Ali Hussein

> HI, There are allready some rules : > > * https://github.com/SigmaHQ/sigma/blob/master/rules/windows/process_creation/proc_creation_win_vscode_tunnel_service_install.yml > * https://github.com/SigmaHQ/sigma/blob/master/rules/windows/process_creation/proc_creation_win_vscode_tunnel_renamed_execution.yml > * https://github.com/SigmaHQ/sigma/blob/master/rules/windows/process_creation/proc_creation_win_vscode_tunnel_execution.yml > * https://github.com/SigmaHQ/sigma/blob/master/rules/windows/dns_query/dns_query_win_vscode_tunnel_communication.yml > > I'm surprised by the the field `ProcessVersionInfoProductName`...

> > ProcessVersionInfoProductName > > In the sysmon event (but not in the windows 4688) you have: > > * Description > * Product > * Company > * OriginalFileName...

Can this get merged?

> > Can this get merged? > > Are you in a rush or something? hahhaha nope all good

I think I am unable to create pull request can you help me add this new sigma rule https://github.com/0xAnalyst/sigma/blob/master/rules/windows/network_connection/net_connection_win_domain_Bublup.yml @nasbench @frack113 title: Potential Data Exfiltration to Bublup.com id: 61b9d488-49f6-44e5-a9fa-d0a4dfdbfd85 status:...

> Please stop opening new pull requests. One pull request is enough. More is just spamming. Apologize for that It was my first pull request and didn't know how to...

> Please revise the GPT-generated list of blocked file extensions. I suggest putting them in a separate file, as awesome lists are references to information not information. > > >...

@sindresorhus @avidseeker anything more to be done here?

> > [ ✅ ] You have to review at least 2 other open pull requests. > > Try to prioritize unreviewed PRs, but you can also add more comments...

> I think the linter needs to also run on pushes to the main branch what exactly is needed here?