Nasreddine Bencherchali
edf0ff5cc8
new: Lazarus APT DLL Sideloading Activity new: File Download From IP Based URL Via CertOC.EXE new: File Download From IP URL Via Curl.EXE update: Remote Thread Creation By Uncommon Source Image update: Remote Thread Creation In Uncommon Target Image update: ADSI-Cache File Creation By Uncommon Tool update: Files With System Process Name In Unsuspected Locations update: PowerShell Module File Created By Non-PowerShell Process update: PSScriptPolicyTest Creation By Uncommon Process update: Suspicious LNK Double Extension File Created update: PowerShell Profile Modification update: Alternate PowerShell Hosts Pipe update: File Download via CertOC.EXE update: Suspicious File Download From IP Via Curl.EXE update: Arbitrary File Download Via GfxDownloadWrapper.EXE update: Potentially Suspicious Office Document Executed From Trusted Location --------- Co-authored-by: phantinuss <79651203+phantinuss@users.noreply.github.com>
22 lines
548 B
Plaintext
22 lines
548 B
Plaintext
# https://yamllint.readthedocs.io/en/latest/configuration.html
|
|
extends: default
|
|
|
|
ignore:
|
|
- .github/
|
|
- deprecated/
|
|
- other/godmode_sigma_rule.yml
|
|
- tests/
|
|
- unsupported/
|
|
|
|
rules:
|
|
comments:
|
|
require-starting-space: true
|
|
min-spaces-from-content: 1
|
|
comments-indentation: disable
|
|
document-start: {present: false}
|
|
empty-lines: {max: 2, max-start: 2, max-end: 2}
|
|
indentation: {spaces: 4, indent-sequences: whatever}
|
|
line-length: disable
|
|
new-line-at-end-of-file: enable
|
|
trailing-spaces: {}
|