security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8,994 Commits 1 Branch 57 Tags
01dc930c173e329c191245b76f05de5fa4b5da21
Commit Graph

14 Commits

Author SHA1 Message Date
Florian Roth d5eff9ef6d fix: FP with In-memory PowerShell rule and Visual Studio 2021-11-22 13:45:31 +01:00
Florian Roth a5b7a92d91 fix: FPs with Aurora 2021-11-22 12:20:21 +01:00
Tim Shelton a1c85108fa Updating author and date modified 2021-11-11 20:37:34 +00:00
Tim Shelton 9b469f21a2 adds microsoft sql server mgmt studio to allow list, along with note 2021-11-10 17:38:15 +00:00
Tim Shelton dda204bd51 updating yaml 2021-11-04 18:56:07 +00:00
Tim Shelton e266491f0a adding obsoletes tags 2021-11-04 18:36:55 +00:00
nsaddler 8d1b863182 Update sysmon_in_memory_powershell.yml 2020-10-18 01:16:11 +03:00
nsaddler 28c8b56473 Update sysmon_in_memory_powershell.yml 2020-10-12 19:05:08 +03:00
Florian Roth de5444a81e Merge pull request #989 from oscd-initiative/master 
[OSCD Initiative][ATT&CK tags update]
 2020-09-08 13:27:58 +02:00
ecco ebc1d38027 fix in memory powershell false positive 2020-09-06 09:25:56 -04:00
Yugoslavskiy Daniil 42c4079ed8 att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other 2020-08-25 01:09:17 +02:00
Aidan Bracher dcf20e580d Updated tags to include sub-techniques 2020-07-18 02:50:57 +01:00
ecco 905f1b3823 add WMI and powershell false positives 2020-07-09 10:26:54 -04:00
Florian Roth f3fedef8f5 Changed category names and remove sysmon log source 2020-06-24 17:41:21 +02:00