security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,322 Commits 1 Branch 57 Tags
bde2b95cdc19b986a6e100d3e3693824a58b0614
Commit Graph

918 Commits

Author SHA1 Message Date
Jonhnathan bde2b95cdc Remove Additional backslash 2020-11-27 12:14:34 -03:00
Jonhnathan e58333f808 Update win_commandline_path_traversal.yml 2020-11-27 12:13:45 -03:00
Jonhnathan a403082631 Update win_bypass_squiblytwo.yml 2020-11-26 23:33:00 -03:00
Jonhnathan d5803b89ef Update win_apt_zxshell.yml 2020-11-26 23:31:10 -03:00
Jonhnathan 89a4aa84bf Update win_apt_winnti_pipemon.yml 2020-11-26 23:29:10 -03:00
Jonhnathan df93846117 Update win_apt_unidentified_nov_18.yml 2020-11-26 23:26:18 -03:00
Jonhnathan b234d577d6 Update win_apt_sofacy.yml 2020-11-26 23:21:53 -03:00
Jonhnathan 77bae30bef Update win_apt_slingshot.yml 2020-11-26 23:18:32 -03:00
Jonhnathan f2dd516b7c Fix logic 2020-11-26 23:16:03 -03:00
Jonhnathan 127607c5e7 Remove Additional backslash 2020-11-26 23:14:51 -03:00
Jonhnathan bce74198ab Remove Additional backslash 2020-11-26 23:14:24 -03:00
Jonhnathan fda266adb6 Update win_apt_hurricane_panda.yml 2020-11-26 23:12:26 -03:00
Jonhnathan d0b6694767 Update win_apt_greenbug_may20.yml 2020-11-26 23:05:44 -03:00
Jonhnathan 707fbe048e Update win_apt_evilnum_jul20.yml 2020-11-26 23:05:08 -03:00
Jonhnathan a113c0f3b4 Remove Additional backslash 2020-11-26 23:00:05 -03:00
Jonhnathan d57d7c1e5b Remove Additional backslash 2020-11-26 22:59:35 -03:00
Jonhnathan 31e0cfb13f Update win_susp_covenant.yml 2020-11-20 02:36:20 -03:00
Jonhnathan ec1944e2d7 Update win_susp_copy_system32.yml 2020-11-20 02:31:26 -03:00
Jonhnathan 5d7131bbf2 Update win_susp_compression_params.yml 2020-11-20 02:29:41 -03:00
Jonhnathan 32ed588adb Update detection Logic 2020-11-20 02:27:58 -03:00
Jonhnathan b274be8d4e Update detection Logic 2020-11-20 02:25:32 -03:00
Jonhnathan c31c0d981a Update detection logic 2020-11-20 02:23:18 -03:00
Jonhnathan 23edcc6dc6 Update win_susp_certutil_command.yml 2020-11-20 02:21:55 -03:00
Jonhnathan 8af17dda5b Update win_spn_enum.yml 2020-11-20 02:17:31 -03:00
Jonhnathan d5cb4246c2 Remove additional backlash 2020-11-20 02:16:51 -03:00
Jonhnathan 28febe5dd2 Update win_apt_chafer_mar18.yml 2020-10-27 23:28:04 -03:00
Jonhnathan 0860978412 Update win_apt_bear_activity_gtr19.yml 2020-10-27 23:26:34 -03:00
Jonhnathan e24e6da3b5 Update win_apt_apt29_thinktanks.yml 2020-10-27 23:24:04 -03:00
Jonhnathan 3f23aa56c0 Revert "Revert "Changed the rule to download only and not the copy"" 
This reverts commit 17e7eee3a6.
 2020-10-16 11:05:51 -03:00
Jonhnathan 0734274dfa Revert "Revert "Create win_susp_replace_lolbin.yml"" 
This reverts commit fdd9234acc.
 2020-10-16 11:05:40 -03:00
Jonhnathan 2332e42e4c Update win_susp_copy_lateral_movement.yml 2020-10-15 21:01:23 -03:00
Jonhnathan d4603d196b Update win_susp_adfind.yml 2020-10-15 21:00:15 -03:00
Jonhnathan f4872118a2 Update win_powershell_dll_execution.yml 2020-10-15 20:38:55 -03:00
Jonhnathan 3566dd1594 Fix 2020-10-15 20:35:50 -03:00
Jonhnathan 44c909a4a4 Update win_apt_mustangpanda.yml 2020-10-15 20:33:00 -03:00
Jonhnathan 5fc348fd45 Fix 2020-10-15 20:32:16 -03:00
Jonhnathan 37ee747dfe Update win_apt_chafer_mar18.yml 2020-10-15 20:30:52 -03:00
Jonhnathan 4adf092a25 Update win_workflow_compiler.yml 2020-10-15 20:00:57 -03:00
Jonhnathan eb9bac761f Update win_wmi_spwns_powershell.yml 2020-10-15 20:00:44 -03:00
Jonhnathan b2e1b857ae Update win_wmi_backdoor_exchange_transport_agent.yml 2020-10-15 20:00:27 -03:00
Jonhnathan 86ad1f45f5 Update win_win10_sched_task_0day.yml 2020-10-15 20:00:13 -03:00
Jonhnathan 630e92f3c2 Update win_webshell_spawn.yml 2020-10-15 19:59:59 -03:00
Jonhnathan 138b8fed06 Update win_webshell_recon_detection.yml 2020-10-15 19:59:36 -03:00
Jonhnathan e402356e82 Update win_webshell_detection.yml 2020-10-15 19:58:37 -03:00
Jonhnathan 2d9233d418 Update win_vul_java_remote_debugging.yml 2020-10-15 19:57:43 -03:00
Jonhnathan d9afa1aec6 Update win_termserv_proc_spawn.yml 2020-10-15 19:57:05 -03:00
Jonhnathan 737fbd1619 Update win_system_exe_anomaly.yml 2020-10-15 19:55:57 -03:00
Jonhnathan 434c6257f0 Update win_susp_wmi_execution.yml 2020-10-15 19:52:25 -03:00
Jonhnathan 7b9ec4709f Update win_susp_whoami.yml 2020-10-15 19:51:55 -03:00
Jonhnathan d09dd70695 Update win_susp_userinit_child.yml 2020-10-15 19:51:42 -03:00