Commits

Commits on Sep 6, 2024

Merge PR SigmaHQ#5002 from @secDre4mer - Update Potential CommandLine Obfuscation Using Unicode Characters rules

secDre4mer
and
nasbench
authored

Commits on Sep 3, 2024

Merge PR SigmaHQ#4995 from @secDre4mer - Add Process Deletion of Its Own Executable

secDre4mer
and
nasbench
authored

Commits on Aug 27, 2024

Merge PR SigmaHQ#4985 from @secDre4mer - Update Potential Active Directory Reconnaissance/Enumeration Via LDAP
secDre4mer
authored

Commits on Mar 2, 2024

Merge PR SigmaHQ#4750 from @secDre4mer - Fix false positive with Potential Credential Dumping Activity Via LSASS rule
secDre4mer
authored

Commits on Oct 21, 2022

fix: FP with conhost / csrss
secDre4mer
committed

Commits on Oct 20, 2022

Merge pull request SigmaHQ#3614 from phantinuss/master
secDre4mer
authored

Commits on Aug 23, 2022

Commits on Jun 7, 2022

feat: new rule for persistence using Office startup
secDre4mer
committed

Commits on Jun 2, 2022

feat: Add rule for renamed browser core execution
secDre4mer
committed

Commits on Apr 14, 2022

feat: Add rule for equation editor network connections
secDre4mer
committed

Commits on Apr 13, 2022

fix: copy / paste issues
secDre4mer
committed

Commits on Mar 29, 2022

fix: filter null image in process creation rule
secDre4mer
committed

Commits on Mar 15, 2022

feat: Add log sources for process listing within THOR
secDre4mer
committed

Commits on Jan 25, 2022

Commits on Dec 14, 2021

fix: correct FP filter
secDre4mer
committed

Commits on Dec 13, 2021

feat: Add finer powershell log source distinguation
secDre4mer
committed

Commits on Dec 9, 2021

Commits on Sep 21, 2021

Commits on Aug 23, 2021

feat: Add rule for malicious CSR export on Exchange
secDre4mer
committed

Commits on Aug 16, 2021

Commits on Aug 13, 2021

Commits on Aug 12, 2021

fix: Correct incorrect message / keyword usage
secDre4mer
committed