blue-team-tools/rules/windows/builtin/application at 2a6c27b7b5f9f6bbf9ffd05e9e7a67d4e9ca09e8 - blue-team-tools - GreySec Git

security-tools/blue-team-tools

Files

T

History

Wagga 2e1467aa59 Update win_mssql_disable_audit_settings.yml

2022-08-29 07:29:50 +02:00

..

win_audit_cve.yml

Order rules

2021-12-04 10:07:07 +01:00

win_av_relevant_match.yml

fix: missing modified date mod

2022-05-16 17:24:26 +02:00

win_builtin_remove_application.yml

Add windows redcannary rules

2022-01-28 16:12:38 +01:00

win_esent_ntdsutil_abuse_susp_location.yml

Fix typo

2022-08-15 12:46:59 +01:00

win_esent_ntdsutil_abuse.yml

Fix typo

2022-08-15 12:46:59 +01:00

win_mssql_add_sysadmin_account.yml

New Rules + Update

2022-07-14 17:35:50 +01:00

win_mssql_disable_audit_settings.yml

Update win_mssql_disable_audit_settings.yml

2022-08-29 07:29:50 +02:00

win_mssql_sp_procoption_set.yml

New Rules + Update

2022-07-14 17:35:50 +01:00

win_mssql_xp_cmdshell_audit_log.yml

Fix Error in logsource

2022-07-12 16:50:08 +01:00

win_mssql_xp_cmdshell_change.yml

Fix Error in logsource

2022-07-12 16:50:08 +01:00

win_software_atera_rmm_agent_install.yml

Order rules

2021-12-04 10:07:07 +01:00

win_susp_backup_delete.yml

remove invalid tag

2022-01-19 18:23:30 +01:00

win_susp_msmpeng_crash.yml

Change keywords to Data

2022-07-12 19:20:43 +02:00

win_vul_cve_2020_0688.yml

Update selections and indentation

2022-07-07 20:13:45 +01:00

win_vul_cve_2021_41379.yml

Change keywords to Data

2022-07-12 19:20:43 +02:00