| .. |
|
app_python_sql_exceptions.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
app_sqlinjection_errors.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
appframework_django_exceptions.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
appframework_ruby_on_rails_exceptions.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
appframework_spring_exceptions.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_apt29_thinktanks.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_babyshark.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_bear_activity_gtr19.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_carbonpaper_turla.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_chafer_mar18.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_cloudhopper.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_dragonfly.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_elise.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_emissarypanda_sep19.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_empiremonkey.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_equationgroup_c2.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_equationgroup_dll_u_load.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_equationgroup_lnx.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_hurricane_panda.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_judgement_panda_gtr19.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_oceanlotus_registry.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_pandemic.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_slingshot.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_sofacy.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_stonedrill.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_ta17_293a_ps.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_tropictrooper.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_turla_namedpipes.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_turla_service_png.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_unidentified_nov_18.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_wocao.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
apt_zxshell.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
av_exploiting.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
av_password_dumper.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
av_relevant_files.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
av_webshell.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
cleartext_protocols.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
crime_fireball.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
default_credentials_usage.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
group_modification_logging.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
host_without_firewall.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_auditd_alter_bash_profile.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_auditd_masquerading_crond.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_auditd_susp_cmds.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_auditd_susp_exe_folders.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_auditd_user_discovery.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_auditd_web_rce.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_buffer_overflows.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_clamav.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_data_compressed.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_network_sniffing.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_shell_clear_cmd_history.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_shell_susp_commands.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_shell_susp_log_entries.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_shell_susp_rev_shells.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_shellshock.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_ssh_cve_2018_15473.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_sudo_cve_2019_14287.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_susp_jexboss.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_susp_named.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_susp_ssh.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
lnx_susp_vsftp.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
net_mal_dns_cobaltstrike.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
net_susp_dns_b64_queries.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
net_susp_dns_txt_exec_strings.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
net_susp_telegram_api.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
powershell_data_compressed.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
powershell_downgrade_attack.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
powershell_exe_calling_ps.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
powershell_malicious_commandlets.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
powershell_malicious_keywords.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
powershell_ntfs_ads_access.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
powershell_prompt_credentials.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
powershell_psattack.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
powershell_shellcode_b64.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
powershell_suspicious_download.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
powershell_suspicious_invocation_generic.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
powershell_suspicious_invocation_specific.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
powershell_suspicious_keywords.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
powershell_winlogon_helper_dll.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_apt40.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_chafer_malware.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_cobalt_amazon.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_cobalt_ocsp.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_cobalt_onedrive.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_download_susp_dyndns.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_download_susp_tlds_blacklist.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_download_susp_tlds_whitelist.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_downloadcradle_webdav.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_empty_ua.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_ios_implant.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_powershell_ua.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_raw_paste_service_access.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_susp_flash_download_loc.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_telegram_api.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_ua_apt.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_ua_bitsadmin_susp_tld.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_ua_cryptominer.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_ua_frameworks.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_ua_hacktool.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_ua_malware.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_ua_suspicious.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
proxy_ursnif_malware.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_ads_executable.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_cactustorch.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_cmstp_execution.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_cobaltstrike_process_injection.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_dhcp_calloutdll.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_dns_serverlevelplugindll.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_ghostpack_safetykatz.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_logon_scripts_userinitmprlogonscript.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_lsass_memdump.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_mal_namedpipes.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_malware_backconnect_ports.ipynb
|
typo in network_initiated
|
2020-01-13 00:00:29 -05:00 |
|
sysmon_malware_verclsid_shellcode.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_mimikatz_detection_lsass.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_mimikatz_trough_winrm.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_password_dumper_lsass.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_powershell_exploit_scripts.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_powershell_network_connection.ipynb
|
typo in network_initiated
|
2020-01-13 00:00:29 -05:00 |
|
sysmon_quarkspw_filedump.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_rdp_reverse_tunnel.ipynb
|
typo in network_initiated
|
2020-01-13 00:00:29 -05:00 |
|
sysmon_rdp_settings_hijack.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_registry_persistence_key_linking.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_renamed_powershell.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_renamed_procdump.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_renamed_psexec.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_rundll32_net_connections.ipynb
