Karneades 68fd20cb66 fix: bound windows event log rules to message field ...

Fixed rules
- rules/windows/builtin/win_susp_msmpeng_crash.yml
- rules/windows/builtin/win_alert_active_directory_user_control.yml
- rules/windows/builtin/win_av_relevant_match.yml
- rules/windows/builtin/win_mal_creddumper.yml
- rules/windows/builtin/win_susp_sam_dump.yml
- rules/windows/builtin/win_alert_mimikatz_keywords.yml
- rules/windows/builtin/win_alert_enable_weak_encryption.yml

2019-11-02 11:25:29 +01:00

..

application

Fixes for Elasticsearch query correctness CI tests

2018-04-09 22:33:29 +02:00

apt

Fixed wrong backslash escaping of *

2019-10-07 22:14:44 +02:00

compliance

Added level

2019-08-05 19:51:22 +02:00

linux

rule: modified sudo vuln rule to be most generic

2019-10-20 14:02:10 +02:00

network

Merge pull request #315 from P4T12ICK/feature/net_dnc_c2_detection

2019-05-10 00:12:39 +02:00

proxy

rule: proxy malware ua - Zebrocy

2019-10-26 14:20:29 +02:00

web

Web Source Code Enumeration via .git

2019-06-08 22:40:28 -04:00

windows

fix: bound windows event log rules to message field

2019-11-02 11:25:29 +01:00