blue-team-tools

Author	SHA1	Message	Date
$frack113$ frack113	a1b0dfc0cd	Correct cast-sensitive Key "DestinationIp"	2021-05-11 10:49:10 +02:00
Jonhnathan	f6a89e9707	Fix Detection Logic	2020-11-20 00:51:22 -03:00
Jonhnathan	bbf0210f70	Update sysmon_rdp_reverse_tunnel.yml	2020-10-15 16:23:17 -03:00
aw350m3	399f378269	att&ck tags review: windows/powershell, windows/process_access, windows/network_connection	2020-08-24 23:31:26 +00:00
aw350m3	4cdd8be354	Old ID’s marked with comment “an old one”. These ID’s have to be removed in future.	2020-08-23 02:20:58 +00:00
aw350m3	80deaf84ca	windows/network_connection folder reviewed	2020-08-22 23:36:30 +00:00
Florian Roth	f3fedef8f5	Changed category names and remove sysmon log source	2020-06-24 17:41:21 +02:00
Steven Goossens	e5f36dd146	Added rules files split into folders	2020-06-10 16:32:30 +02:00