security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9,404 Commits 1 Branch 57 Tags
ffc87968cfac542689aee001fc2fd39deefe67f8
Commit Graph

24 Commits

Author SHA1 Message Date
Florian Roth baa1dcd608 Merge pull request #2417 from stbe/imp_lsass_defender 
Added Defender to win_susp_lsass_dump_generic.yml
 2021-12-10 00:00:22 +01:00
stbe 44db55c4fd Refined definition of defender executable 2021-12-09 22:55:09 +01:00
frack113 e049058d14 Merge pull request #2415 from frack113/condition 
builtin/security simplified condition
 2021-12-09 16:24:24 +01:00
stbe 20f185f2b8 Added Defender to win_susp_lsass_dump_generic.yml 2021-12-09 13:57:09 +01:00
Florian Roth af2c6a0ecb Lower the level to "low" 
In case that some backends/scripts/tools don't respect the "deprecated" status
 2021-12-09 13:01:12 +01:00
frack113 62207b80ba Change to deprecated as too many FP 2021-12-09 09:34:08 +01:00
frack113 3ce9336e79 simplified condition 2021-12-08 20:12:57 +01:00
Florian Roth 157fa31f1b Merge pull request #2400 from redsand/fixing_errs_with_invoke_obfus 
Fixing errs with invoke obfus
 2021-12-08 14:49:42 +01:00
stbe 7566207026 Corrected filter field name in win_pass_the_hash.yml 2021-12-08 14:03:13 +01:00
stbe 88b5e1bd9e Corrected filter field name in win_pass_the_hash_2.yml 2021-12-08 13:49:18 +01:00
Tim Shelton 3bf8eb6aff reverting modified date, batch 2 2021-12-07 17:55:52 +00:00
Tim Shelton d79a0e029b reverting modified date, batch 1 2021-12-07 17:53:50 +00:00
Tim Shelton c9e08884f6 updating date 2021-12-07 16:27:01 +00:00
Tim Shelton aa16afd09c updating date 2021-12-07 16:26:38 +00:00
Tim Shelton 3fa1624b68 order matters... need to use most intensive match last 2021-12-07 16:11:42 +00:00
Tim Shelton fddf423878 order matters... need to use most intensive match last 2021-12-07 16:10:33 +00:00
Tim Shelton 3873872381 order matters... need to use most intensive match last 2021-12-07 16:09:35 +00:00
Tim Shelton 8f20846524 order matters... need to use most intensive match last 2021-12-07 16:08:37 +00:00
Tim Shelton f31b3865ae order matters... need to use most intensive match last 2021-12-07 16:07:18 +00:00
Tim Shelton 8086c3446f order matters... need to use most intensive match last 2021-12-07 16:04:21 +00:00
Tim Shelton 9122b3c881 order matters... need to use most intensive match last 2021-12-07 16:03:09 +00:00
Tim Shelton 3fcda9704e order matters... need to use most intensive match last 2021-12-07 16:01:28 +00:00
Tim Shelton 31be528fa0 adding sql\query to name pipe list 2021-12-06 22:27:57 +00:00
frack113 e215f4606b Order rules 2021-12-04 10:07:07 +01:00