 Nasreddine Bencherchali
|
85fb255bc9
|
feat: new rules and updates
|
2023-01-17 01:00:44 +01:00 |
|
|
Tim Shelton
|
09b3e43afc
|
Removing filter specification in condition
|
2023-01-12 16:21:58 +00:00 |
|
|
redsand (Tim Shelton)
|
88308b713c
|
Update rules/windows/powershell/powershell_script/posh_ps_tamper_defender.yml
whatever you guys want, im good with. i like @neo23x0 suggestion
Co-authored-by: Florian Roth <venom14@gmail.com>
|
2023-01-12 10:14:14 -06:00 |
|
|
Tim Shelton
|
79b3c384ef
|
FP: import and use of Get-MpComputerStatus and use of aliases not being monitored
|
2023-01-06 14:04:35 +00:00 |
|
|
Nasreddine Bencherchali
|
711ba956e3
|
feat: updates and enhancements
|
2023-01-04 17:49:32 +01:00 |
|
|
frack113
|
1e5ae09c4b
|
Order yaml field
|
2022-10-26 09:43:39 +02:00 |
|
|
Nasreddine Bencherchali
|
9ef9103368
|
Update PowerShell + other rules
|
2022-08-05 17:10:41 +01:00 |
|
|
Nasreddine Bencherchali
|
238e0ecd7d
|
Update Ref+Selection
|
2022-07-11 14:11:53 +01:00 |
|
|
Florian Roth
|
a55e8f2ac1
|
refactor: PoSh Defender Tampering
|
2022-05-18 17:29:38 +02:00 |
|
|
David ANDRE
|
6c632b1ef0
|
Modified description
|
2022-05-05 17:27:35 +02:00 |
|
|
David ANDRE
|
f3dc78b9da
|
Added various disabling options of defender in posh_ps_tamper_defender.yml\nAdded match on default actions of defender to allow.
|
2022-05-05 17:25:37 +02:00 |
|
|
Florian Roth
|
b3b5b2cbdd
|
refactor: PowerShell Defender modifications
|
2022-03-03 13:53:06 +01:00 |
|
|
frack113
|
12f0d6dfab
|
Windows Redcannary
|
2022-01-16 14:47:56 +01:00 |
|