security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,322 Commits 1 Branch 57 Tags
bde2b95cdc19b986a6e100d3e3693824a58b0614
Commit Graph

2904 Commits

Author SHA1 Message Date
Jonhnathan bde2b95cdc Remove Additional backslash 2020-11-27 12:14:34 -03:00
Jonhnathan e58333f808 Update win_commandline_path_traversal.yml 2020-11-27 12:13:45 -03:00
Jonhnathan a403082631 Update win_bypass_squiblytwo.yml 2020-11-26 23:33:00 -03:00
Jonhnathan d5803b89ef Update win_apt_zxshell.yml 2020-11-26 23:31:10 -03:00
Jonhnathan 89a4aa84bf Update win_apt_winnti_pipemon.yml 2020-11-26 23:29:10 -03:00
Jonhnathan df93846117 Update win_apt_unidentified_nov_18.yml 2020-11-26 23:26:18 -03:00
Jonhnathan b234d577d6 Update win_apt_sofacy.yml 2020-11-26 23:21:53 -03:00
Jonhnathan 77bae30bef Update win_apt_slingshot.yml 2020-11-26 23:18:32 -03:00
Jonhnathan f2dd516b7c Fix logic 2020-11-26 23:16:03 -03:00
Jonhnathan 127607c5e7 Remove Additional backslash 2020-11-26 23:14:51 -03:00
Jonhnathan bce74198ab Remove Additional backslash 2020-11-26 23:14:24 -03:00
Jonhnathan fda266adb6 Update win_apt_hurricane_panda.yml 2020-11-26 23:12:26 -03:00
Jonhnathan d0b6694767 Update win_apt_greenbug_may20.yml 2020-11-26 23:05:44 -03:00
Jonhnathan 707fbe048e Update win_apt_evilnum_jul20.yml 2020-11-26 23:05:08 -03:00
Jonhnathan a113c0f3b4 Remove Additional backslash 2020-11-26 23:00:05 -03:00
Jonhnathan d57d7c1e5b Remove Additional backslash 2020-11-26 22:59:35 -03:00
Jonhnathan f61317b2f9 Update sysmon_in_memory_assembly_execution.yml 2020-11-26 22:50:48 -03:00
Jonhnathan 784cab1dfe Fix missing logic and Field 2020-11-26 22:46:17 -03:00
Jonhnathan 48f16a0ca8 Update win_susp_net_recon_activity.yml 2020-11-26 22:39:49 -03:00
Jonhnathan 31e0cfb13f Update win_susp_covenant.yml 2020-11-20 02:36:20 -03:00
Jonhnathan ec1944e2d7 Update win_susp_copy_system32.yml 2020-11-20 02:31:26 -03:00
Jonhnathan 5d7131bbf2 Update win_susp_compression_params.yml 2020-11-20 02:29:41 -03:00
Jonhnathan 32ed588adb Update detection Logic 2020-11-20 02:27:58 -03:00
Jonhnathan b274be8d4e Update detection Logic 2020-11-20 02:25:32 -03:00
Jonhnathan c31c0d981a Update detection logic 2020-11-20 02:23:18 -03:00
Jonhnathan 23edcc6dc6 Update win_susp_certutil_command.yml 2020-11-20 02:21:55 -03:00
Jonhnathan 8af17dda5b Update win_spn_enum.yml 2020-11-20 02:17:31 -03:00
Jonhnathan d5cb4246c2 Remove additional backlash 2020-11-20 02:16:51 -03:00
Jonhnathan 0606cd3dde Update detection Logic 2020-11-20 02:10:27 -03:00
Jonhnathan ebb4580378 Remove additional backlash 2020-11-20 02:04:28 -03:00
Jonhnathan 2ba146be07 Remove additional backlash 2020-11-20 02:03:06 -03:00
Jonhnathan 493fa3d5ee Update sysmon_susp_mic_cam_access.yml 2020-11-20 02:02:26 -03:00
Jonhnathan 9e3a612953 Remove additional backlash 2020-11-20 02:01:43 -03:00
Jonhnathan 6c88dd700e Update sysmon_stickykey_like_backdoor.yml 2020-11-20 02:00:53 -03:00
Jonhnathan 1e640b50f9 Remove additional backlash 2020-11-20 01:58:20 -03:00
Jonhnathan acff5ef4f9 Update sysmon_registry_persistence_key_linking.yml 2020-11-20 01:57:34 -03:00
Jonhnathan e35b09e1a6 Remove out of context falsepositive 2020-11-20 01:55:48 -03:00
Jonhnathan d595df2879 Fix 2020-11-20 01:53:15 -03:00
Jonhnathan 6f3daad053 Update sysmon_apt_oceanlotus_registry.yml 2020-11-20 01:51:53 -03:00
Jonhnathan 9967bd1fe5 Update sysmon_apt_oceanlotus_registry.yml 2020-11-20 01:51:01 -03:00
Jonhnathan 1af9e9ed48 Update sysmon_win_reg_persistence.yml 2020-11-20 01:47:19 -03:00
Jonhnathan 8d8c29e0fe Update sysmon_uac_bypass_sdclt.yml 2020-11-20 01:42:17 -03:00
Jonhnathan 372f000b7f Update sysmon_uac_bypass_eventvwr.yml 2020-11-20 01:41:20 -03:00
Jonhnathan e8aa9a854a Update sysmon_uac_bypass_eventvwr.yml 2020-11-20 01:40:29 -03:00
Jonhnathan 57e98e3957 Remove additional backlash 2020-11-20 01:38:57 -03:00
Jonhnathan 9cf2ea5862 Update sysmon_susp_service_installed.yml 2020-11-20 01:38:17 -03:00
Jonhnathan 1acc19a8d5 Remove additional backlash 2020-11-20 01:37:24 -03:00
Jonhnathan ab2edd1ff0 Update sysmon_malware_verclsid_shellcode.yml 2020-11-20 01:34:43 -03:00
Jonhnathan 240a8b9aa0 Update sysmon_lazagne_cred_dump_lsass_access.yml 2020-11-20 01:33:04 -03:00
Jonhnathan ebd9973dcb Update sysmon_lazagne_cred_dump_lsass_access.yml 2020-11-20 01:32:41 -03:00