|
typo in network_initiated
|
2020-01-13 00:00:29 -05:00 |
|
sysmon_ssp_added_lsa_config.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_stickykey_like_backdoor.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_susp_download_run_key.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_susp_driver_load.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_susp_file_characteristics.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_susp_image_load.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_susp_lsass_dll_load.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_susp_powershell_rundll32.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_susp_prog_location_network_connection.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_susp_rdp.ipynb
|
typo in network_initiated
|
2020-01-13 00:00:29 -05:00 |
|
sysmon_susp_reg_persist_explorer_run.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_susp_run_key_img_folder.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_suspicious_keyboard_layout_load.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_svchost_dll_search_order_hijack.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_sysinternals_eula_accepted.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_tsclient_filewrite_startup.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_uac_bypass_eventvwr.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_uac_bypass_sdclt.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_webshell_creation_detect.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_win_binary_github_com.ipynb
|
typo in network_initiated
|
2020-01-13 00:00:29 -05:00 |
|
sysmon_win_binary_susp_com.ipynb
|
typo in network_initiated
|
2020-01-13 00:00:29 -05:00 |
|
sysmon_win_reg_persistence.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_wmi_event_subscription.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_wmi_persistence_commandline_event_consumer.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_wmi_persistence_script_event_consumer_write.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
sysmon_wmi_susp_scripting.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
web_apache_segfault.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
web_apache_threading_error.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
web_citrix_cve_2019_19781_exploit.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
web_cve_2018_2894_weblogic_exploit.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
web_pulsesecure_cve-2019-11510.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
web_source_code_enumeration.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
web_webshell_keyword.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_GPO_scheduledtasks.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_account_backdoor_dcsync_rights.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_account_discovery.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_admin_rdp_login.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_admin_share_access.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_alert_active_directory_user_control.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_alert_ad_user_backdoors.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_alert_enable_weak_encryption.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_alert_lsass_access.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_alert_mimikatz_keywords.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_alert_ruler.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_apt_bluemashroom.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_apt_mustangpanda.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_atsvc_task.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_attrib_hiding_files.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_av_relevant_match.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_bypass_squiblytwo.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_change_default_file_association.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_cmdkey_recon.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_cmstp_com_object_access.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_control_panel_item.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_data_compressed_with_rar.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_dcsync.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_disable_event_logging.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_encoded_frombase64string.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_encoded_iex.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_etw_trace_evasion.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_exploit_cve_2015_1641.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_exploit_cve_2017_0261.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_exploit_cve_2017_8759.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_exploit_cve_2017_11882.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_exploit_cve_2019_1378.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_exploit_cve_2019_1388.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_external_device.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_hack_bloodhound.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_hack_rubeus.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_hack_secutyxploded.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_hack_smbexec.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_hktl_createminidump.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_hwp_exploits.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_impacket_lateralization.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_impacket_secretdump.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_install_reg_debugger_backdoor.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_kernel_and_3rd_party_drivers_exploits_token_stealing.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_lethalhta.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_lm_namedpipe.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_local_system_owner_account_discovery.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_mal_adwind.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_mal_creddumper.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_mal_ryuk.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_mal_service_installs.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_mal_ursnif.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_mal_wceaux_dll.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_malware_dridex.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_malware_dtrack.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_malware_emotet.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_malware_formbook.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_malware_notpetya.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_malware_qbot.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_malware_ryuk.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_malware_script_dropper.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_malware_trickbot_recon_activity.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_malware_wannacry.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_mavinject_proc_inj.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_mmc_spawn_shell.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_mshta_spawn_shell.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_net_ntlm_downgrade.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_netsh_fw_add.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_netsh_packet_capture.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_netsh_port_fwd.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_netsh_port_fwd_3389.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_network_sniffing.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_office_shell.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_office_spawn_exe_from_users_directory.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_overpass_the_hash.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_pass_the_hash.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_pass_the_hash_2.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_plugx_susp_exe_locations.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_possible_applocker_bypass.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_powershell_amsi_bypass.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_powershell_b64_shellcode.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_powershell_dll_execution.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_powershell_download.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_powershell_suspicious_parameter_variation.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_powershell_xor_commandline.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_powersploit_empire_schtasks.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_proc_wrong_parent.