19 Commits

Author	SHA1	Message	Date
frack113	f90c7558a7	update global id	2021-09-02 21:03:25 +02:00
mlp1515	cce7cfc79a	Update win_tool_psexec.yml ... French language settings	2021-08-26 12:51:45 +00:00
frack113	cf8d8d3ed4	fix TargetFilename case error	2021-08-06 08:43:05 +02:00
SomeOne	53b21d1afe	Add Sysmon EventID 11, 17 and 18 to win_tool_psexec rule	2021-05-16 15:03:58 +02:00
Jonhnathan	718792e0ba	Update win_tool_psexec.yml	2020-11-20 00:57:16 -03:00
Yugoslavskiy Daniil	5026438524	fix modified field	2020-08-25 01:29:57 +02:00
Yugoslavskiy Daniil	42c4079ed8	att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other	2020-08-25 01:09:17 +02:00
Florian Roth	e79e99c4aa	fix: fixed missing date fields in remaining files	2020-01-30 16:07:37 +01:00
Thomas Patzke	0592cbb67a	Added UUIDs to rules	2019-11-12 23:12:27 +01:00
Tareq AlKhatib	075df83118	Converted to use the new process_creation data source	2019-03-09 20:57:59 +03:00
ntim	c99dc9f643	Tagged windows powershell, other and malware rules.	2018-07-24 10:56:41 +02:00
Thomas Patzke	ada1ca94ea	JPCERT rules ... * Addition of ntdsutil.exe rule * Added new link to existing rules	2018-03-08 00:10:19 +01:00
Thomas Patzke	84645f4e59	Simplified rule conditions with new condition constructs	2018-03-06 23:14:43 +01:00
SherifEldeeb	48441962cc	Change All "str" references to be "list"to mach schema update	2018-01-28 02:24:16 +03:00
SherifEldeeb	112a0939d7	Change "reference" to "references" to match new schema	2018-01-28 02:12:19 +03:00
Florian Roth	aca70e57ec	Massive Title Cleanup	2018-01-27 10:57:30 +01:00
Thomas Patzke	986c9ff9b7	Added field names to first rules	2017-09-12 23:54:04 +02:00
Florian Roth	d1f1bd59da	Changed level of PsExec events to 'low'	2017-06-17 08:50:16 +02:00
Thomas Patzke	4fcdcc3967	Added rule for PsExec	2017-06-12 23:57:06 +02:00