| 
							
							
								 hegusung | eb9dfdee17 | Update Shell32.yml Tags Added Tags:
Execute EXE
Execute CMD | 2024-10-13 18:27:37 +02:00 |  | 
			
				
					| 
							
							
								 hegusung | a28f2a756a | Update Shdocvw.yml Tags Added Tags:
Execute EXE | 2024-10-13 18:26:39 +02:00 |  | 
			
				
					| 
							
							
								 hegusung | b1d0a85d2e | Update Setupapi.yml Tags Changed Input: INF to Execute:INF for consistency | 2024-10-13 18:25:38 +02:00 |  | 
			
				
					| 
							
							
								 hegusung | 25047c34d9 | Update Pcwutl.yml Tags Added Tags:
Execute EXE | 2024-10-13 18:21:47 +02:00 |  | 
			
				
					| 
							
							
								 hegusung | 98dde3b672 | Update Mshtml.yml Tags Added Tags:
Executable HTA | 2024-10-13 18:20:21 +02:00 |  | 
			
				
					| 
							
							
								 hegusung | 0672acf1da | Update Ieframe.yml Tags Added Tags:
Execute: EXE | 2024-10-13 18:19:05 +02:00 |  | 
			
				
					| 
							
							
								 hegusung | f09cfa5b8c | Update Ieadvpack.yml Tags Added Tags:
- Execute INF
- Execute EXE
- Execute CMD | 2024-10-13 18:16:43 +02:00 |  | 
			
				
					| 
							
							
								 hegusung | f086057104 | Update Dfshim.yml Tags Added Tags:
- Execute: ClickOnce
- Execute: Remote | 2024-10-13 18:14:56 +02:00 |  | 
			
				
					| 
							
							
								 hegusung | 87241b3051 | Update Desk.yml Tags Added Tags:
Execute: EXE
Execute: Remote | 2024-10-13 18:13:30 +02:00 |  | 
			
				
					| 
							
							
								 hegusung | e25d9fa435 | Update Advpack.yml Tags Added Tags:
Execute: INF
Execute: EXE
Execute: CMD | 2024-10-13 18:10:51 +02:00 |  | 
			
				
					| 
							
							
								 frack113 | 2cc01b0113 | Add Detection Sigma ref (#368) | 2024-04-19 18:53:37 +01:00 |  | 
			
				
					| 
							
							
								 Wietze | ebbf08ec4d | Adding tags (closes #9, #318) (#362) * Adding various tags as a first iteration
* Adding quotes
* Adding 'Custom Format' properly
* Updating to key:value pairs
* Update template | 2024-04-03 11:53:36 -04:00 |  | 
			
				
					| 
							
							
								 frack113 | 4f83231697 | Update old sigma link (#303) * Update SigmaHQ ref
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
* Update SigmaHQ ref
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
* Update SigmaHq ref
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
* Update SigmaHq ref
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
---------
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com> | 2023-10-18 11:30:34 -04:00 |  | 
			
				
					| 
							
							
								 eral4m | e4c2371a26 | Adding scrobj.dll, shimgvw.dll INetCache downloader entries (#189) Co-authored-by: Wietze <wietze@users.noreply.github.com> | 2023-08-05 16:50:52 +01:00 |  | 
			
				
					| 
							
							
								 frack113 | e8ea28d4e9 | Update SigmaHQ ref (#301) Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com> | 2023-06-19 22:40:24 +01:00 |  | 
			
				
					| 
							
							
								 frack113 | 1072d3dc34 | Add sigma ref Detection (#272) * Add sigma ref
* Add missing sigma ref
* Fix sigma link
* Remove by Defender
* Remove by Defender | 2022-12-29 09:51:15 -05:00 |  | 
			
				
					| 
							
							
								 Wietze | 67e1040172 | Merge remote-tracking branch 'upstream/master' into windows_11_sprint | 2022-10-03 16:18:57 +01:00 |  | 
			
				
					| 
							
							
								 xenoscr | 654cdd2d61 | Fixing file formating. | 2022-09-11 01:33:36 -04:00 |  | 
			
				
					| 
							
							
								 xenoscr | 98813fe01b | Fixing errors found in yaml lint action. | 2022-09-11 01:07:18 -04:00 |  | 
			
				
					| 
							
							
								 xenoscr | c24cad7868 | Adding missing OperatingSystem values. | 2022-09-10 23:48:38 -04:00 |  | 
			
				
					| 
							
							
								 xenoscr | 371d1cf2cc | Correcting case in Usecase key names. | 2022-09-10 23:45:28 -04:00 |  | 
			
				
					| 
							
							
								 xenoscr | a040ca3e40 | Adding missing OperatingSystem values to Ieadvpack.yml | 2022-09-10 23:41:38 -04:00 |  | 
			
				
					| 
							
							
								 xenoscr | f5baac1c45 | Adding missing authors | 2022-09-10 23:37:10 -04:00 |  | 
			
				
					| 
							
							
								 xenoscr | 0ed1694bf1 | Correcting 'AWL bypass' to 'AWL Bypass' | 2022-09-10 22:55:32 -04:00 |  | 
			
