security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,511 Commits 1 Branch 57 Tags
e91fc4486e57fc40e30d12253694de4c80a9e4ea
Commit Graph

10511 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jonhnathan 9f4bbb7e65 Update win_webshell_detection.yml 2020-11-28 13:35:50 -03:00
yugoslavskiy bcf62fba72 Update win_susp_ps_appdata.yml 2020-11-28 17:34:34 +01:00
yugoslavskiy 2ed4b26291 Update win_susp_procdump.yml 2020-11-28 17:33:02 +01:00
Jonhnathan 0d0f58c830 Update win_system_exe_anomaly.yml 2020-11-28 13:32:44 -03:00
yugoslavskiy a3e436363e Update win_susp_powershell_parent_combo.yml 2020-11-28 17:31:37 +01:00
Jonhnathan c9b5ba10f8 Update win_susp_wmi_execution.yml 2020-11-28 13:30:34 -03:00
yugoslavskiy c01c05b826 Update win_susp_powershell_enc_cmd.yml 2020-11-28 17:29:15 +01:00
Jonhnathan f6117eebc7 Update win_susp_sysvol_access.yml 2020-11-28 13:27:28 -03:00
Jonhnathan 88b4d4c4e5 Update win_susp_sysvol_access.yml 2020-11-28 13:26:22 -03:00
yugoslavskiy 66a504078b Update win_susp_ping_hex_ip.yml 2020-11-28 17:25:52 +01:00
Jonhnathan 7aa831eac3 Remove additional backslash 2020-11-28 13:25:28 -03:00
Jonhnathan 0357472635 Update win_susp_squirrel_lolbin.yml 2020-11-28 13:24:38 -03:00
Jonhnathan f70bd415a3 Update win_susp_run_locations.yml 2020-11-28 13:21:04 -03:00
Jonhnathan 5cbefe3737 Update win_susp_regsvr32_anomalies.yml 2020-11-28 13:18:38 -03:00
Jonhnathan e99f63f811 Update win_susp_ps_appdata.yml 2020-11-28 13:15:24 -03:00
Jonhnathan fc842c22b2 Update win_susp_prog_location_process_starts.yml 2020-11-28 13:11:15 -03:00
Jonhnathan a78eb61d92 Remove additional backslash 2020-11-28 13:08:51 -03:00
Jonhnathan 27f47a8ffc Update win_susp_procdump.yml 2020-11-28 13:08:21 -03:00
Jonhnathan b61707e7f3 Remove additional backslash 2020-11-28 13:07:06 -03:00
Jonhnathan c9461506f2 Update win_susp_powershell_enc_cmd.yml 2020-11-28 13:06:10 -03:00
Jonhnathan 2364e9870d Update win_susp_powershell_enc_cmd.yml 2020-11-28 13:05:47 -03:00
Jonhnathan f4f8174199 Update win_susp_powershell_enc_cmd.yml 2020-11-28 13:04:36 -03:00
Jonhnathan 53e1201bea Update win_susp_ping_hex_ip.yml 2020-11-28 13:01:42 -03:00
Jonhnathan b24945999e Update win_susp_ping_hex_ip.yml 2020-11-28 13:01:24 -03:00
Jonhnathan 1c56dc463a Remove additional backslash 2020-11-28 12:38:19 -03:00
Jonhnathan 198bdb9659 Remove Additional backslash 2020-11-28 12:34:06 -03:00
Jonhnathan 63adc6fc09 Update win_susp_direct_asep_reg_keys_modification.yml 2020-11-28 12:32:35 -03:00
Jonhnathan 3481b0dd9e Update win_susp_curl_start_combo.yml 2020-11-28 12:31:55 -03:00
yugoslavskiy 245a0d3438 Update win_susp_outlook.yml 2020-11-28 13:34:57 +01:00
yugoslavskiy 36299f5139 Update win_susp_net_execution.yml 2020-11-28 13:33:30 +01:00
yugoslavskiy 501791945f Update win_susp_msiexec_web_install.yml 2020-11-28 13:32:01 +01:00
yugoslavskiy 8293fd8e5b Update win_susp_iss_module_install.yml 2020-11-28 13:30:27 +01:00
yugoslavskiy 1896a45572 Update win_susp_ntdsutil.yml 2020-11-28 13:28:00 +01:00
Jonhnathan 4411fc5b0e Update win_susp_commands_recon_activity.yml 2020-11-28 09:14:56 -03:00
Jonhnathan 2bf4644b48 Update win_renamed_paexec.yml 2020-11-28 09:08:48 -03:00
Jonhnathan 4e59fc0dfd Update win_renamed_binary_highly_relevant.yml 2020-11-28 09:08:09 -03:00
yugoslavskiy 4354303174 Update win_susp_execution_path.yml 2020-11-28 13:07:22 +01:00
yugoslavskiy 77cf5d2563 Update win_susp_exec_folder.yml 2020-11-28 13:04:05 +01:00
yugoslavskiy 201377fa29 Update win_susp_csc_folder.yml 2020-11-28 13:01:03 +01:00
yugoslavskiy c4a35036a0 Update win_susp_csc.yml 2020-11-28 12:54:18 +01:00
yugoslavskiy 5d7f42a4a6 Update win_susp_crackmapexec_execution.yml 2020-11-28 12:53:00 +01:00
yugoslavskiy 38e7853891 Update win_susp_copy_lateral_movement.yml 2020-11-28 12:44:54 +01:00
yugoslavskiy 34e64a6570 Update win_susp_codepage_switch.yml 2020-11-28 12:42:27 +01:00
yugoslavskiy 5278fcd476 Update win_susp_cmd_http_appdata.yml 2020-11-28 12:34:28 +01:00
yugoslavskiy fd102c1b5f Update win_susp_certutil_encode.yml 2020-11-28 12:31:40 +01:00
yugoslavskiy 68365f29c2 Update win_susp_certutil_command.yml 2020-11-28 12:29:30 +01:00
yugoslavskiy c9596d7e30 Update win_susp_adfind.yml 2020-11-28 12:11:53 +01:00
yugoslavskiy 331a177f69 Update win_proc_wrong_parent.yml 2020-11-28 12:10:37 +01:00
yugoslavskiy dbb054777a Update win_plugx_susp_exe_locations.yml 2020-11-28 12:02:16 +01:00
yugoslavskiy 0fdd8e7128 Update win_netsh_port_fwd_3389.yml 2020-11-28 11:32:35 +01:00