blue-team-tools

Author	SHA1	Message	Date
Florian Roth	c2ed7bd9df	MSHTA Rule v1	2017-04-13 01:08:37 +02:00
Florian Roth	a0047f7c67	Sysmon as 'service' of product 'windows'	2017-03-13 09:23:08 +01:00
Michael Haag	1317fe9df2	Modifications + Added Sysmon detection of Office binaries spawning Windows shells + Additional web servers added for webshell detection	2017-03-04 14:22:44 -08:00