yugoslavskiy
82f23c5f63
Merge pull request #477 from zinint/oscd
add 13 new rules:
- rules/linux/auditd/lnx_auditd_masquerading_crond.yml
- rules/linux/auditd/lnx_auditd_user_discovery.yml
- rules/linux/auditd/lnx_data_compressed.yml
- rules/linux/auditd/lnx_network_sniffing.yml
- rules/windows/powershell/powershell_data_compressed.yml
- rules/windows/powershell/powershell_winlogon_helper_dll.yml
- rules/windows/process_creation/win_change_default_file_association.yml
- rules/windows/process_creation/win_data_compressed_with_rar.yml
- rules/windows/process_creation/win_local_system_owner_account_discovery.yml
- rules/windows/process_creation/win_network_sniffing.yml
- rules/windows/process_creation/win_query_registry.yml
- rules/windows/process_creation/win_service_execution.yml
- rules/windows/process_creation/win_xsl_script_processing.yml
modify 1 rule:
- rules/windows/process_creation/win_possible_applocker_bypass.yml
2019-11-05 04:55:29 +03:00
..
2019-11-05 04:55:29 +03:00
2017-02-28 17:53:32 +01:00
2018-08-25 00:20:34 +02:00
2018-01-28 02:24:16 +03:00
2019-09-26 12:53:13 -04:00
2019-09-06 11:29:42 -04:00
2019-02-05 16:12:07 +01:00
2017-05-02 20:32:38 +02:00
2019-04-03 01:07:07 +02:00
2018-01-28 02:24:16 +03:00
2018-08-24 16:40:41 +02:00
2019-10-20 14:02:10 +02:00
2018-06-28 09:30:31 +02:00
2018-11-08 23:21:36 +01:00
2018-02-20 14:56:28 +01:00
2018-02-20 13:44:06 +01:00
2018-01-28 02:24:16 +03:00