search

OTRF / ThreatHunter-Playbook

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
MIT License
4.01k stars 807 forks source link

Typo in FileCreate rule in T1138_appcompat.xml #8

Closed mattifestation closed 6 years ago

mattifestation commented 6 years ago

The TargetFileName element should be TargetFilename. Changing it will allow sysmon.exe to consume the config.