Add SHA1 Support to Sophos Rule and Add System Provider

WithSecureLabs / chainsaw

Rapidly Search and Hunt through Windows Forensic Artefacts

GNU General Public License v3.0

2.7k stars 242 forks source link

Add SHA1 Support to Sophos Rule and Add System Provider #133

Closed reece394 closed 1 year ago

reece394 commented 1 year ago

Thanks for fixing issue #132! I tested it there and everything works as expected. With this PR I added SHA1 Support based on the Events I have seen from Sophos System Protection and added it as a Provider