issues
search
olafhartong
/
sysmon-modular
A repository of sysmon configuration modules
MIT License
2.62k
stars
586
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
More ps script policy test exclusion
#207
ipfyx
opened
3 weeks ago
0
Fix some typo
#206
ipfyx
opened
3 weeks ago
1
fix incorrection logic exclusion for Powershell PipeEvent
#205
ipfyx
opened
3 weeks ago
0
Adding .jse extension to include_javascript.xml
#204
fornotes
opened
1 month ago
0
Update include_possible_dll_injection.xml
#203
fornotes
opened
1 month ago
0
Update include_microsoft_cmstp.xml
#202
fornotes
opened
1 month ago
0
Improving Sysmon config parsing
#201
MihhailSokolov
opened
4 months ago
0
FileDelete Issue, cannot remove C:\Sysmon locked .dlls
#200
deathrig07
opened
5 months ago
4
Config causing 35 second delay opening modern MS Office file formats (.docx & .xlsx etc)
#199
smogm
opened
6 months ago
1
Error 255 appears, please help me figure it out.
#198
h3nkbleck
opened
6 months ago
2
Incorrect rule format?
#197
3ch035
opened
6 months ago
0
User condition in exclusions for RegistryEvents
#196
schwf5
opened
7 months ago
0
ImageLoad detections from hijacklibs.net
#195
nterl0k
opened
7 months ago
0
Exclusion Trend Micro WFBS
#194
s3-schneider
opened
8 months ago
0
Duplicates
#193
PiRomant
opened
9 months ago
0
included image load of dbghelp.dll or dbgcore.dll
#192
swachchhanda000
opened
9 months ago
0
KAV exclusion
#190
PiRomant
opened
10 months ago
0
Testing branch bpm master
#189
Cyber74-Brian-McCaleb
closed
10 months ago
0
change 25 include_all to include on match
#188
clairmont32
opened
10 months ago
1
XML Issue with sysmonconfig-excludes-only.xml
#187
jvossler
opened
11 months ago
0
Create include_Havoc_C2.xml
#186
giomke
opened
1 year ago
0
Suggested additions to Microsoft Defender ProcessCreation event
#185
cyb3rxp
opened
1 year ago
0
Suggested additions to TrendMicro ProcessCreation event exclusion
#184
cyb3rxp
opened
1 year ago
0
Update for Kaspersky Modules
#183
maiconjs
opened
1 year ago
0
Fixed filename typos.
#182
fahersom
opened
1 year ago
0
Several Updates
#181
gs3cl
closed
5 months ago
0
disable blocking download of an executable
#180
Yaxser
opened
1 year ago
0
#178 - Adds schema update for research configuration file.
#179
Korving-F
opened
1 year ago
0
Super verbose config missing from Azure Pipelines
#178
Korving-F
opened
1 year ago
0
Updates - PSExec_PSH - SecureBoot - Office Process Creation - Zoom
#177
DCData-OPS
opened
1 year ago
0
Update exclude_svchost.xml
#176
giomke
opened
1 year ago
0
Version 15 updates
#175
olafhartong
closed
1 year ago
0
Add WMI-based Sysmon file archive quota generation
#174
zbalkan
closed
1 year ago
1
Event ID 8 - CreateRemoteThread - Appends to bottom of config
#173
Cyber74-Brian-McCaleb
opened
1 year ago
0
In line 1616 could be a typo
#172
Andeandes
closed
1 year ago
1
(Updated) Workflows, priority sorting for rules, rule improvements
#171
cnnrshd
closed
1 year ago
3
Update to Workflows, Priority Sorting for Rules, and fixes for Rules
#170
cnnrshd
closed
1 year ago
0
Create 23 exclusion for Sophos Endpoint journalling temporary files
#169
jaybirnuw
closed
1 year ago
1
Repo Folder index
#168
afg-jmck
opened
1 year ago
0
Sysmon 14.14 - Anti-Tamper Controls?
#167
bobby-mack
opened
1 year ago
3
Default config - file deletes are being archived
#166
leepfrog-ger
closed
1 year ago
4
Fixing a Typo in the Event ID 26 Folder Name
#165
benmontour
closed
1 year ago
1
Display file name when XML load fails
#164
thefunch
closed
1 year ago
1
Managing multiple customer config example
#163
oddieHA
opened
1 year ago
0
TYPO?
#162
LasseKrache
closed
1 year ago
1
excluding symantec and wmiadap
#161
alwashali
closed
1 year ago
0
Ignore blank lines when loading inclusions
#160
defensivedepth
closed
1 year ago
0
Changed vassadmin.exe to vssadmin.exe
#159
kevinelwell
closed
1 year ago
0
Update to line 163 in sysmonconfig-mde-augment.xml
#158
kevinelwell
closed
1 year ago
2
Fix InclusionFolder error
#157
defensivedepth
closed
1 year ago
1
Next