 Jonhnathan
|
777e49b76c
|
Update win_av_relevant_match.yml
|
2020-10-15 15:17:33 -03:00 |
|
|
Jonhnathan
|
b555628321
|
Update win_atsvc_task.yml
|
2020-10-15 15:15:01 -03:00 |
|
|
Jonhnathan
|
44735049b6
|
Update win_apt_stonedrill.yml
|
2020-10-15 15:14:27 -03:00 |
|
|
Jonhnathan
|
02a1ab4033
|
Update win_alert_mimikatz_keywords.yml
|
2020-10-15 15:11:10 -03:00 |
|
|
Jonhnathan
|
26b442ec48
|
Update win_alert_lsass_access.yml
Getting rid of '*' use
|
2020-10-15 15:09:35 -03:00 |
|
|
Jonhnathan
|
79c2b8d570
|
Update win_GPO_scheduledtasks.yml
Getting rid of '*' use
|
2020-10-15 15:07:16 -03:00 |
|
|
Jonhnathan
|
4aa96a2ac9
|
Update win_alert_enable_weak_encryption.yml
|
2020-10-15 15:05:49 -03:00 |
|
|
Jonhnathan
|
5765573907
|
Update win_alert_active_directory_user_control.yml
Getting rid of '*' use
|
2020-10-15 15:04:08 -03:00 |
|
|
Jonhnathan
|
1c06c9e166
|
Update win_admin_share_access.yml
Getting rid of '*' use
|
2020-10-15 15:03:31 -03:00 |
|
|
Jonhnathan
|
085dc21d25
|
Update win_admin_rdp_login.yml
Getting rid of '*' use
|
2020-10-15 15:02:40 -03:00 |
|
|
Jonhnathan
|
9c7a23e432
|
Update win_account_discovery.yml
Getting rid of '*' use
|
2020-10-15 15:01:31 -03:00 |
|
|
Jonhnathan
|
fdd9234acc
|
Revert "Create win_susp_replace_lolbin.yml"
This reverts commit e6a6549676.
|
2020-10-15 14:57:18 -03:00 |
|
|
Jonhnathan
|
17e7eee3a6
|
Revert "Changed the rule to download only and not the copy"
This reverts commit 1324bc1ad1.
|
2020-10-15 14:57:14 -03:00 |
|
|
Vasiliy Burov
|
ea1a288cc8
|
Update powershell_cmdline_special_characters.yml
|
2020-10-15 20:55:12 +03:00 |
|
|
Vasiliy Burov
|
2657a0219c
|
Update powershell_cmdline_special_characters.yml
|
2020-10-15 20:33:56 +03:00 |
|
|
Vasiliy Burov
|
d27574ce08
|
Update powershell_cmdline_special_characters.yml
|
2020-10-15 20:07:59 +03:00 |
|
|
Vasiliy Burov
|
1838aac682
|
Update powershell_cmdline_special_characters.yml
|
2020-10-15 20:04:49 +03:00 |
|
|
Vasiliy Burov
|
fa7036430e
|
Update powershell_cmdline_special_characters.yml
|
2020-10-15 19:39:24 +03:00 |
|
|
GlebSukhodolskiy
|
9a9c189de7
|
Removed Duplicated Keys
|
2020-10-15 19:26:38 +03:00 |
|
|
S.kiran kumar
|
26af11985a
|
Update silenttrinity_stager_msbuild_activity.yml
|
2020-10-15 21:50:34 +05:30 |
|
|
Sander
|
0c718d5ce7
|
Created Win Regedit import rules
|
2020-10-15 18:14:56 +02:00 |
|
|
Sander
|
72162125e9
|
Created Win Regedit export rules
|
2020-10-15 18:14:25 +02:00 |
|
|
Vasiliy Burov
|
1b0d4e546f
|
Create powershell_cmdline_special_characters.yml
|
2020-10-15 19:04:22 +03:00 |
|
|
Наталья Шорникова
|
aa1824838f
|
Adding win_manage-bde_lolbas.yml Rule
|
