search

SwiftOnSecurity / sysmon-config

Sysmon configuration file template with default high-quality event tracing
4.74k stars 1.7k forks source link

Fixed .rtf (was .rft) #48

Closed al45tair closed 3 years ago

al45tair commented 6 years ago

On line 476, the rule to match RTF files was matching on ".rft", not ".rtf".