security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,208 Commits 1 Branch 57 Tags
d7eda3fe7e4e2ffda59f6059e0a9d230bb9eb2cb
Commit Graph

2790 Commits

Author SHA1 Message Date
Jonhnathan d7eda3fe7e Update sysmon_wmi_susp_scripting.yml 2020-10-15 20:15:22 -03:00
Jonhnathan 92aaeca075 Update sysmon_susp_powershell_rundll32.yml 2020-10-15 20:14:23 -03:00
Jonhnathan 26b36086c7 Update sysmon_cmstp_execution.yml 2020-10-15 20:13:39 -03:00
Jonhnathan df81f5180d Update sysmon_cactustorch.yml 2020-10-15 20:12:54 -03:00
Jonhnathan 457217bfc0 Update sysmon_win_reg_persistence.yml 2020-10-15 20:11:52 -03:00
Jonhnathan 229e57777a Update sysmon_win_reg_persistence.yml 2020-10-15 20:11:37 -03:00
Jonhnathan 8a52610bf8 Update sysmon_uac_bypass_eventvwr.yml 2020-10-15 20:11:11 -03:00
Jonhnathan 6ea18efdaf Update sysmon_sysinternals_eula_accepted.yml 2020-10-15 20:10:44 -03:00
Jonhnathan 7dfb8f0e99 Update sysmon_suspicious_keyboard_layout_load.yml 2020-10-15 20:10:21 -03:00
Jonhnathan 9c434eaf04 Update sysmon_susp_service_installed.yml 2020-10-15 20:10:06 -03:00
Jonhnathan 33ed01e285 Update sysmon_susp_run_key_img_folder.yml 2020-10-15 20:09:42 -03:00
Jonhnathan 45466cf95d Update sysmon_susp_reg_persist_explorer_run.yml 2020-10-15 20:08:47 -03:00
Jonhnathan b55b78c42d Update sysmon_susp_lsass_dll_load.yml 2020-10-15 20:08:12 -03:00
Jonhnathan 17ade8e5f5 Update sysmon_susp_download_run_key.yml 2020-10-15 20:07:53 -03:00
Jonhnathan 6fc6409c7f Update sysmon_stickykey_like_backdoor.yml 2020-10-15 20:07:11 -03:00
Jonhnathan 03ea1375e2 Update sysmon_registry_persistence_search_order.yml 2020-10-15 20:05:46 -03:00
Jonhnathan f101d661f0 Update sysmon_reg_office_security.yml 2020-10-15 20:05:11 -03:00
Jonhnathan 176b7ce08f Update sysmon_rdp_settings_hijack.yml 2020-10-15 20:04:57 -03:00
Jonhnathan 4c9cf8b759 Update sysmon_new_dll_added_to_appinit_dlls_registry_key.yml 2020-10-15 20:04:31 -03:00
Jonhnathan 51eefbae0c Update sysmon_logon_scripts_userinitmprlogonscript_reg.yml 2020-10-15 20:04:05 -03:00
Jonhnathan 143e6512ad Update sysmon_dns_serverlevelplugindll.yml 2020-10-15 20:03:42 -03:00
Jonhnathan c4a44e2376 Update sysmon_dns_serverlevelplugindll.yml 2020-10-15 20:03:29 -03:00
Jonhnathan bdca2febe9 Update sysmon_dhcp_calloutdll.yml 2020-10-15 20:02:58 -03:00
Jonhnathan 337e26a034 Update sysmon_cmstp_execution.yml 2020-10-15 20:02:37 -03:00
Jonhnathan 4adf092a25 Update win_workflow_compiler.yml 2020-10-15 20:00:57 -03:00
Jonhnathan eb9bac761f Update win_wmi_spwns_powershell.yml 2020-10-15 20:00:44 -03:00
Jonhnathan b2e1b857ae Update win_wmi_backdoor_exchange_transport_agent.yml 2020-10-15 20:00:27 -03:00
Jonhnathan 86ad1f45f5 Update win_win10_sched_task_0day.yml 2020-10-15 20:00:13 -03:00
Jonhnathan 630e92f3c2 Update win_webshell_spawn.yml 2020-10-15 19:59:59 -03:00
Jonhnathan 138b8fed06 Update win_webshell_recon_detection.yml 2020-10-15 19:59:36 -03:00
Jonhnathan e402356e82 Update win_webshell_detection.yml 2020-10-15 19:58:37 -03:00
Jonhnathan 2d9233d418 Update win_vul_java_remote_debugging.yml 2020-10-15 19:57:43 -03:00
Jonhnathan d9afa1aec6 Update win_termserv_proc_spawn.yml 2020-10-15 19:57:05 -03:00
Jonhnathan 737fbd1619 Update win_system_exe_anomaly.yml 2020-10-15 19:55:57 -03:00
Jonhnathan 434c6257f0 Update win_susp_wmi_execution.yml 2020-10-15 19:52:25 -03:00
Jonhnathan 7b9ec4709f Update win_susp_whoami.yml 2020-10-15 19:51:55 -03:00
Jonhnathan d09dd70695 Update win_susp_userinit_child.yml 2020-10-15 19:51:42 -03:00
Jonhnathan ad8620f729 Update win_susp_tscon_rdp_redirect.yml 2020-10-15 19:51:05 -03:00
Jonhnathan c38ccefc21 Update win_susp_tscon_localsystem.yml 2020-10-15 19:50:14 -03:00
Jonhnathan 9d8116c486 Update win_susp_taskmgr_parent.yml 2020-10-15 19:50:04 -03:00
Jonhnathan dde03e760b Update win_susp_taskmgr_localsystem.yml 2020-10-15 19:49:47 -03:00
Jonhnathan 4543e18e4e Update win_susp_sysvol_access.yml 2020-10-15 19:49:31 -03:00
Jonhnathan 08a018a2ee Update win_susp_sysprep_appdata.yml 2020-10-15 19:49:12 -03:00
Jonhnathan 4c9124952e Update win_susp_svchost.yml 2020-10-15 19:47:47 -03:00
Jonhnathan 5c7bc4c48a Update win_susp_schtask_creation.yml 2020-10-15 19:47:15 -03:00
Jonhnathan d3f0d25ffb Update win_susp_rundll32_by_ordinal.yml 2020-10-15 19:46:54 -03:00
Jonhnathan 8d471775e0 Update win_susp_regsvr32_anomalies.yml 2020-10-15 19:45:08 -03:00
Jonhnathan cc338507c9 Update win_susp_ps_appdata.yml 2020-10-15 19:43:37 -03:00
Jonhnathan 91fb5cdcd0 Update win_susp_prog_location_process_starts.yml 2020-10-15 19:43:19 -03:00
Jonhnathan 253014ee68 Update win_susp_procdump.yml 2020-10-15 19:42:48 -03:00