2020-10-15 17:59:43 +03:00 |
|
|
Наталья Шорникова
|
ef8f5e626f
|
Adding powershell_CL_Mutexverifiers_LOLScript.yml Rule
|
2020-10-15 17:55:11 +03:00 |
|
|
Наталья Шорникова
|
c3c71a7476
|
Adding win_CL_Mutexverifiers_LOLScript.yml Rule
|
2020-10-15 17:51:44 +03:00 |
|
|
Наталья Шорникова
|
e8f21bc094
|
Adding powershell_CL_Invocation_LOLScript.yml Rule
|
2020-10-15 17:41:52 +03:00 |
|
|
Наталья Шорникова
|
be67acd52d
|
Adding win_CL_Invocation_LOLScript.yml Rule
|
2020-10-15 17:36:18 +03:00 |
|
|
Наталья Шорникова
|
2f843482e3
|
Adding sysmon_wab_dllpath_reg_change.yml Rule
|
2020-10-15 17:28:24 +03:00 |
|
|
S.kiran kumar
|
61ded7e0d7
|
Update silenttrinity_stager_msbuild_activity.yml
|
2020-10-15 19:22:41 +05:30 |
|
|
S.kiran kumar
|
0cb340a718
|
Update silenttrinity_stager_msbuild_activity.yml
|
2020-10-15 19:00:24 +05:30 |
|
|
Sander
|
a8b31dfa5e
|
Fixed field typo
|
2020-10-15 15:27:11 +02:00 |
|
|
S.kiran kumar
|
b1b77c15ad
|
Update silenttrinity_stager_msbuild_activity.yml
|
2020-10-15 18:50:24 +05:30 |
|
|
Jonhnathan
|
8f6ad7df6b
|
Update win_etw_trace_evasion.yml
|
2020-10-15 09:22:13 -03:00 |
|
|
omkargudhate22
|
ecdb0b4997
|
adding slashes
|
2020-10-15 17:51:21 +05:30 |
|
|
Sander
|
02d49c091a
|
Created rule regedit export to ads
|
2020-10-15 14:20:15 +02:00 |
|
|
Ivan Dyachkov
|
787c87e032
|
added backslash for image search
|
2020-10-15 14:01:30 +03:00 |
|
|
OpalSec
|
ffbcb402e3
|
Creation of Rules for Task 24 - Invoke-Obfuscation VAR+ Launcher
|
2020-10-15 21:36:27 +11:00 |
|
|
Ivan Dyachkov
|
f79342cc59
|
fixed image search
|
2020-10-15 13:21:06 +03:00 |
|
|
GlebSukhodolskiy
|
dd712b0c0e
|
Updated Reference and Detection
|
2020-10-15 12:35:14 +03:00 |
|
|
GlebSukhodolskiy
|
7ca50c94f2
|
Reference changed
|
2020-10-15 12:12:22 +03:00 |
|
|
uncleP@sk
|
0018b66e7d
|
The author field escape char added
|
2020-10-15 11:55:57 +03:00 |
|
|
uncleP@sk
|
0e8c92a864
|
The author field escape char added
|
2020-10-15 11:54:11 +03:00 |
|
|
uncleP@sk
|
7269114e5d
|
The author field escape char added
|
2020-10-15 11:52:18 +03:00 |
|
|
uncleP@sk
|
3a3079789a
|
The author field escape char added
|
2020-10-15 11:50:56 +03:00 |
|
|
Ivan Dyachkov
|
cf399927e1
|
uncommented tags
|
2020-10-15 10:52:54 +03:00 |
|
|
Ivan Dyachkov
|
5a9c368e9c
|
fixed tags, image search
|
2020-10-15 10:51:15 +03:00 |
|
|
Vasilisa-L
|
688e85aefc
|
chertovy testy, prohoditezz
|
2020-10-15 10:21:01 +03:00 |
|
|
OpalSec
|
762840ec25
|
Creation of Rules for Task 25 - Invoke-Obfuscation STDIN+ Launcher
|
2020-10-15 17:59:36 +11:00 |
|
|
OpalSec
|
efe8773753
|
Create win_invoke_obfuscation_clip+.yml
|
2020-10-15 17:56:41 +11:00 |
|