security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,511 Commits 1 Branch 57 Tags
e91fc4486e57fc40e30d12253694de4c80a9e4ea
Commit Graph

6187 Commits

Author SHA1 Message Date
Sander 0c718d5ce7 Created Win Regedit import rules 2020-10-15 18:14:56 +02:00
Sander 72162125e9 Created Win Regedit export rules 2020-10-15 18:14:25 +02:00
Vasiliy Burov 1b0d4e546f Create powershell_cmdline_special_characters.yml 2020-10-15 19:04:22 +03:00
Наталья Шорникова aa1824838f Adding win_manage-bde_lolbas.yml Rule 2020-10-15 17:59:43 +03:00
Наталья Шорникова ef8f5e626f Adding powershell_CL_Mutexverifiers_LOLScript.yml Rule 2020-10-15 17:55:11 +03:00
Наталья Шорникова c3c71a7476 Adding win_CL_Mutexverifiers_LOLScript.yml Rule 2020-10-15 17:51:44 +03:00
Наталья Шорникова e8f21bc094 Adding powershell_CL_Invocation_LOLScript.yml Rule 2020-10-15 17:41:52 +03:00
Наталья Шорникова be67acd52d Adding win_CL_Invocation_LOLScript.yml Rule 2020-10-15 17:36:18 +03:00
Наталья Шорникова 2f843482e3 Adding sysmon_wab_dllpath_reg_change.yml Rule 2020-10-15 17:28:24 +03:00
S.kiran kumar 61ded7e0d7 Update silenttrinity_stager_msbuild_activity.yml 2020-10-15 19:22:41 +05:30
S.kiran kumar 0cb340a718 Update silenttrinity_stager_msbuild_activity.yml 2020-10-15 19:00:24 +05:30
Sander a8b31dfa5e Fixed field typo 2020-10-15 15:27:11 +02:00
S.kiran kumar b1b77c15ad Update silenttrinity_stager_msbuild_activity.yml 2020-10-15 18:50:24 +05:30
Jonhnathan 8f6ad7df6b Update win_etw_trace_evasion.yml 2020-10-15 09:22:13 -03:00
omkargudhate22 ecdb0b4997 adding slashes 2020-10-15 17:51:21 +05:30
Sander 02d49c091a Created rule regedit export to ads 2020-10-15 14:20:15 +02:00
Ivan Dyachkov 787c87e032 added backslash for image search 2020-10-15 14:01:30 +03:00
OpalSec ffbcb402e3 Creation of Rules for Task 24 - Invoke-Obfuscation VAR+ Launcher 2020-10-15 21:36:27 +11:00
Ivan Dyachkov f79342cc59 fixed image search 2020-10-15 13:21:06 +03:00
GlebSukhodolskiy dd712b0c0e Updated Reference and Detection 2020-10-15 12:35:14 +03:00
GlebSukhodolskiy 7ca50c94f2 Reference changed 2020-10-15 12:12:22 +03:00
uncleP@sk 0018b66e7d The author field escape char added 2020-10-15 11:55:57 +03:00
uncleP@sk 0e8c92a864 The author field escape char added 2020-10-15 11:54:11 +03:00
uncleP@sk 7269114e5d The author field escape char added 2020-10-15 11:52:18 +03:00
uncleP@sk 3a3079789a The author field escape char added 2020-10-15 11:50:56 +03:00
Ivan Dyachkov cf399927e1 uncommented tags 2020-10-15 10:52:54 +03:00
Ivan Dyachkov 5a9c368e9c fixed tags, image search 2020-10-15 10:51:15 +03:00
Vasilisa-L 688e85aefc chertovy testy, prohoditezz 2020-10-15 10:21:01 +03:00
OpalSec 762840ec25 Creation of Rules for Task 25 - Invoke-Obfuscation STDIN+ Launcher 2020-10-15 17:59:36 +11:00
OpalSec efe8773753 Create win_invoke_obfuscation_clip+.yml 2020-10-15 17:56:41 +11:00
OpalSec 109fb4f493 Create win_invoke_obfuscation_clip+_services.yml 2020-10-15 17:53:16 +11:00
OpalSec df7bd91ffb Create powershell_invoke_obfuscation_clip+.yml 2020-10-15 17:50:27 +11:00
invrep-de 3be21d5478 Some minor formatting updates; 
Formatting updates;
 2020-10-14 16:55:52 -04:00
invrep-de 8f28c16d6e Some further updates to fix spacing; 
Some further updates to fix spacing;
 2020-10-14 15:42:19 -04:00
invrep-de 637065fd97 Some minor updates to address spacing; 
Some further minor updates to address spacing;
 2020-10-14 15:41:31 -04:00
invrep-de 2672b10808 Some minor restructuring to incorporate the feedback from the oscd team; 
Some minor restructuring to incorporate the feedback from the oscd team;
 2020-10-14 15:37:15 -04:00
uchakin a7e5b0ac40 Some fixes for rules 2020-10-14 19:06:59 +03:00
S.kiran kumar 20a54d86b1 Update silenttrinity_stager_msbuild_activity.yml 2020-10-14 19:49:39 +05:30
omkargudhate22 2e2b2c2393 removed backslash 2020-10-14 19:44:31 +05:30
Vasilisa-L d0b2c021ce attack.t1059.001 try 2 2020-10-14 16:57:58 +03:00
Ivan Dyachkov 24eb0b92be commented tags 2020-10-14 16:56:52 +03:00
Ivan Dyachkov f005a74c49 commented tags 2020-10-14 16:56:10 +03:00
Ivan Dyachkov f2f7216378 commented tags 2020-10-14 16:32:24 +03:00
Ivan Dyachkov a8d5ddd93d commented tags 2020-10-14 16:31:00 +03:00
Vasilisa-L b1aa50ebcd T1059.001 added 2020-10-14 16:27:46 +03:00
omkargudhate22 2e52cb7f86 Update sysmon_susp_script_dotnet_clr_dll_load.yml 2020-10-14 18:47:25 +05:30
Ivan Dyachkov d58d55668f fixed tags 2020-10-14 16:00:50 +03:00
Ivan Dyachkov e50306f549 edited 2020-10-14 16:00:08 +03:00
Ivan Dyachkov b24bec6c6c delete diskshadow 2020-10-14 15:55:24 +03:00
Ivan Dyachkov 3f932e4252 #1014 2020-10-14 15:51:32 +03:00