blue-team-tools/rules/windows at e366cc15b5d161c88051fd589ea042b9c4134bfa - blue-team-tools - GreySec Git

security-tools/blue-team-tools

Files

T

History

Florian Roth e366cc15b5 rule: new services with two ampersands

2022-07-05 16:02:06 +02:00

..

rule: new services with two ampersands

2022-07-05 16:02:06 +02:00

create_remote_thread

fix: FP with git.exe

2022-06-30 18:25:31 +02:00

create_stream_hash

refactor: rule level adjustments - critical to high

2022-06-18 17:43:22 +02:00

rule cleanup and new rules

2022-06-27 16:35:22 +02:00

refactor condition

2022-06-03 15:35:24 +02:00

refactor: remove now unnecessary filters

2022-06-30 17:36:49 +02:00

Add "\" to "Image|endswith" modifier

2022-06-02 13:39:07 +01:00

Update file_event_win_uac_bypass_idiagnostic_profile.yml

2022-07-04 14:03:26 +01:00

fix: wrong field selection

2022-07-01 12:29:23 +02:00

docs: rules adjusted

2022-06-21 17:21:55 +02:00

network_connection

Merge pull request #3193 from SigmaHQ/rule-devel

2022-07-03 16:30:36 +02:00

fix: FPs found in testing environment

2022-06-20 16:17:54 +02:00

Fix Error

2022-06-28 22:40:42 +01:00

New Rules

2022-07-01 16:56:45 +01:00

process_creation

Merge branch 'SigmaHQ:master' into master

2022-07-04 18:47:53 +01:00

raw_access_thread

…

Merge branch 'master' into rule-devel

2022-07-04 19:07:35 +02:00

…

refactor: rule adjustments based on hayabusa

2022-06-18 08:39:02 +02:00