Nasreddine Bencherchali 70f3f4fa88 Create win_susp_psloglist.yml ...

- The flags can be used with both "-" and "/" characters.
- This rule aims to detect any usage of psloglist, no matter if the binary is with the original name or not. This is achieved by looking for both the image name and the specific command line arguments

2021-12-18 21:52:05 +01:00

..

application

Change status for old rules

2021-11-27 11:33:14 +01:00

apt

Change status for old rules

2021-11-27 11:33:14 +01:00

cloud

feat: discourage the usage of 'all of them' and migrate existing rules to use the preferred method 'all of selection*'

2021-12-02 14:47:39 +01:00

compliance

fix field name

2021-11-23 18:47:42 +01:00

generic

Change status for old rules

2021-11-27 11:33:14 +01:00

linux

Update pattern

2021-12-10 16:45:42 +01:00

network

Merge branch 'master' into rule-devel

2021-11-29 11:00:25 +01:00

proxy

rule: APT UA - new user agent

2021-12-01 14:20:05 +01:00

web

typo

2021-12-16 12:12:37 -05:00

windows

Create win_susp_psloglist.yml

2021-12-18 21:52:05 +01:00