From fdd28556cf4c061da53eb52f97c7c82eeeada4ae Mon Sep 17 00:00:00 2001
From: Jonhnathan <jonhnathancesar@gmail.com>
Date: Thu, 19 Nov 2020 22:48:20 -0300
Subject: [PATCH] Fix ref

---
 .../builtin/win_suspicious_outbound_kerberos_connection.yml     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/windows/builtin/win_suspicious_outbound_kerberos_connection.yml b/rules/windows/builtin/win_suspicious_outbound_kerberos_connection.yml
index c975f68f7..6b172fb38 100644
--- a/rules/windows/builtin/win_suspicious_outbound_kerberos_connection.yml
+++ b/rules/windows/builtin/win_suspicious_outbound_kerberos_connection.yml
@@ -3,7 +3,7 @@ id: eca91c7c-9214-47b9-b4c5-cb1d7e4f2350
 status: experimental
 description: Detects suspicious outbound network activity via kerberos default port indicating possible lateral movement or first stage PrivEsc via delegation.
 references:
-    - https://github.com/GhostPack/Rubeus8
+    - https://github.com/GhostPack/Rubeus
 author: Ilyas Ochkov, oscd.community
 date: 2019/10/24
 modified: 2019/11/13