├── .gitmodules
├── LICENSE
├── README.md
├── Sigma_Workshop_Slides.pdf
├── challenges
    ├── 1-Mimikatz_2.1.1_Hashes.txt
    └── 2-NetPass_Parameters.txt
├── command-lines.txt
├── config
    └── sigmac-config.yml
├── docker-compose.yml
├── es-search2bulk.sh
├── kibana_index_pattern.ndjson
├── sigma_workshop_es_logs.bulk.json
├── sigma_workshop_prepare_es.sh
├── solutions
    ├── encoded_ping-generic.yml
    ├── mimikatz_2.1.1_hashes-generic.yml
    ├── mimikatz_2.1.1_hashes.yml
    ├── netpass_parameters-generic.yml
    ├── netpass_parameters.yml
    └── wce_injection.yml
└── winlogbeat-6.4.0-custom.template.json


/.gitmodules:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/.gitmodules


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/LICENSE


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/README.md


--------------------------------------------------------------------------------
/Sigma_Workshop_Slides.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/Sigma_Workshop_Slides.pdf


--------------------------------------------------------------------------------
/challenges/1-Mimikatz_2.1.1_Hashes.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/challenges/1-Mimikatz_2.1.1_Hashes.txt


--------------------------------------------------------------------------------
/challenges/2-NetPass_Parameters.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/challenges/2-NetPass_Parameters.txt


--------------------------------------------------------------------------------
/command-lines.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/command-lines.txt


--------------------------------------------------------------------------------
/config/sigmac-config.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/config/sigmac-config.yml


--------------------------------------------------------------------------------
/docker-compose.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/docker-compose.yml


--------------------------------------------------------------------------------
/es-search2bulk.sh:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/es-search2bulk.sh


--------------------------------------------------------------------------------
/kibana_index_pattern.ndjson:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/kibana_index_pattern.ndjson


--------------------------------------------------------------------------------
/sigma_workshop_es_logs.bulk.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/sigma_workshop_es_logs.bulk.json


--------------------------------------------------------------------------------
/sigma_workshop_prepare_es.sh:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/sigma_workshop_prepare_es.sh


--------------------------------------------------------------------------------
/solutions/encoded_ping-generic.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/solutions/encoded_ping-generic.yml


--------------------------------------------------------------------------------
/solutions/mimikatz_2.1.1_hashes-generic.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/solutions/mimikatz_2.1.1_hashes-generic.yml


--------------------------------------------------------------------------------
/solutions/mimikatz_2.1.1_hashes.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/solutions/mimikatz_2.1.1_hashes.yml


--------------------------------------------------------------------------------
/solutions/netpass_parameters-generic.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/solutions/netpass_parameters-generic.yml


--------------------------------------------------------------------------------
/solutions/netpass_parameters.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/solutions/netpass_parameters.yml


--------------------------------------------------------------------------------
/solutions/wce_injection.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/solutions/wce_injection.yml


--------------------------------------------------------------------------------
/winlogbeat-6.4.0-custom.template.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/thomaspatzke/sigma-workshop/HEAD/winlogbeat-6.4.0-custom.template.json


--------------------------------------------------------------------------------