{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":601534380,"defaultBranch":"master","name":"sigma","ownerLogin":"fornotes","currentUserCanPush":false,"isFork":true,"isEmpty":false,"createdAt":"2023-02-14T09:18:35.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/125354166?v=4","public":true,"private":false,"isOrgOwned":false},"refInfo":{"name":"","listCacheKey":"v0:1676367413.891505","currentOid":""},"activityList":{"items":[{"before":"f08bf81ee33e82ed30eff8055cc3a7f629d3d906","after":"22ef267aaf0a32b07c32a5223c895f26a74977dd","ref":"refs/heads/patch-7","pushedAt":"2024-07-29T20:34:27.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"nasbench","name":"Nasreddine Bencherchali","path":"/nasbench","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8741929?s=80&v=4"},"commit":{"message":"rename and metadata update","shortMessageHtmlLink":"rename and metadata update"}},{"before":"39a35c01fece0d3a35d0772f50bd0238f03835e7","after":"f08bf81ee33e82ed30eff8055cc3a7f629d3d906","ref":"refs/heads/patch-7","pushedAt":"2024-07-25T20:53:50.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fornotes","name":null,"path":"/fornotes","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/125354166?s=80&v=4"},"commit":{"message":"fix level create_remote_thread_win_target_shell_app","shortMessageHtmlLink":"fix level create_remote_thread_win_target_shell_app"}},{"before":"d5f719c231190ab4c04cae4ce0921619c1b1f6c9","after":"39a35c01fece0d3a35d0772f50bd0238f03835e7","ref":"refs/heads/patch-7","pushedAt":"2024-07-25T20:49:48.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fornotes","name":null,"path":"/fornotes","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/125354166?s=80&v=4"},"commit":{"message":"fix space create_remote_thread_win_target_shell_app","shortMessageHtmlLink":"fix space create_remote_thread_win_target_shell_app"}},{"before":"779111a0dd80c510f7e44e6515e7dac929f87231","after":"d5f719c231190ab4c04cae4ce0921619c1b1f6c9","ref":"refs/heads/patch-7","pushedAt":"2024-07-25T20:37:42.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fornotes","name":null,"path":"/fornotes","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/125354166?s=80&v=4"},"commit":{"message":"New Rule : create_remote_thread_win_target_shell_app.yml","shortMessageHtmlLink":"New Rule : create_remote_thread_win_target_shell_app.yml"}},{"before":"3ff2e635e81f218877f850b0a6a186e7d35329f2","after":"5be277ada7e87e40369092171b0e1aba99e4784f","ref":"refs/heads/master","pushedAt":"2024-07-22T15:39:44.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"nasbench","name":"Nasreddine Bencherchali","path":"/nasbench","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8741929?s=80&v=4"},"commit":{"message":"move and deprecate","shortMessageHtmlLink":"move and deprecate"}},{"before":"510b4316f778c01aec8a6b73eea62ef77ec19918","after":"05bd194d6dd147cbb89f089f4500edd40e79054f","ref":"refs/heads/patch-6","pushedAt":"2024-07-22T13:42:55.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fornotes","name":null,"path":"/fornotes","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/125354166?s=80&v=4"},"commit":{"message":"Modified Date Added file_event_win_anydesk_artefact.yml","shortMessageHtmlLink":"Modified Date Added file_event_win_anydesk_artefact.yml"}},{"before":"b3a86bba78a26ab63ee47ae5bc768e703d08b905","after":"3ff2e635e81f218877f850b0a6a186e7d35329f2","ref":"refs/heads/master","pushedAt":"2024-07-22T13:36:54.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"nasbench","name":"Nasreddine Bencherchali","path":"/nasbench","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8741929?s=80&v=4"},"commit":{"message":"Update file_access_win_teams_sensitive_files.yml","shortMessageHtmlLink":"Update file_access_win_teams_sensitive_files.yml"}},{"before":"7ec913229966cad652d9bd8e8f3497df0910a1a5","after":"510b4316f778c01aec8a6b73eea62ef77ec19918","ref":"refs/heads/patch-6","pushedAt":"2024-07-22T13:26:42.