 frack113
|
da839775fe
|
Update PS rules
|
2021-08-21 09:50:59 +02:00 |
|
|
frack113
|
f040725dd8
|
fix EventID: 4104 ScriptBlockText
|
2021-08-04 14:49:50 +02:00 |
|
|
Thomas Patzke
|
90efe974b8
|
Fixes and improvements
|
2021-04-03 00:08:55 +02:00 |
|
|
Nikita Nazarov
|
31095033ab
|
Update powershell_invoke_obfuscation_via_use_rundll32.yml
|
2020-10-09 16:25:59 +03:00 |
|
|
Nikita Nazarov
|
80a3a6c048
|
Update powershell_invoke_obfuscation_via_use_rundll32.yml
|
2020-10-08 17:52:01 +03:00 |
|
|
Nikita Nazarov
|
b4377ed632
|
Update powershell_invoke_obfuscation_via_use_rundll32.yml
|
2020-10-08 17:45:07 +03:00 |
|
|
Nikita Nazarov
|
3ba4eeac7b
|
Update powershell_invoke_obfuscation_via_use_rundll32.yml
|
2020-10-08 17:36:20 +03:00 |
|
|
Nikita P. Nazarov
|
2db2ab30c4
|
Detects Obfuscated Powershell via use Rundll32 in Scripts
|
2020-10-08 17:08:43 +03:00 |
|