based rule with modifiers 2021-07-01 21:34:53 +02:00
sysmon_in_memory_powershell.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_mimikatz_inmemory_detection.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_pcre_net_load.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_powershell_execution_moduleload.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_scrcons_imageload_wmi_scripteventconsumer.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_fax_dll.yml att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other 2020-08-25 01:09:17 +02:00
sysmon_susp_image_load.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_office_dotnet_assembly_dll_load.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_office_dotnet_clr_dll_load.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_office_dotnet_gac_dll_load.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_office_dsparse_dll_load.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_office_kerberos_dll_load.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_python_image_load.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_script_dotnet_clr_dll_load.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_system_drawing_load.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_winword_vbadll_load.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_susp_winword_wmidll_load.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_suspicious_dbghelp_dbgcore_load.yml att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other 2020-08-25 01:09:17 +02:00
sysmon_svchost_dll_search_order_hijack.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_tttracer_mod_load.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_uac_bypass_via_dism.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_uipromptforcreds_dlls.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_unsigned_image_loaded_into_lsass.yml att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other 2020-08-25 01:09:17 +02:00
sysmon_wmi_module_load.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_wmi_persistence_commandline_event_consumer.yml att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other 2020-08-25 01:09:17 +02:00
sysmon_wmic_remote_xsl_scripting_dlls.yml Merging upstream updates 2021-07-01 12:18:30 +05:45
sysmon_wsman_provider_image_load.yml Merging upstream updates 2021-07-01 12:18:30 +05:45