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fornotes","name":null,"path":"/fornotes","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/125354166?s=80&v=4"},"commit":{"message":"Date Updated: file_event_win_anydesk_artefact.yml","shortMessageHtmlLink":"Date Updated: file_event_win_anydesk_artefact.yml"}},{"before":"6dd993aa24c4b1f650d6bf4929d85f5edfc85c86","after":"7ec913229966cad652d9bd8e8f3497df0910a1a5","ref":"refs/heads/patch-6","pushedAt":"2024-07-19T20:30:42.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fornotes","name":null,"path":"/fornotes","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/125354166?s=80&v=4"},"commit":{"message":"Update file_event_win_anydesk_artefact.yml\n\nremoving .temp condition for TargetFileName","shortMessageHtmlLink":"Update file_event_win_anydesk_artefact.yml"}},{"before":"a805582eade0fcb116d522ec84a814e98d275ca6","after":"b3a86bba78a26ab63ee47ae5bc768e703d08b905","ref":"refs/heads/master","pushedAt":"2024-07-19T16:39:08.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fornotes","name":null,"path":"/fornotes","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/125354166?s=80&v=4"},"commit":{"message":"Update file_access_win_susp_teams.yml\n\nadded definition tag","shortMessageHtmlLink":"Update file_access_win_susp_teams.yml"}},{"before":"ef60715e71f9f0e87af4f686788e28c67f7e7bfe","after":"a805582eade0fcb116d522ec84a814e98d275ca6","ref":"refs/heads/master","pushedAt":"2024-07-19T16:36:04.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fornotes","name":null,"path":"/fornotes","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/125354166?s=80&v=4"},"commit":{"message":"Update file_access_win_susp_teams.yml\n\nremoved the definition tag","shortMessageHtmlLink":"Update file_access_win_susp_teams.yml"}},{"before":"d551178f3efedc3e20a0d19bf59d2fef77048332","after":"ef60715e71f9f0e87af4f686788e28c67f7e7bfe","ref":"refs/heads/master","pushedAt":"2024-07-19T16:28:55.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fornotes","name":null,"path":"/fornotes","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/125354166?s=80&v=4"},"commit":{"message":"Update file_access_win_susp_teams.yml\n\nfixed spacing on the line 16","shortMessageHtmlLink":"Update file_access_win_susp_teams.yml"}},{"before":"6dd993aa24c4b1f650d6bf4929d85f5edfc85c86","after":"5793a0dc5eda31305fc85a98ccb6284f0b2f1c51","ref":"refs/heads/patch-5","pushedAt":"2024-07-19T16:00:37.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fornotes","name":null,"path":"/fornotes","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/125354166?s=80&v=4"},"commit":{"message":"Update image_load_side_load_mpsvc.yml","shortMessageHtmlLink":"Update image_load_side_load_mpsvc.yml"}},{"before":"aaa4310dd530c0b12911bf187c538474f0972ff6","after":"d551178f3efedc3e20a0d19bf59d2fef77048332","ref":"refs/heads/master","pushedAt":"2024-07-18T20:57:37.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fornotes","name":null,"path":"/fornotes","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/125354166?s=80&v=4"},"commit":{"message":"original rule files removed\n\nrules\\windows\\file\\file_event\\file_event_win_access_susp_teams.yml\n\nrules\\windows\\file\\file_event\\file_event_win_access_susp_unattend_xml.yml","shortMessageHtmlLink":"original rule files removed"}},{"before":"39e957d7ee700ec27b3e7bcd796e57e4fc444854","after":"aaa4310dd530c0b12911bf187c538474f0972ff6","ref":"refs/heads/master","pushedAt":"2024-07-18T20:52:50.000Z","pushType":"push","commitsCount":1399,"pusher":{"login":"fornotes","name":null,"path":"/fornotes","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/125354166?s=80&v=4"},"commit":{"message":"moved to file event rules to file access\n\nfile_event_win_access_susp_teams.yml\nfile_event_win_access_susp_unattend_xml.yml","shortMessageHtmlLink":"moved to file event rules to file access"}},{"before":"554da0a3f86dff51a9f2e6961803e19186cda5ff","after":"5691299a50610ebaf8a7b94a17eab8808c1ed8c2","ref":"refs/heads/patch-1","pushedAt":"2024-07-11T10:42:53.