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_process_creation_bitsadmin_download.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_psexesvc_start.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_query_registry.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_ransomware_shadowcopy.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_rdp_bluekeep_poc_scanner.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_rdp_localhost_login.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_rdp_potential_cve-2019-0708.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_rdp_reverse_tunnel.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_renamed_binary.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_renamed_paexec.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_sdbinst_shim_persistence.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_service_execution.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_shell_spawn_susp_program.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_silenttrinity_stage_use.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_spn_enum.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_add_domain_trust.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_add_sid_history.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_backup_delete.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_bcdedit.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_bginfo.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_calc.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_cdb.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_certutil_command.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_certutil_encode.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_cli_escape.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_cmd_http_appdata.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_codeintegrity_check_failure.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_codepage_switch.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_compression_params.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_comsvcs_procdump.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_control_dll_load.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_copy_lateral_movement.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_csc.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_csc_folder.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_devtoolslauncher.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_dhcp_config.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_dhcp_config_failed.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_dns_config.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_dnx.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_double_extension.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_dsrm_password_change.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_dxcap.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_eventlog_clear.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_eventlog_cleared.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_exec_folder.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_execution_path.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_execution_path_webserver.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_failed_logon_reasons.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_firewall_disable.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_fsutil_usage.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_gup.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_interactive_logons.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_iss_module_install.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_kerberos_manipulation.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_lsass_dump.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_mshta_execution.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_msiexec_cwd.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_msiexec_web_install.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_msmpeng_crash.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_msoffice.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_net_execution.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_net_recon_activity.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_ntdsutil.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_ntlm_auth.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_odbcconf.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_openwith.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_outlook.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_outlook_temp.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_ping_hex_ip.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_powershell_empire_launch.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_powershell_empire_uac_bypass.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_powershell_enc_cmd.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_powershell_hidden_b64_cmd.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_powershell_parent_combo.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_procdump.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_process_creations.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_prog_location_process_starts.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_ps_appdata.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_psexec.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_psr_capture_screenshots.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_raccess_sensitive_fext.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_rasdial_activity.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_rc4_kerberos.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_recon_activity.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_regsvr32_anomalies.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_rottenpotato.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_run_locations.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_rundll32_activity.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_rundll32_by_ordinal.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_sam_dump.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_schtask_creation.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_script_execution.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_sdelete.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_security_eventlog_cleared.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_squirrel_lolbin.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_svchost.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_svchost_no_cli.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_sysprep_appdata.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_sysvol_access.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_taskmgr_localsystem.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_taskmgr_parent.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_time_modification.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_tscon_localsystem.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_tscon_rdp_redirect.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_userinit_child.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_vssadmin_ntds_activity.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_whoami.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_whoami_localsystem.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_winword_wmidll_load.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_wmi_execution.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_susp_wmi_login.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_svcctl_remote_service.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_sysmon_driver_unload.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_system_exe_anomaly.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_termserv_proc_spawn.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_tool_psexec.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_usb_device_plugged.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_user_added_to_local_administrators.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_user_creation.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_vul_java_remote_debugging.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_webshell_detection.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_webshell_spawn.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_win10_sched_task_0day.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_wmi_backdoor_exchange_transport_agent.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_wmi_persistence.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_wmi_persistence_script_event_consumer.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_wmi_spwns_powershell.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_workflow_compiler.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
win_xsl_script_processing.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
|
workstation_was_locked.ipynb
|
Sigma to Notebooks Integration
|
2020-01-11 12:59:39 -05:00 |
