blue-team-tools

Author	SHA1	Message	Date
$frack113$ frack113	4631d0c482	remove invalid tag	2022-01-19 18:23:30 +01:00
$frack113$ frack113	f7e670d55e	Simple Quote	2022-01-11 13:40:53 +01:00
Tim Shelton	4d0f62aff7	adding back tick per https://docs.microsoft.com/en-us/powershell/scripting/lang-spec/chapter-02?view=powershell-7.2	2022-01-10 20:51:28 +00:00
Tim Shelton	4a110e369c	fixing yaml	2022-01-10 20:45:55 +00:00
Tim Shelton	eaf49e3697	adding double quote	2022-01-10 20:44:59 +00:00
Tim Shelton	fa19eeb0f8	checks for join with space or quote or double quote in order to reduce fps	2022-01-10 20:44:35 +00:00
$frack113$ frack113	73f258e2d1	Change double quote to quote	2022-01-06 14:02:35 +01:00
Tim Shelton	0c283ab767	adding false positive filter for amazon ssm-document-worker	2021-11-29 21:51:19 +00:00
$frack113$ frack113	01dc930c17	Change status for old rules	2021-11-27 11:33:14 +01:00
e6e6e	98c412044a	att&ck tags review: windows/process_creation part 5 added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes	2020-09-07 02:00:41 +04:00
e6e6e	7ae76b8d99	Revert "att&ck tags review: windows/process_creation part 5" This reverts commit `e94c47e74e`.	2020-09-07 01:28:08 +04:00
e6e6e	e94c47e74e	att&ck tags review: windows/process_creation part 5 added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes	2020-09-07 01:19:41 +04:00
Harish SEGAR	9c74018e12	Added new rule for pwsh_xor_cmd (sysmon)	2020-06-29 22:18:25 +02:00
Harish SEGAR	5e740fd7b2	Added new rule for pwsh_xor_cmd (sysmon)	2020-06-29 22:13:49 +02:00
Ivan Kirillov	0fbfcc6ba9	Initial round of subtechnique updates	2020-06-16 14:46:08 -06:00
Thomas Patzke	0592cbb67a	Added UUIDs to rules	2019-11-12 23:12:27 +01:00
Florian Roth	b7c3f8da91	refactor: cleanup, single element lists, renamed files, level adjustments	2019-11-12 12:55:05 +01:00

17 Commits