search

ceramicskate0 / sysmon-config

CeramicSkate0 Sysmon configuration fork file template with default high-quality event tracing
https://github.com/ceramicskate0/sysmon-config
9 stars 0 forks source link

any file create evnt with .kirbi #50

Closed ghost closed 2 years ago

ghost commented 2 years ago

rubeus detection

ceramicskate0 commented 2 years ago

and .ccache

ceramicskate0 commented 2 years ago

added to id 2 because id 11 is exclude only