├── .github
    └── workflows
    │   └── Update.yml
├── .gitignore
├── .gitmodules
├── .pdm-python
├── LICENSE
├── README.md
├── README.md.back
├── gen_ruleset.py
├── pdm.lock
├── pyproject.toml
├── rules_linux.json
├── rules_windows_generic.json
├── rules_windows_generic_full.json
├── rules_windows_generic_high.json
├── rules_windows_generic_medium.json
├── rules_windows_generic_pysigma.json
├── rules_windows_sysmon.json
├── rules_windows_sysmon_full.json
├── rules_windows_sysmon_high.json
├── rules_windows_sysmon_medium.json
└── rules_windows_sysmon_pysigma.json


/.github/workflows/Update.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/.github/workflows/Update.yml


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/.gitignore


--------------------------------------------------------------------------------
/.gitmodules:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/.gitmodules


--------------------------------------------------------------------------------
/.pdm-python:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/.pdm-python


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/LICENSE


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/README.md


--------------------------------------------------------------------------------
/README.md.back:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/README.md.back


--------------------------------------------------------------------------------
/gen_ruleset.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/gen_ruleset.py


--------------------------------------------------------------------------------
/pdm.lock:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/pdm.lock


--------------------------------------------------------------------------------
/pyproject.toml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/pyproject.toml


--------------------------------------------------------------------------------
/rules_linux.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/rules_linux.json


--------------------------------------------------------------------------------
/rules_windows_generic.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/rules_windows_generic.json


--------------------------------------------------------------------------------
/rules_windows_generic_full.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/rules_windows_generic_full.json


--------------------------------------------------------------------------------
/rules_windows_generic_high.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/rules_windows_generic_high.json


--------------------------------------------------------------------------------
/rules_windows_generic_medium.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/rules_windows_generic_medium.json


--------------------------------------------------------------------------------
/rules_windows_generic_pysigma.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/rules_windows_generic_pysigma.json


--------------------------------------------------------------------------------
/rules_windows_sysmon.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/rules_windows_sysmon.json


--------------------------------------------------------------------------------
/rules_windows_sysmon_full.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/rules_windows_sysmon_full.json


--------------------------------------------------------------------------------
/rules_windows_sysmon_high.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/rules_windows_sysmon_high.json


--------------------------------------------------------------------------------
/rules_windows_sysmon_medium.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/rules_windows_sysmon_medium.json


--------------------------------------------------------------------------------
/rules_windows_sysmon_pysigma.json:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wagga40/Zircolite-Rules/HEAD/rules_windows_sysmon_pysigma.json


--------------------------------------------------------------------------------