This website requires JavaScript.
Explore
Help
Sign In
security-tools
/
blue-team-tools
Watch
1
Star
0
Fork
0
You've already forked blue-team-tools
Code
Issues
Pull Requests
Actions
Packages
Projects
Releases
Wiki
Activity
Files
2a76c469e0b4ec8a2b8cd90a75cb5cd75ede5eaa
blue-team-tools
/
rules
/
windows
/
sysmon
T
History
Austin Songer
1ea9aab455
Update Monitor_Office_Applications_from_proxy_executing_regsvr32_with_payload.yml
2021-09-10 09:44:31 -05:00
..
Monitor_executable_and_script_files_creation_by_Office_applications_using_file_extentions.yml
Update Monitor_executable_and_script_files_creation_by_Office_applications_using_file_extentions.yml
2021-09-10 09:43:24 -05:00
Monitor_Office_Applications_from_proxy_executing_regsvr32_with_payload.yml
Update Monitor_Office_Applications_from_proxy_executing_regsvr32_with_payload.yml
2021-09-10 09:44:31 -05:00
Office_Applications_Spawning_WMI_command-line.yml
Resolved more issues from last commit as per comments
2021-09-09 21:35:21 -06:00
sysmon_accessing_winapi_in_powershell_credentials_dumping.yml
Merge branch 'master' into falsepositives_NOT_a_list
2021-05-27 10:23:19 +02:00
sysmon_config_modification_error.yml
Split global rules
2021-09-07 13:30:32 +02:00
sysmon_config_modification_status.yml
Split global rules
2021-09-07 13:30:32 +02:00
sysmon_dcom_iertutil_dll_hijack.yml
Updated rules with modifiers instead of '*' and remove trailing '\\'
2021-06-27 14:51:29 +02:00
Austin Songer