blue-team-tools

Files

T

$frack113$ frack113 03ec08f933 Add Sysmon 28-29 rules

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>

2023-07-20 12:38:11 +02:00

builtin

feat: new rules & updates (#4328 )

2023-07-13 10:01:05 +02:00

create_remote_thread

Merge branch 'master' into master

2023-07-13 11:07:45 +02:00

create_stream_hash

fix: fp found in testing

2023-06-14 00:23:28 +02:00

dns_query

feat: typo fix and remote access software rule update (#4313 )

2023-06-15 11:18:20 +02:00

driver_load

feat: new rules, updates and goofy guineapig stuff (#4229 )

2023-05-15 15:53:39 +02:00

file

chore: update metadata

2023-07-13 23:30:16 +02:00

image_load

feat: new rules & updates (#4328 )

2023-07-13 10:01:05 +02:00

network_connection

fix: typo

2023-07-17 13:57:27 +02:00

pipe_created

fix:F multiple 404 links in references (#4332 )

2023-06-26 10:10:04 +01:00

powershell

feat: add rules related to pwsh set-acl cmdlet usage (#4352 )

2023-07-20 11:08:44 +02:00

process_access

fix:F multiple 404 links in references (#4332 )

2023-06-26 10:10:04 +01:00

process_creation

feat: add rules related to pwsh set-acl cmdlet usage (#4352 )

2023-07-20 11:08:44 +02:00

raw_access_thread

feat: new rules, updates and goofy guineapig stuff (#4229 )

2023-05-15 15:53:39 +02:00

registry

feat: new rules & updates (#4328 )

2023-07-13 10:01:05 +02:00

sysmon

Add Sysmon 28-29 rules

2023-07-20 12:38:11 +02:00

wmi_event

chore: add nextron authors tag

2023-02-01 11:14:59 +01:00