security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
22628faaf03e0a8d887bc06189edc50a532a9e37
blue-team-tools/rules/windows/powershell/powershell_classic
T
History
Nasreddine Bencherchali 715cc0589c Merge pull request #4232 from swachchhanda000/master 
feat: extended coverage of existing defender tampering rules
2023-06-05 13:26:03 +02:00
..
posh_pc_abuse_nslookup_with_dns_records.yml
feat: add co-author to posh_pc_abuse_nslookup_with_dns_records.yml (#4079)
2023-02-27 12:16:55 +01:00
posh_pc_alternate_powershell_hosts.yml
Add Powershell FP
2023-04-12 07:46:36 +02:00
posh_pc_delete_volume_shadow_copies.yml
Order yaml field
2022-10-26 09:43:39 +02:00
posh_pc_downgrade_attack.yml
chore: add nextron authors tag
2023-02-01 11:14:59 +01:00
posh_pc_exe_calling_ps.yml
chore: add nextron authors tag
2023-02-01 11:14:59 +01:00
posh_pc_powercat.yml
Promotion rules (#3821)
2022-12-27 12:29:10 +01:00
posh_pc_remote_powershell_session.yml
fix: resolves #4015
2023-02-07 14:33:56 +01:00
posh_pc_remotefxvgpudisablement_abuse.yml
feat: new rules, updates and goofy guineapig stuff (#4229)
2023-05-15 15:53:39 +02:00
posh_pc_renamed_powershell.yml
Order yaml field
2022-10-26 09:43:39 +02:00
posh_pc_susp_download.yml
chore: add nextron authors tag
2023-02-01 11:14:59 +01:00
posh_pc_susp_get_nettcpconnection.yml
Promotion rules (#3821)
2022-12-27 12:29:10 +01:00
posh_pc_susp_zip_compress.yml
Update title (#3746)
2022-12-02 18:10:43 +01:00
posh_pc_tamper_windows_defender_set_mp.yml
fix: wording
2023-06-05 13:09:30 +02:00
posh_pc_wsman_com_provider_no_powershell.yml
old experimental rule promotion
2022-10-09 16:54:04 +02:00
posh_pc_xor_commandline.yml
Update title (#3746)
2022-12-02 18:10:43 +01:00