 phantinuss
|
809f7abbb8
|
fix: several FPs against a fresh installed Windows with example applications and basic user interaction 3
|
2022-02-11 16:38:52 +01:00 |
|
|
frack113
|
4631d0c482
|
remove invalid tag
|
2022-01-19 18:23:30 +01:00 |
|
|
frack113
|
6badb13114
|
Rename powershell_module
|
2022-01-15 10:38:27 +01:00 |
|
|
Ahmet Salih
|
9b261a5cb7
|
Update powershell_suspicious_invocation_specific_in_contextinfo.yml
close #2546
|
2022-01-11 18:23:30 +03:00 |
|
|
Florian Roth
|
e055ec1d52
|
refactor: change all " of them" expressions
|
2022-01-11 10:59:57 +01:00 |
|
|
frack113
|
73f258e2d1
|
Change double quote to quote
|
2022-01-06 14:02:35 +01:00 |
|
|
frack113
|
426d8193ad
|
Windows redcannary
|
2021-12-15 19:36:16 +01:00 |
|
|
frack113
|
221f479825
|
Windows Redcannay T1069.001
|
2021-12-12 12:15:27 +01:00 |
|
|
frack113
|
ee67779811
|
Windows T1049 RedCannary
|
2021-12-11 09:38:20 +01:00 |
|
|
phantinuss
|
07a0a37273
|
feat: discourage the usage of 'all of them' and migrate existing rules to use the preferred method 'all of selection*'
|
2021-12-02 14:47:39 +01:00 |
|
|
frack113
|
1cfca93354
|
Missing status in rules (#2284)
* add missing status
|
2021-11-19 22:32:26 +01:00 |
|
|
frack113
|
faa407dacc
|
cleanup list
|
2021-10-18 14:52:35 +02:00 |
|
|
frack113
|
0e1c156ddf
|
fix related
|
2021-10-18 14:26:06 +02:00 |
|
|
frack113
|
19da3ac07f
|
add ps_module version
|
2021-10-18 14:12:52 +02:00 |
|
|
frack113
|
0ca16b18f4
|
Change to category: ps_module
|
2021-10-16 08:05:15 +02:00 |
|
|
frack113
|
1337116d84
|
Cleanup selection name
|
2021-10-10 10:17:24 +02:00 |
|
|
Florian Roth
|
2379907f26
|
docs: extended the description by a word
|
2021-10-09 16:42:42 +02:00 |
|
|
Florian Roth
|
f475b90ee3
|
fix: typo in description
|
2021-10-09 16:41:48 +02:00 |
|
|
frack113
|
5c68c42058
|
order powershell_script
|
2021-10-09 10:30:36 +02:00 |
|
|
frack113
|
41d098b253
|
fix yml error
|
2021-10-09 09:59:21 +02:00 |
|
|
frack113
|
fe7fbfd5fc
|
order powershell_module
|
2021-10-09 09:50:49 +02:00 |
|