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"nasbench","name":"Nasreddine Bencherchali","path":"/nasbench","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/8741929?s=80&v=4"},"commit":{"message":"Update image_load_side_load_dbgmodel.yml","shortMessageHtmlLink":"Update image_load_side_load_dbgmodel.yml"}},{"before":"dc35ae5600db2a6654a72eaeb97fa9439aabff4e","after":"0eb99d559187e2fcb1195d30ac6efac752931931","ref":"refs/heads/patch-4","pushedAt":"2024-07-10T15:51:50.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fornotes","name":null,"path":"/fornotes","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/125354166?s=80&v=4"},"commit":{"message":"Create image_load_side_load_mscorsvc","shortMessageHtmlLink":"Create image_load_side_load_mscorsvc"}},{"before":"dc35ae5600db2a6654a72eaeb97fa9439aabff4e","after":"aea51654f3a7038cdc42e139122d1321ba27f22b","ref":"refs/heads/patch-3","pushedAt":"2024-07-10T15:27:27.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fornotes","name":null,"path":"/fornotes","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/125354166?s=80&v=4"},"commit":{"message":"Create image_load_side_load_dbgmodel","shortMessageHtmlLink":"Create image_load_side_load_dbgmodel"}},{"before":"dc35ae5600db2a6654a72eaeb97fa9439aabff4e","after":"41984cad21601fc068b5366428ece00237b8ec84","ref":"refs/heads/patch-2","pushedAt":"2024-07-10T15:25:56.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fornotes","name":null,"path":"/fornotes","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/125354166?s=80&v=4"},"commit":{"message":"Create image_load_side_load_mpsvc","shortMessageHtmlLink":"Create image_load_side_load_mpsvc"}},{"before":"dc35ae5600db2a6654a72eaeb97fa9439aabff4e","after":"554da0a3f86dff51a9f2e6961803e19186cda5ff","ref":"refs/heads/patch-1","pushedAt":"2024-07-10T15:13:32.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"fornotes","name":null,"path":"/fornotes","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/125354166?s=80&v=4"},"commit":{"message":"Update image_load_side_load_from_non_system_location.yml\n\nAdded a few DLLs from hijacklibs \r\n\r\n - certcli.dll\r\n- cfgmgr32.dll\r\n- d3dx9_43.dll\r\n- sensapi.dll\r\n- textshaping.dll\r\n- wsdapi.dll\r\n\r\nAll these have expected load location:\r\n'c:\\\\windows\\\\system32\\\\*', 'c:\\\\windows\\\\syswow64\\\\*'\r\n\r\n\r\nhttps://hijacklibs.net/entries/microsoft/built-in/certcli.html\r\nhttps://hijacklibs.net/entries/microsoft/built-in/cfgmgr32.html\r\nhttps://hijacklibs.net/entries/microsoft/built-in/d3dx9_43.html\r\nhttps://hijacklibs.net/entries/microsoft/built-in/sensapi.html\r\nhttps://hijacklibs.net/entries/microsoft/built-in/textshaping.html\r\nhttps://hijacklibs.net/entries/microsoft/built-in/wsdapi.html","shortMessageHtmlLink":"Update image_load_side_load_from_non_system_location.yml"}}],"hasNextPage":false,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"startCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wNy0yOVQyMDozNDoyNy4wMDAwMDBazwAAAASMTrck","endCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wNy0xMFQxNToxMzozMi4wMDAwMDBazwAAAAR751J7"}},"title":"Activity ยท fornotes/sigma"}