 Austin Songer
|
cba78fc5e6
|
Update azure_container_registry_created_or_deleted.yml
|
2021-08-08 15:12:23 -05:00 |
|
|
Austin Songer
|
f7e7be15ba
|
Update azure_kubernetes_service_account_modified_or_deleted.yml
|
2021-08-08 15:12:04 -05:00 |
|
|
Austin Songer
|
74f4493352
|
Update azure_kubernetes_cluster_created_or_deleted.yml
|
2021-08-08 15:11:47 -05:00 |
|
|
Austin Songer
|
01ef593727
|
Update azure_kubernetes_rolebinding_modified_or_deleted.yml
|
2021-08-08 15:11:31 -05:00 |
|
|
Florian Roth
|
013095961a
|
Merge pull request #1803 from SigmaHQ/rule-devel
rule: ProxyShell improved
|
2021-08-08 19:16:57 +02:00 |
|
|
Florian Roth
|
5443298092
|
rule: ProxyShell improved
|
2021-08-08 18:52:49 +02:00 |
|
|
Austin Songer
|
4e645c1033
|
Create azure_kubernetes_network_policy_change.yml
|
2021-08-08 01:17:01 -05:00 |
|
|
Austin Songer
|
a584a01a9a
|
Delete azure_kubernetes_network_policy_change.yml
|
2021-08-08 01:16:30 -05:00 |
|
|
Austin Songer
|
e6261f4269
|
Create azure_kubernetes_network_policy_change.yml
|
2021-08-08 01:16:18 -05:00 |
|
|
Austin Songer
|
d46f0a870e
|
Delete azure_kubernetes_network_policy_change.yml
|
2021-08-08 01:15:55 -05:00 |
|
|
Austin Songer
|
357ca31382
|
Create azure_kubernetes_network_policy_change.yml
|
2021-08-08 01:15:23 -05:00 |
|
|
Austin Songer
|
3e914d5bf5
|
Rename azure_kubernetes_sensitive_role_access.yml to azure_kubernetes_role_access.yml
|
2021-08-08 01:10:53 -05:00 |
|
|
Austin Songer
|
44cddffa80
|
Update azure_kubernetes_sensitive_role_access.yml
|
2021-08-08 01:10:27 -05:00 |
|
|
Austin Songer
|
4ea6d47fcb
|
Update azure_kubernetes_sensitive_role_access.yml
|
2021-08-08 01:00:25 -05:00 |
|
|
Austin Songer
|
fd8bd68479
|
Create azure_kubernetes_sensitive_role_access.yml
|
2021-08-08 00:59:35 -05:00 |
|
|
frack113
|
1f9b2a915c
|
fix too many empty line
|
2021-08-08 07:05:11 +02:00 |
|
|
Austin Songer
|
ed542fb931
|
Create azure_kubernetes_service_account_modified_or_deleted.yml
|
2021-08-07 23:02:25 -05:00 |
|
|
Austin Songer
|
441d6a19f5
|
Delete azure_kubernetes_service_account_modified_or_deleted.yml
|
2021-08-07 23:01:46 -05:00 |
|
|
Austin Songer
|
98f4b40914
|
Create azure_kubernetes_service_account_modified_or_deleted.yml
|
2021-08-07 23:01:27 -05:00 |
|
|
Austin Songer
|
a6f57b462a
|
Create azure_container_registry_created_or_deleted.yml
|
2021-08-07 22:58:11 -05:00 |
|
|
Austin Songer
|
fb88fe58bc
|
Create azure_kubernetes_cluster_created_or_deleted.yml
|
2021-08-07 22:18:28 -05:00 |
|
|
Austin Songer
|
ad9284e771
|
Update and rename azure_kubernetes_clusterrolebinding_modified_or_deleted.yml to azure_kubernetes_rolebinding_modified_or_deleted.yml
|
2021-08-07 15:30:10 -05:00 |
|
|
Austin Songer
|
39aaf04598
|
Create azure_kubernetes_clusterrolebinding_modified_or_deleted.yml
|
2021-08-07 13:05:19 -05:00 |
|
|
Austin Songer
|
