This website requires JavaScript.
Explore
Help
Sign In
CSEC_PUBLIC
/
hayabusa
Watch
1
Star
0
Fork
0
You've already forked hayabusa
Code
Issues
Pull Requests
Packages
Projects
Releases
Wiki
Activity
Files
46b0594150f79a15992cc451384f4e204c673dd3
hayabusa
/
rules
/
sigma
/
file_event
History
…
..
file_event_advanced_ip_scanner.yml
…
file_event_apt_unidentified_nov_18.yml
…
file_event_cve_2021_31979_cve_2021_33771_exploits.yml
…
file_event_cve_2021_41379_msi_lpe.yml
…
file_event_hack_dumpert.yml
…
file_event_hktl_createminidump.yml
…
file_event_hktl_nppspy.yml
…
file_event_lsass_dump.yml
…
file_event_mal_adwind.yml
…
file_event_mal_vhd_download.yml
…
file_event_mimikatz_kirbi_file_creation.yml
…
file_event_moriya_rootkit.yml
…
file_event_pingback_backdoor.yml
…
file_event_script_creation_by_office_using_file_ext.yml
…
file_event_susp_system_interactive_powershell.yml
…
file_event_susp_task_write.yml
…
file_event_tool_psexec.yml
…
file_event_uac_bypass_winsat.yml
…
file_event_uac_bypass_wmp.yml
…
file_event_win_shell_write_susp_directory.yml
…
file_event_winrm_awl_bypass.yml
…
file_event_wmiprvse_wbemcomn_dll_hijack.yml
…
sysmon_creation_system_file.yml
…
sysmon_cred_dump_tools_dropped_files.yml
…
sysmon_cve_2021_26858_msexchange.yml
…
sysmon_detect_powerup_dllhijacking.yml
…
sysmon_ghostpack_safetykatz.yml
…
sysmon_lsass_memory_dump_file_creation.yml
…
sysmon_office_persistence.yml
…
sysmon_outlook_newform.yml
…
sysmon_pcre_net_temp_file.yml
…
sysmon_powershell_exploit_scripts.yml
…
sysmon_powershell_startup_shortcuts.yml
…
sysmon_quarkspw_filedump.yml
…
sysmon_redmimicry_winnti_filedrop.yml
…
sysmon_startup_folder_file_write.yml
…
sysmon_susp_adsi_cache_usage.yml
…
sysmon_susp_clr_logs.yml
…
sysmon_susp_desktop_ini.yml
…
sysmon_susp_pfx_file_creation.yml
…
sysmon_susp_procexplorer_driver_created_in_tmp_folder.yml
…
sysmon_suspicious_powershell_profile_create.yml
…
sysmon_tsclient_filewrite_startup.yml
…
sysmon_uac_bypass_consent_comctl32.yml
…
sysmon_uac_bypass_dotnet_profiler.yml
…
sysmon_uac_bypass_ieinstal.yml
…
sysmon_uac_bypass_msconfig_gui.yml
…
sysmon_uac_bypass_ntfs_reparse_point.yml
…
sysmon_webshell_creation_detect.yml
…
sysmon_wmi_persistence_script_event_consumer_write.yml
…
win_cve_2021_1675_printspooler.yml
…
win_file_winword_cve_2021_40444.yml
…
win_hivenightmare_file_exports.yml
…
win_net_share_obj_susp_desktop_ini.yml
…
win_outlook_c2_macro_creation.yml
…
win_rclone_exec_file.yml
…
win_susp_desktopimgdownldr_file.yml
…