Nasreddine Bencherchali 7ada37a364 Update file_event_win_winword_cve_2021_40444.yml

2022-06-17 12:17:28 +01:00

..

builtin

fix: FPs with BITS rule

2022-06-12 17:30:17 +02:00

create_remote_thread

Add "\" to "Image|endswith" modifier

2022-06-02 13:39:07 +01:00

create_stream_hash

…

dns_query

refactor condition

2022-06-03 15:35:24 +02:00

driver_load

refactor condition

2022-06-03 15:35:24 +02:00

file_access

Redcannary test

2022-05-01 11:34:54 +02:00

file_delete

Add "\" to "Image|endswith" modifier

2022-06-02 13:39:07 +01:00

file_event

Update file_event_win_winword_cve_2021_40444.yml

2022-06-17 12:17:28 +01:00

file_rename

fix: casing of OriginalFileName

2022-06-08 17:14:49 +02:00

image_load

Add "\" to "Image|endswith" modifier

2022-06-02 13:39:07 +01:00

network_connection

Add "\" to "Image|endswith" modifier

2022-06-02 13:39:07 +01:00

pipe_created

refactor condition

2022-06-03 15:35:24 +02:00

powershell

False positive - another amazon module filter

2022-06-08 19:00:12 +00:00

process_access

fix: FP and typo

2022-06-03 15:20:07 +02:00

process_creation

Update proc_creation_win_lolbin_openconsole.yml

2022-06-16 23:41:57 +01:00

raw_access_thread

…

registry

Update registry_set_enabling_turnoffcheck.yml

2022-06-15 11:49:38 -04:00

sysmon

fix: FPs from fresh Windows install

2022-04-06 16:09:53 +02:00

wmi_event

refactor condition

2022-06-03 15:35:24 +02:00