e09197d0ce
|
Merge branch 'SigmaHQ:master' into master
|
2021-08-07 13:03:05 -05:00 |
|
|
frack113
|
bacb44ab97
|
Merge pull request #1780 from Sam0x90/master
Adding detection rule for esentutl utility
|
2021-08-07 16:23:45 +02:00 |
|
|
frack113
|
f75f8fabab
|
fix file name
|
2021-08-07 15:54:43 +02:00 |
|
|
frack113
|
07d21c58e8
|
Update process_susp_esentutl_params.yaml
|
2021-08-07 15:49:25 +02:00 |
|
|
Lei Chen
|
4c3a7007e6
|
Update README.md
|
2021-08-07 21:13:19 +08:00 |
|
|
frack113
|
89ee63f63b
|
Merge pull request #1791 from SigmaHQ/rule-devel
More rules - including the ones for ProxyShell
|
2021-08-07 11:49:16 +02:00 |
|
|
Florian Roth
|
9be9e4a24f
|
fix: more changes to incomplete windivert rule
|
2021-08-07 11:22:44 +02:00 |
|
|
frack113
|
f6980edc66
|
fix english : normalize
|
2021-08-07 11:16:24 +02:00 |
|
|
frack113
|
b3ce189120
|
Merge pull request #1793 from wagga40/master
Add a sigma2CSV tool to convert rules to CSV for stats purpose #1787
|
2021-08-07 11:08:49 +02:00 |
|
|
wagga40
|
f7d116a472
|
Add a sigma2CSV tool to convert rules to CSV for stats purpose #1787
|
2021-08-07 10:32:12 +02:00 |
|
|
Florian Roth
|
88a721a1ab
|
docs: add space in title
|
2021-08-07 10:13:05 +02:00 |
|
|
Florian Roth
|
1dcf25878c
|
Merge branch 'rule-devel' of https://github.com/SigmaHQ/sigma into rule-devel
|
2021-08-07 10:10:48 +02:00 |
|
|
Florian Roth
|
0a8904a61e
|
fix: issues with new rule
|
2021-08-07 10:10:12 +02:00 |
|
|
frack113
|
5f89a29ea7
|
fix file name
|
2021-08-07 10:01:23 +02:00 |
|
|
Florian Roth
|
1ac49a2055
|
rule: ProxyShell patterns
|
2021-08-07 09:22:24 +02:00 |
|
|
Austin Songer
|
210ca90d48
|
Delete azure_kubernetes_secret_or_config_object_access.yml
|
2021-08-07 02:11:47 -05:00 |
|
|
Austin Songer
|
0a15340d25
|
Create azure_kubernetes_secret_or_config_object_access.yml
|
2021-08-07 02:11:11 -05:00 |
|
|
frack113
|
2333defde7
|
add hash_normalise option
|
2021-08-07 08:24:36 +02:00 |
|
|
Florian Roth
|
c0360cd1ca
|
change name and line breaks
|
2021-08-06 18:53:08 +02:00 |
|
|
Florian Roth
|
d5b23e049d
|
Merge pull request #1782 from frack113/fix_TargetFilename_case
Correct TargetFilename case error
|
2021-08-06 18:49:47 +02:00 |
|
|
Florian Roth
|
7de55075f7
|
fix: condition
|
2021-08-06 18:45:38 +02:00 |
|
|
Florian Roth
|
d69e2333c8
|
various fixes
|
2021-08-06 18:44:54 +02:00 |
|
|
Florian Roth
|
e02b85dc99
|
'--start-with-win' is pretty specific
|
2021-08-06 18:41:14 +02:00 |
|
|
Ján Trenčanský
|
2f3b48c347
|
Fix title
|
2021-08-06 14:18:30 +02:00 |
|
|
Ján Trenčanský
|
516e1ade6d
|
Silent installation of AnyDesk
|
2021-08-06 14:06:35 +02:00 |
|
|
Theo Guidoux
|
b7e301b639
|
add field selection to sql backend option
|
2021-08-06 11:46:00 +02:00 |
|
|
frack113
|
f4bef0fc39
|
Add Microsoft-Windows-Windows Defender/Operational
|
2021-08-06 11:12:34 +02:00 |
|