security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d14e287cdf91e2a8b995de5bfbc3fa8540c1922b
blue-team-tools/tests/test-base64offset-all.yml
T

10 lines
212 B
YAML
Raw Normal View History

Wrapping base64offset modified expansion group into ConditionOR
2022-05-01 23:07:25 +02:00
title: Testrule
logsource:
category: process_creation
product: windows
detection:
selection:
CommandLine|base64offset|contains|all:
- foo
- bar
condition: selection
Reference in New Issue Copy Permalink