Yugoslavskiy Daniil e04b896cbc fix tags

2020-08-29 21:34:20 +02:00

..

builtin

fix modified field

2020-08-25 01:29:57 +02:00

deprecated

fix: buggy rule

2020-05-23 18:32:02 +02:00

driver_load

att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other

2020-08-25 01:09:17 +02:00

file_event

att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other

2020-08-25 01:09:17 +02:00

image_load

att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other

2020-08-25 01:09:17 +02:00

malware

Further subtechnique updates

2020-06-17 11:31:40 -06:00

network_connection

added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes

2020-08-25 23:51:22 +00:00

other

fix modified field

2020-08-25 01:29:57 +02:00

powershell

added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes

2020-08-25 23:51:22 +00:00

process_access

added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes

2020-08-25 23:51:22 +00:00

process_creation

fix tags

2020-08-29 21:34:20 +02:00

registry_event

remove false positives in Windows being too broad and add specific keys looked at + add keys from wow64

2020-08-18 05:28:37 -04:00

sysmon

review windows/sysmon

2020-08-29 02:03:28 +02:00