valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 17:58:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
ebd9973dcb
SigmaHQ/rules/windows/process_access
History
Jonhnathan ebd9973dcb
Update sysmon_lazagne_cred_dump_lsass_access.yml
2020-11-20 01:32:41 -03:00
..
sysmon_cmstp_execution.yml Update sysmon_cmstp_execution.yml 2020-10-15 17:16:50 -03:00
sysmon_cred_dump_lsass_access.yml att&ck tags review: windows/powershell, windows/process_access, windows/network_connection 2020-08-24 23:31:26 +00:00
sysmon_in_memory_assembly_execution.yml Improve logic 2020-11-20 01:30:01 -03:00
sysmon_invoke_phantom.yml Update sysmon_invoke_phantom.yml 2020-11-20 01:30:58 -03:00
sysmon_lazagne_cred_dump_lsass_access.yml Update sysmon_lazagne_cred_dump_lsass_access.yml 2020-11-20 01:32:41 -03:00
sysmon_lsass_memdump.yml Update sysmon_lsass_memdump.yml 2020-10-15 17:17:57 -03:00
sysmon_malware_verclsid_shellcode.yml Update sysmon_malware_verclsid_shellcode.yml 2020-10-15 17:19:06 -03:00
sysmon_mimikatz_trough_winrm.yml added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes 2020-08-25 23:51:22 +00:00