security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,779 Commits 1 Branch 57 Tags
da54e89f3045fdf23daa2dbdfd712aceb393ae90
Commit Graph

9 Commits

Author SHA1 Message Date
Aidan Bracher dcf20e580d Updated tags to include sub-techniques 2020-07-18 02:50:57 +01:00
Florian Roth d0c09f10a9 changed newline character to LF 2020-07-15 16:46:44 +02:00
Bart 308420bf7f Update sysmon_dllhost_net_connections.yml 
Fix @
 2020-07-13 21:20:55 +02:00
Bart 007f62ba01 Add Dllhost WAN access 2020-07-13 21:12:37 +02:00
Thomas Patzke 939156fa6d Introduced dns_query log source category 2020-07-05 23:29:51 +02:00
Brad Kish 8b3b312c4e Proposed fix for https://github.com/Neo23x0/sigma/issues/889 
This change removes dns events from the network connection category. The
one change is that sysmon_regsvr32_network_activity.yml needs to test
the network connection category separately from the DNS event id.
 2020-07-03 16:28:19 -04:00
Florian Roth 9c0f9f398f refactor: sysmon rule cleanup > generlization 2020-07-01 10:58:39 +02:00
Florian Roth f3fedef8f5 Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00
Steven Goossens e5f36dd146 Added rules files split into folders 2020-06-10 16:32:30 +02:00