search

SwiftOnSecurity / sysmon-config

Sysmon configuration file template with default high-quality event tracing
4.79k stars 1.71k forks source link

Typo with rtf #64

Closed polylogyx closed 5 years ago

polylogyx commented 6 years ago

In the FilleEvent "include" filters, it says

".rft"[--RTF files often 0day malware vectors when opened by Office-]

It should be ".rtf"

robertstrom commented 6 years ago

I just saw this one myself ... you beat me to it.

.rft
SwiftOnSecurity commented 5 years ago

Got this fixed thanks