security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1c0c29f45f554d65d30a1dfbf8fd9cb77c192546
blue-team-tools/tests/test-windash-all.yml
T
Thomas Patzke 9ee0d29d68 Windash modifier
2022-05-02 00:38:21 +02:00

10 lines
229 B
YAML
Raw Blame History

title: Testrule
logsource:
category: process_creation
product: windows
detection:
selection:
CommandLine|windash|contains|all:
- -foo-1 -bar-2 -bla-3
- -foo-bar
condition: selection
Reference in New Issue View Git Blame Copy Permalink