2788 Commits

Author	SHA1	Message	Date
Florian Roth	1ea4bb0b87	wrong field name	2020-11-28 10:10:00 +01:00
yugoslavskiy	17813c947c	Update win_apt_bluemashroom.yml	2020-11-28 09:48:30 +01:00
yugoslavskiy	26fa500e21	Update win_control_panel_item.yml	2020-11-28 09:38:49 +01:00
Jonhnathan	702f697168	Update win_powershell_download.yml	2020-11-27 16:10:10 -03:00
Jonhnathan	fb119d6112	Remove additional backslash	2020-11-27 16:06:15 -03:00
Jonhnathan	bf5aa947e3	Update win_office_spawn_exe_from_users_directory.yml	2020-11-27 16:04:55 -03:00
Jonhnathan	f6aaa957ff	Update win_netsh_wifi_credential_harvesting.yml	2020-11-27 16:01:25 -03:00
Jonhnathan	d996e97fdd	Update win_netsh_port_fwd_3389.yml	2020-11-27 16:00:04 -03:00
Jonhnathan	b816754018	Update win_netsh_port_fwd_3389.yml	2020-11-27 15:59:25 -03:00
Jonhnathan	5acd8d622b	Update win_netsh_port_fwd.yml	2020-11-27 15:57:53 -03:00
Jonhnathan	9171d8913c	Remove Additional backslash	2020-11-27 15:45:08 -03:00
Jonhnathan	0bf996d66e	Update win_netsh_fw_add.yml	2020-11-27 15:44:22 -03:00
Jonhnathan	3f5a2af2db	Update win_mshta_spawn_shell.yml	2020-11-27 15:43:29 -03:00
Jonhnathan	345c6627a8	Update win_mmc_spawn_shell.yml	2020-11-27 15:42:22 -03:00
Jonhnathan	3854a0ed8d	Update Logic	2020-11-27 15:38:16 -03:00
Jonhnathan	84b35dd6b8	Update win_malware_script_dropper.yml	2020-11-27 15:30:53 -03:00
Jonhnathan	217dd53c62	Update win_malware_notpetya.yml	2020-11-27 15:29:29 -03:00
Jonhnathan	3410a1eece	Update win_malware_formbook.yml	2020-11-27 15:26:15 -03:00
Jonhnathan	253c0839ec	Update logic	2020-11-27 15:25:38 -03:00
Jonhnathan	5f5af0bd36	Update win_malware_dridex.yml	2020-11-27 15:10:31 -03:00
Jonhnathan	7672db2aeb	Update Logic	2020-11-27 12:37:04 -03:00
Jonhnathan	22ae395e4a	Update win_impacket_lateralization.yml	2020-11-27 12:35:27 -03:00
Jonhnathan	e18829697f	Update Logic	2020-11-27 12:33:31 -03:00
Jonhnathan	9331686368	Update Logic	2020-11-27 12:27:23 -03:00
Jonhnathan	dbd97647f6	Remove Additional backslash and update logic	2020-11-27 12:22:04 -03:00
Jonhnathan	421ab4dc5f	Update win_exploit_cve_2017_0261.yml	2020-11-27 12:18:06 -03:00
Jonhnathan	3f9edf19a9	Update win_control_panel_item.yml	2020-11-27 12:15:12 -03:00
Jonhnathan	bde2b95cdc	Remove Additional backslash	2020-11-27 12:14:34 -03:00
Jonhnathan	e58333f808	Update win_commandline_path_traversal.yml	2020-11-27 12:13:45 -03:00
mat	b3e36281b5	fix reference field + add test for references in plural form	2020-11-27 10:17:45 +01:00
Jonhnathan	a403082631	Update win_bypass_squiblytwo.yml	2020-11-26 23:33:00 -03:00
Jonhnathan	d5803b89ef	Update win_apt_zxshell.yml	2020-11-26 23:31:10 -03:00
Jonhnathan	89a4aa84bf	Update win_apt_winnti_pipemon.yml	2020-11-26 23:29:10 -03:00
Jonhnathan	df93846117	Update win_apt_unidentified_nov_18.yml	2020-11-26 23:26:18 -03:00
Jonhnathan	b234d577d6	Update win_apt_sofacy.yml	2020-11-26 23:21:53 -03:00
Jonhnathan	77bae30bef	Update win_apt_slingshot.yml	2020-11-26 23:18:32 -03:00
Jonhnathan	f2dd516b7c	Fix logic	2020-11-26 23:16:03 -03:00
Jonhnathan	127607c5e7	Remove Additional backslash	2020-11-26 23:14:51 -03:00
Jonhnathan	bce74198ab	Remove Additional backslash	2020-11-26 23:14:24 -03:00
Jonhnathan	fda266adb6	Update win_apt_hurricane_panda.yml	2020-11-26 23:12:26 -03:00
Jonhnathan	d0b6694767	Update win_apt_greenbug_may20.yml	2020-11-26 23:05:44 -03:00
Jonhnathan	707fbe048e	Update win_apt_evilnum_jul20.yml	2020-11-26 23:05:08 -03:00
Jonhnathan	a113c0f3b4	Remove Additional backslash	2020-11-26 23:00:05 -03:00
Jonhnathan	d57d7c1e5b	Remove Additional backslash	2020-11-26 22:59:35 -03:00
Florian Roth	c6fc9de144	New Trickbot wermgr rule	2020-11-26 09:54:27 +01:00
Florian Roth	c111ab3141	Improved Trickbot recon rule	2020-11-26 09:54:13 +01:00
bczyz1	05398ae95e	change field newprocessname -> image	2020-11-23 13:43:19 +01:00
bczyz1	193021eff8	Update win_apt_slingshot.yml ... fix condition	2020-11-20 09:19:03 +01:00
Jonhnathan	31e0cfb13f	Update win_susp_covenant.yml	2020-11-20 02:36:20 -03:00
Jonhnathan	ec1944e2d7	Update win_susp_copy_system32.yml	2020-11-20 02:31:26 -03:00