Merge pull request #751 from zaphodef/fix/powershell_ntfs_ads_access

Add 'Add-Content' to powershell_ntfs_ads_access
2020-05-26 13:20:40 +02:00
parent e131f3476e 1a598282f4
commit ce1f46346f
1 changed files with 1 additions and 0 deletions
@@ -16,6 +16,7 @@ logsource:
 detection:
    keyword1:
        - "set-content"
+        - "add-content"
    keyword2:
        - "-stream"
    condition: keyword1 and keyword2