security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,511 Commits 1 Branch 57 Tags
e91fc4486e57fc40e30d12253694de4c80a9e4ea
Commit Graph

2788 Commits

Author SHA1 Message Date
Jonhnathan 01bf24b4fc Update win_apt_judgement_panda_gtr19.yml 2020-10-15 17:31:09 -03:00
Jonhnathan 7f5c75ab3e Update win_apt_hurricane_panda.yml 2020-10-15 17:30:34 -03:00
Jonhnathan 0926d76449 Update win_apt_equationgroup_dll_u_load.yml 2020-10-15 17:29:44 -03:00
Jonhnathan 8b593aa309 Update win_apt_empiremonkey.yml 2020-10-15 17:29:19 -03:00
Jonhnathan 00232982b2 Update win_apt_emissarypanda_sep19.yml 2020-10-15 17:28:33 -03:00
Jonhnathan 54f1a0c583 Update win_apt_elise.yml 2020-10-15 17:28:07 -03:00
Jonhnathan d074ea110f Update win_apt_dragonfly.yml 2020-10-15 17:27:42 -03:00
Jonhnathan 5eac9e5161 Update win_apt_cloudhopper.yml 2020-10-15 17:27:27 -03:00
Jonhnathan 2cdead8778 Update win_apt_chafer_mar18.yml 2020-10-15 17:26:58 -03:00
Jonhnathan 96ef4733c3 Update win_apt_bluemashroom.yml 2020-10-15 17:25:17 -03:00
Jonhnathan ca31849be1 Update win_apt_bear_activity_gtr19.yml 2020-10-15 17:24:56 -03:00
Jonhnathan 10522becc3 Update win_apt_apt29_thinktanks.yml 2020-10-15 17:24:03 -03:00
Jonhnathan bc1efd9843 Update sysmon_logon_scripts_userinitmprlogonscript_proc.yml 2020-10-15 17:23:44 -03:00
Jonhnathan fdd9234acc Revert "Create win_susp_replace_lolbin.yml" 
This reverts commit e6a6549676.
 2020-10-15 14:57:18 -03:00
Jonhnathan 17e7eee3a6 Revert "Changed the rule to download only and not the copy" 
This reverts commit 1324bc1ad1.
 2020-10-15 14:57:14 -03:00
Sander 0c718d5ce7 Created Win Regedit import rules 2020-10-15 18:14:56 +02:00
Sander 72162125e9 Created Win Regedit export rules 2020-10-15 18:14:25 +02:00
Наталья Шорникова aa1824838f Adding win_manage-bde_lolbas.yml Rule 2020-10-15 17:59:43 +03:00
Наталья Шорникова c3c71a7476 Adding win_CL_Mutexverifiers_LOLScript.yml Rule 2020-10-15 17:51:44 +03:00
Наталья Шорникова be67acd52d Adding win_CL_Invocation_LOLScript.yml Rule 2020-10-15 17:36:18 +03:00
Jonhnathan 8f6ad7df6b Update win_etw_trace_evasion.yml 2020-10-15 09:22:13 -03:00
Ivan Dyachkov 787c87e032 added backslash for image search 2020-10-15 14:01:30 +03:00
OpalSec ffbcb402e3 Creation of Rules for Task 24 - Invoke-Obfuscation VAR+ Launcher 2020-10-15 21:36:27 +11:00
Ivan Dyachkov f79342cc59 fixed image search 2020-10-15 13:21:06 +03:00
uncleP@sk 0018b66e7d The author field escape char added 2020-10-15 11:55:57 +03:00
uncleP@sk 0e8c92a864 The author field escape char added 2020-10-15 11:54:11 +03:00
uncleP@sk 7269114e5d The author field escape char added 2020-10-15 11:52:18 +03:00
uncleP@sk 3a3079789a The author field escape char added 2020-10-15 11:50:56 +03:00
Ivan Dyachkov cf399927e1 uncommented tags 2020-10-15 10:52:54 +03:00
Ivan Dyachkov 5a9c368e9c fixed tags, image search 2020-10-15 10:51:15 +03:00
Vasilisa-L 688e85aefc chertovy testy, prohoditezz 2020-10-15 10:21:01 +03:00
OpalSec 762840ec25 Creation of Rules for Task 25 - Invoke-Obfuscation STDIN+ Launcher 2020-10-15 17:59:36 +11:00
OpalSec efe8773753 Create win_invoke_obfuscation_clip+.yml 2020-10-15 17:56:41 +11:00
Vasilisa-L d0b2c021ce attack.t1059.001 try 2 2020-10-14 16:57:58 +03:00
Ivan Dyachkov 24eb0b92be commented tags 2020-10-14 16:56:52 +03:00
Ivan Dyachkov f005a74c49 commented tags 2020-10-14 16:56:10 +03:00
Ivan Dyachkov f2f7216378 commented tags 2020-10-14 16:32:24 +03:00
Ivan Dyachkov a8d5ddd93d commented tags 2020-10-14 16:31:00 +03:00
Vasilisa-L b1aa50ebcd T1059.001 added 2020-10-14 16:27:46 +03:00
Ivan Dyachkov d58d55668f fixed tags 2020-10-14 16:00:50 +03:00
Ivan Dyachkov e50306f549 edited 2020-10-14 16:00:08 +03:00
Ivan Dyachkov b24bec6c6c delete diskshadow 2020-10-14 15:55:24 +03:00
Ivan Dyachkov 3f932e4252 #1014 2020-10-14 15:51:32 +03:00
Ivan Dyachkov fa55803545 fixed spaces and tabs 2020-10-14 13:33:27 +03:00
uncleP@sk 947fa79dd3 vsjitdebugger detection added 2020-10-14 13:29:25 +03:00
Ivan Dyachkov 22d5acde10 New rule 2020-10-14 13:28:41 +03:00
uncleP@sk 8fdca7853c te.exe LOLbin detection 2020-10-14 13:02:45 +03:00
Ivan Dyachkov cf9b040600 fixed description, tags 2020-10-14 12:08:22 +03:00
Ivan Dyachkov c0e70106fa Fixed att&ck, deleted commandline key "exec" (does not works without interactive mode so there is no commandline appear) 2020-10-14 10:15:06 +03:00
uncleP@sk 196debf0ad description + author fields fixed 2020-10-14 10:12:34 +03:00