Skip to content

Pull requests: SwiftOnSecurity/sysmon-config

New pull request New
29 Open 66 Closed
29 Open 66 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Add overview documentation for Sysmon configuration
#187 opened Jul 21, 2023 by jsypower Loading…
Patch FileCreate include - Capture .xsl instead of .xls
#186 opened Jul 20, 2023 by jsypower Loading…
Accept EULA cannot combine with loading a config
#180 opened May 12, 2023 by HenkPoley Loading…
1
Line 239 registry formatting
#179 opened Mar 29, 2023 by kevinelwell Loading…
Add pwsh.exe to list of suspicious Windows tools
#176 opened Jan 28, 2023 by connorcarnes Loading…
Added Installscript
#174 opened Dec 23, 2022 by bytew0lf Loading…
Many errors when install
#170 opened Oct 18, 2022 by MrAndrii Loading…
1
Add some "TargetFilename" in "SYSMON EVENT ID 15" section
#164 opened Feb 21, 2022 by matcha-shake Loading…
Update the Antivirus Tampering configuration, using general condition
#160 opened Oct 18, 2021 by hieuttmmo Loading…
1
test
#159 opened Sep 13, 2021 by w09rkerbee Loading…
1
Add Splunk exclusions per sysmon-modular
#156 opened Jul 30, 2021 by DustyMMiller Loading…
1
Registry key to detect definitions of Windows Defender Exclusions
#155 opened Jul 12, 2021 by phantinuss Loading…
Outlook Webview URL changes
#154 opened Jun 14, 2021 by humpalum Loading…
Added named pipe used by Cobalt Strike
#150 opened May 26, 2021 by WojciechLesicki Loading…
Fix FileDelete example.
#149 opened May 26, 2021 by sigalpes Loading…
Add exclusion for WUDFHost.exe to Event 11
#148 opened Apr 19, 2021 by lord-garmadon Loading…
Corrected event name for Event ID 23
#147 opened Apr 16, 2021 by lord-garmadon Loading…
Monitor for .js files for Microsoft JScript
#146 opened Apr 7, 2021 by KevinDeNotariis Loading…
Added WinRM ports and Service names
#145 opened Mar 16, 2021 by tobor88 Loading…
1
Add ASP files for webshells
#144 opened Mar 8, 2021 by GossiTheDog Loading…
Update NetworkConnect rule to fix Metasploit default port
#143 opened Mar 6, 2021 by brokenvhs Loading…
Ransomware artifacts added to File Creation config
#140 opened Feb 18, 2021 by sduff Loading…
2
MiniNT registry key check
#130 opened Sep 9, 2020 by ThisIsNotTheUserYouAreLookingFor Loading…
2
Added detection for CVE-2017-0199 and CVE-2017-8759.
#118 opened May 21, 2020 by d4rk-d4nph3 Loading…
2
Printer port changes as used in CVE-2020-1048
#115 opened May 15, 2020 by Neo23x0 Loading…
ProTip! Add no:assignee to see everything that’s not assigned.