 phantinuss
|
f5ca5c0579
|
fix: FPs from fresh Windows 2022 install
|
2022-04-07 14:15:44 +02:00 |
|
|
phantinuss
|
9376859b06
|
fix: remove duplicate list entry
|
2022-04-06 17:14:34 +02:00 |
|
|
phantinuss
|
4780447102
|
fix: FPs from fresh Win7 install
|
2022-04-06 17:07:00 +02:00 |
|
|
frack113
|
0288f5b626
|
fix condition operator case
|
2021-09-10 13:51:52 +02:00 |
|
|
wagga40
|
11df697cdc
|
Updated rules with modifiers instead of '*' and remove trailing '\\'
|
2021-06-27 14:51:29 +02:00 |
|
|
Steven
|
0c9a82af89
|
- Remove 'service: sysmon' since defining the categories made the rules generic
|
2020-10-02 09:37:52 +02:00 |
|
|
Steven
|
8b74abe0bc
|
- Created new categories for sysmon events
- Replaced the explicit EventIDs with the reference to the category
- Moved the rules to the corresponding directories
|
2020-09-30 20:44:14 +02:00 |
|