security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,892 Commits 1 Branch 57 Tags
fefb8564717d69af72ededb4172bc7ec00aac734
Commit Graph

7 Commits

Author SHA1 Message Date
Florian Roth b0c2d7b75a fix: tags for WMI / execution / persistence 2021-09-01 16:34:50 +02:00
Florian Roth 1aac21ba79 fix: single list item issue 2021-09-01 14:03:42 +02:00
Florian Roth 505140d273 rule: extended WMI suspicious scripts rule 2021-09-01 13:57:48 +02:00
Florian Roth e787420be1 rule: WMI filter content encoded executable 2021-09-01 13:57:36 +02:00
Steven 850a002840 Merge branch 'master' of https://github.com/SigmaHQ/sigma 2021-04-15 01:25:48 +02:00
Steven 0c9a82af89 - Remove 'service: sysmon' since defining the categories made the rules generic 2020-10-02 09:37:52 +02:00
Steven 8b74abe0bc - Created new categories for sysmon events 
- Replaced the explicit EventIDs with the reference to the category
- Moved the rules to the corresponding directories
 2020-09-30 20:44:14 +02:00