2889 Commits

Author	SHA1	Message	Date
Jonhnathan	d57d7c1e5b	Remove Additional backslash	2020-11-26 22:59:35 -03:00
Jonhnathan	f61317b2f9	Update sysmon_in_memory_assembly_execution.yml	2020-11-26 22:50:48 -03:00
Jonhnathan	784cab1dfe	Fix missing logic and Field	2020-11-26 22:46:17 -03:00
Jonhnathan	48f16a0ca8	Update win_susp_net_recon_activity.yml	2020-11-26 22:39:49 -03:00
Jonhnathan	31e0cfb13f	Update win_susp_covenant.yml	2020-11-20 02:36:20 -03:00
Jonhnathan	ec1944e2d7	Update win_susp_copy_system32.yml	2020-11-20 02:31:26 -03:00
Jonhnathan	5d7131bbf2	Update win_susp_compression_params.yml	2020-11-20 02:29:41 -03:00
Jonhnathan	32ed588adb	Update detection Logic	2020-11-20 02:27:58 -03:00
Jonhnathan	b274be8d4e	Update detection Logic	2020-11-20 02:25:32 -03:00
Jonhnathan	c31c0d981a	Update detection logic	2020-11-20 02:23:18 -03:00
Jonhnathan	23edcc6dc6	Update win_susp_certutil_command.yml	2020-11-20 02:21:55 -03:00
Jonhnathan	8af17dda5b	Update win_spn_enum.yml	2020-11-20 02:17:31 -03:00
Jonhnathan	d5cb4246c2	Remove additional backlash	2020-11-20 02:16:51 -03:00
Jonhnathan	0606cd3dde	Update detection Logic	2020-11-20 02:10:27 -03:00
Jonhnathan	ebb4580378	Remove additional backlash	2020-11-20 02:04:28 -03:00
Jonhnathan	2ba146be07	Remove additional backlash	2020-11-20 02:03:06 -03:00
Jonhnathan	493fa3d5ee	Update sysmon_susp_mic_cam_access.yml	2020-11-20 02:02:26 -03:00
Jonhnathan	9e3a612953	Remove additional backlash	2020-11-20 02:01:43 -03:00
Jonhnathan	6c88dd700e	Update sysmon_stickykey_like_backdoor.yml	2020-11-20 02:00:53 -03:00
Jonhnathan	1e640b50f9	Remove additional backlash	2020-11-20 01:58:20 -03:00
Jonhnathan	acff5ef4f9	Update sysmon_registry_persistence_key_linking.yml	2020-11-20 01:57:34 -03:00
Jonhnathan	e35b09e1a6	Remove out of context falsepositive	2020-11-20 01:55:48 -03:00
Jonhnathan	d595df2879	Fix	2020-11-20 01:53:15 -03:00
Jonhnathan	6f3daad053	Update sysmon_apt_oceanlotus_registry.yml	2020-11-20 01:51:53 -03:00
Jonhnathan	9967bd1fe5	Update sysmon_apt_oceanlotus_registry.yml	2020-11-20 01:51:01 -03:00
Jonhnathan	1af9e9ed48	Update sysmon_win_reg_persistence.yml	2020-11-20 01:47:19 -03:00
Jonhnathan	8d8c29e0fe	Update sysmon_uac_bypass_sdclt.yml	2020-11-20 01:42:17 -03:00
Jonhnathan	372f000b7f	Update sysmon_uac_bypass_eventvwr.yml	2020-11-20 01:41:20 -03:00
Jonhnathan	e8aa9a854a	Update sysmon_uac_bypass_eventvwr.yml	2020-11-20 01:40:29 -03:00
Jonhnathan	57e98e3957	Remove additional backlash	2020-11-20 01:38:57 -03:00
Jonhnathan	9cf2ea5862	Update sysmon_susp_service_installed.yml	2020-11-20 01:38:17 -03:00
Jonhnathan	1acc19a8d5	Remove additional backlash	2020-11-20 01:37:24 -03:00
Jonhnathan	ab2edd1ff0	Update sysmon_malware_verclsid_shellcode.yml	2020-11-20 01:34:43 -03:00
Jonhnathan	240a8b9aa0	Update sysmon_lazagne_cred_dump_lsass_access.yml	2020-11-20 01:33:04 -03:00
Jonhnathan	ebd9973dcb	Update sysmon_lazagne_cred_dump_lsass_access.yml	2020-11-20 01:32:41 -03:00
Jonhnathan	2194744803	Update sysmon_invoke_phantom.yml	2020-11-20 01:30:58 -03:00
Jonhnathan	4af7f00f4a	Improve logic	2020-11-20 01:30:01 -03:00
Jonhnathan	728276ef13	Improve Logic	2020-11-20 01:22:20 -03:00
Jonhnathan	ee43919eec	Change detection logic	2020-11-20 01:05:06 -03:00
Jonhnathan	c42911cb47	Update win_wmi_persistence.yml	2020-11-20 00:58:49 -03:00
Jonhnathan	718792e0ba	Update win_tool_psexec.yml	2020-11-20 00:57:16 -03:00
Jonhnathan	b3e0b55250	Remove additional backslash	2020-11-20 00:53:13 -03:00
Jonhnathan	813afd4f4c	Remove additional backslash	2020-11-20 00:52:54 -03:00
Jonhnathan	f6a89e9707	Fix Detection Logic	2020-11-20 00:51:22 -03:00
Jonhnathan	0ffd1ef47f	Remove additional backslash	2020-11-19 23:15:38 -03:00
Jonhnathan	351a9920ed	Update win_mal_flowcloud.yml	2020-11-19 23:14:44 -03:00
Jonhnathan	43ffb80d94	Remove additional backslash	2020-11-19 23:09:50 -03:00
Jonhnathan	44652c4ffd	Remove additional backslash	2020-11-19 23:08:40 -03:00
Jonhnathan	9a5b17f2bb	Remove additional backslash	2020-11-19 23:04:26 -03:00
Jonhnathan	f79caba72a	Remove additional backslash	2020-11-19 22:58:50 -03:00