blue-team-tools

Author	SHA1	Message	Date
svch0stz	3ec531979a	Update proc_creation_win_webshell_spawn.yml Example pulled from manage engine below: Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe ParentImage: C:\Program Files\ManageEngine\SupportCenterPlus\jre\bin\java.exe ParentCommandline: "..\jre\bin\java" -Dcatalina.home=.. -Dserver.home=.. -Dserver.stats=1000 <snip>	2022-05-15 14:57:21 +10:00
phantinuss	f1dcaa02f4	fix: single list element	2022-03-21 12:33:55 +01:00
Florian Roth	e754849425	fix: missing space	2022-03-18 08:37:09 +01:00
Florian Roth	8250dd73a2	refactor: webshell detection rules	2022-03-17 18:24:15 +01:00
$frack113$ frack113	8bb3379b68	Normalization of rule names	2022-02-22 11:16:31 +01:00