- Added 5 more PowerShell scripts for the rule "file_event_win_powershell_exploit_scripts.yml"
- Created new rule for "certoc" lolbin to cover "Download" option as described in the LOLBAS project
- Created specific rule for the "IEExec" lolbin to cover "Download" option as described in the LOLBAS Project
- Updated some rules to use "OriginalFileName" in addition to the "Image" selection
- Updated some rules to increase coverage.
Nasreddine Bencherchali