 Moti-H
|
ff4242dadd
|
feat: add new application vulnerability rules (#4034)
|
2023-02-15 12:29:53 +01:00 |
|
|
frack113
|
2bd14e4953
|
Small update
- Change service to audit
- Add operation
|
2023-01-22 08:55:24 +01:00 |
|
|
Nasreddine Bencherchali
|
5416935cec
|
feat: update logsource with new service
|
2023-01-21 11:33:48 +01:00 |
|
|
Nasreddine Bencherchali
|
1c340493c6
|
fix: broken logsource
|
2023-01-17 01:13:50 +01:00 |
|
|
Nasreddine Bencherchali
|
e5fe4d5f46
|
feat: update config files
- Update indentation of config files to 4
- Add new event logs
|
2023-01-17 01:00:24 +01:00 |
|
|
frack113
|
2b0b680775
|
Merge pull request #3925 from frack113/lsa-server
Microsoft-Windows-LSA
|
2023-01-13 18:24:43 +01:00 |
|
|
Nasreddine Bencherchali
|
c7f1f52b7b
|
fix: apply suggestions from code review
|
2023-01-13 18:19:32 +01:00 |
|
|
frack113
|
deeac89f36
|
Add lsa-server
|
2023-01-13 17:56:02 +01:00 |
|
|
frack113
|
2be462d2cf
|
Add UserName for taskscheduler
|
2023-01-13 13:13:53 +01:00 |
|
|
Nasreddine Bencherchali
|
debd658aac
|
feat: new rules related to appx packages
|
2023-01-11 23:04:37 +01:00 |
|
|
frack113
|
fbae1f3055
|
Merge pull request #3889 from frack113/iso_evtx
Add win_vhdmp_mount_iso.yml
|
2023-01-11 18:05:50 +01:00 |
|
|
frack113
|
5cff2d2b3f
|
Update logsource.json
|
2023-01-10 21:53:35 +01:00 |
|
|
frack113
|
9b550f6858
|
Add win_vhdmp_mount_iso
|
2023-01-09 10:19:41 +01:00 |
|
|
frack113
|
d6059d801b
|
Filename normalisation
|
2023-01-07 08:52:11 +01:00 |
|
|
frack113
|
ed1a91b53f
|
remove duplicate value
|
2023-01-04 19:42:16 +01:00 |
|
|
frack113
|
7d5fb8db30
|
update logsource
|
2023-01-04 19:36:37 +01:00 |
|
|
frack113
|
756a248032
|
update logsource
|
2023-01-04 18:52:24 +01:00 |
|
|
Nasreddine Bencherchali
|
3bd12552bb
|
feat: add bitlocker channel
|
2023-01-02 22:19:32 +01:00 |
|
|
frack113
|
c62d624892
|
Use W3C cs-uri-query
|
2023-01-02 18:56:34 +01:00 |
|
|
frack113
|
41c850e00b
|
Use W3C cs-uri-query
|
2023-01-02 18:45:50 +01:00 |
|
|
frack113
|
a1a94a0b66
|
Update W3C field name
|
2023-01-02 16:39:55 +01:00 |
|
|
frack113
|
8720356684
|
Update field name
|
2023-01-02 15:49:45 +01:00 |
|
|
frack113
|
0e8d1f9b0d
|
Check field name
|
2023-01-02 10:59:51 +01:00 |
|
|
frack113
|
27f3ba9257
|
Add linux auditd
|
2023-01-01 13:18:51 +01:00 |
|
|
frack113
|
6d0b86aae3
|
Keep only sysmon linux used
|
2022-12-31 19:14:40 +01:00 |
|
|
frack113
|
c2ce5d01fc
|
Add sysmon linux v1.0.2
|
2022-12-31 18:08:11 +01:00 |
|
|
frack113
|
3c2e1a6a3e
|
add new test
|
2022-12-30 16:00:42 +01:00 |
|