security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,584 Commits 1 Branch 57 Tags
80098113d06750ddb9ab275d7df1049f88d4ea7c
Commit Graph

4 Commits

Author SHA1 Message Date
Nasreddine Bencherchali 12d187bc91 Update Ref+Selection 2 2022-07-11 17:48:40 +01:00
Florian Roth 15cee5c0b1 Update proc_creation_win_susp_taskkill.yml 2022-05-18 17:28:26 +02:00
Nasreddine Bencherchali dcf236fede Quick Updates and Fixes 
- Added "Invoke-EventViewer.ps1" script to the rule "file_event_win_powershell_exploit_scripts"
- Added "OriginalFileName" to "proc_creation_win_susp_taskkill"
- Created rule for "winword" being used as a LOLBIN to download and load arbitrary DLLs
 2022-05-18 12:50:59 +01:00
frack113 8bb3379b68 Normalization of rule names 2022-02-22 11:16:31 +01:00