security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,271 Commits 1 Branch 57 Tags
cc8a89b6792ba7671d45c255e3042fba5df7cadf
Commit Graph

7 Commits

Author SHA1 Message Date
Lurkkeli 3456f9a74d Update sysmon_susp_wmi_execution.yml 2018-08-07 08:19:58 +02:00
SherifEldeeb 348728bdd9 Cleaning up empty list items 2018-01-28 02:36:39 +03:00
SherifEldeeb 48441962cc Change All "str" references to be "list"to mach schema update 2018-01-28 02:24:16 +03:00
SherifEldeeb 112a0939d7 Change "reference" to "references" to match new schema 2018-01-28 02:12:19 +03:00
Thomas Patzke 986c9ff9b7 Added field names to first rules 2017-09-12 23:54:04 +02:00
Florian Roth fa90fb2fed Improved WMIC process call create rule 2017-03-29 22:11:05 +02:00
Michael Haag 5ea6fad999 net.exe and wmic.exe 
Suspicious execution of net and wmic
 2017-03-25 06:48:23 -07:00