				
					| 
							
							
								 xenoscr | ce36f924fc | Removing extra --- from each yaml file | 2022-09-10 22:16:47 -04:00 |  | 
			
				
					| 
							
							
								 Wietze | 7797a1967c | Merge branch 'master' into windows_11_sprint | 2022-05-24 08:38:50 +01:00 |  | 
			
				
					| 
							
							
								 Chris "Lopi" Spehn | e872ce028b | Merge pull request #214 from jstnk9/master Added new sigma rule and references to desk.cpl | 2022-05-19 10:21:21 -06:00 |  | 
			
				
					| 
							
							
								 Wietze | b333db4f91 | Fixing typo (ieaframe -> ieframe) | 2022-05-15 21:06:33 +01:00 |  | 
			
				
					| 
							
							
								 jstnk9 | 00bc9177bd | Added new sigma rule and references Added new sigma rule and references | 2022-05-15 16:42:44 +02:00 |  | 
			
				
					| 
							
							
								 Wietze | 2b20998371 | Remove redundant powershell command from comsvcs entry | 2022-05-05 11:18:39 +01:00 |  | 
			
				
					| 
							
							
								 Wietze | b92ee99627 | Addressing @bohops's feedback | 2022-05-05 11:12:22 +01:00 |  | 
			
				
					| 
							
							
								 bohops | d93539bf9b | Quick fix for syntax and removed IOC | 2022-04-29 23:06:41 -04:00 |  | 
			
				
					| 
							
							
								 cr1sp4 | 666e6e8645 | Update Desk.yml (#210) Added Sigma rules. | 2022-04-29 22:52:57 -04:00 |  | 
			
				
					| 
							
							
								 Wietze | 619aafbfa2 | Adding extra contributor to Desk.cpl entry | 2022-04-28 13:01:35 +01:00 |  | 
			
				
					| 
							
							
								 Wietze | 4a8bdf4844 | Fix casing on Desk.cpl entry | 2022-04-27 11:20:13 +01:00 |  | 
			
				
					| 
							
							
								 LuxNoBu!!shit | 6ed0fb9326 | Create Desk.cpl (#207) Co-authored-by: Wietze <wietze@users.noreply.github.com> | 2022-04-27 11:15:15 +01:00 |  | 
			
				
					| 
							
							
								 Wietze | 085aaa37b1 | Adding more missed-out entries | 2021-12-15 11:50:18 +00:00 |  | 
			
				
					| 
							
							
								 Wietze | 6793a7d238 | Fixing various issues identified | 2021-12-14 16:50:22 +00:00 |  | 
			
				
					| 
							
							
								 Wietze | adf171d089 | Applying minor format changes (incorrectly formatted dates, typos, etc.) | 2021-12-14 15:53:03 +00:00 |  | 
			
				
					| 
							
							
								 Wietze | 754a451e76 | Updating entries that have been confirmed to be working on Windows 11 (21H2) | 2021-12-14 15:51:43 +00:00 |  | 
			
				
					| 
							
							
								 Wietze | 39d4e815af | Minor formatting changes (redudant backslashes, incorrect dates, typos, etc.) | 2021-12-14 14:57:32 +00:00 |  | 
			
				
					| 
							
							
								 bohops | 23dd0236ae | Detection Resources and Other Updates (#179) * Add detection links for scripts
* Add detection links for OtherMSBins. Fixed and updated as needed.
* Add detection links for MSBins. Fixed and updated as needed.
* Add detection links for oslibraries
* Updating template for Detections
* Removing empty Detection:Sigma entries
* Remove redundant blank line
* Replacing commit URL with file URL
Co-authored-by: root <root@DESKTOP-5CR935D.localdomain>
Co-authored-by: Wietze <wietze@users.noreply.github.com> | 2021-11-15 08:19:03 -05:00 |  | 
			
				
					| 
							
							
								 Wietze | 2380c506d4 | LSASS realign to T1003.001 | 2021-11-05 20:35:58 +00:00 |  | 
			
				
					| 
							
							
								 Wietze | 4f7ec8d2af | MITRE ATT&CK realignment sprint | 2021-11-05 18:58:26 +00:00 |  | 
			
				
					| 
							
							
								 Oddvar Moe | 9f9af1cfee | Merge branch 'master' into feat/yamllinting | 2021-10-22 15:20:35 +02:00 |  | 
			
				
					| 
							
							
								 Filipe Spencer Lopes | b0a321e4c4 | Too many whitespaces | 2021-03-09 14:58:44 +01:00 |  | 
			
				
					| 
							
							
								 Filipe Spencer Lopes | a232cfa007 | Too many empty lines | 2021-03-09 14:57:47 +01:00 |  | 
			
				
					| 
							
							
								 Wietze | 2e08819eef | Fix Usecase field | 2021-01-10 15:54:00 +00:00 |  | 
			
				
					| 
							
							
								 Wietze | 5ec4de562b | Fixed acknowledgements | 2021-01-10 15:45:25 +00:00 |  | 
			
				
					| 
							
							
								 Wietze | 38f9a0a032 | Fixed incorrect MItreLink | 2021-01-10 15:26:27 +00:00 |  |