security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,661 Commits 1 Branch 57 Tags
58b68758b4e5c8fcaec8d8b6b95b5e1f273df481
Commit Graph

5 Commits

Author SHA1 Message Date
Thomas Patzke 939156fa6d Introduced dns_query log source category 2020-07-05 23:29:51 +02:00
Brad Kish 8b3b312c4e Proposed fix for https://github.com/Neo23x0/sigma/issues/889 
This change removes dns events from the network connection category. The
one change is that sysmon_regsvr32_network_activity.yml needs to test
the network connection category separately from the DNS event id.
 2020-07-03 16:28:19 -04:00
Florian Roth 9c0f9f398f refactor: sysmon rule cleanup > generlization 2020-07-01 10:58:39 +02:00
Florian Roth f3fedef8f5 Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
Steven Goossens e5f36dd146 Added rules files split into folders 2020-06-10 16:32:30 +02:00