Lurkkeli 30fc4bd030 powershell xor commandline ...

New rule to detect -bxor usage in a powershell commandline.

2018-09-05 09:21:15 +02:00

..

powershell_downgrade_attack.yml

Tagged windows powershell, other and malware rules.

2018-07-24 10:56:41 +02:00

powershell_exe_calling_ps.yml

Tagged windows powershell, other and malware rules.

2018-07-24 10:56:41 +02:00

powershell_malicious_commandlets.yml

Tagged windows powershell, other and malware rules.

2018-07-24 10:56:41 +02:00

powershell_malicious_keywords.yml

Tagged windows powershell, other and malware rules.

2018-07-24 10:56:41 +02:00

powershell_NTFS_Alternate_Data_Streams

Added quotation marks

2018-07-26 18:10:21 +02:00

powershell_prompt_credentials.yml

Tagged windows powershell, other and malware rules.

2018-07-24 10:56:41 +02:00

powershell_psattack.yml

Tagged windows powershell, other and malware rules.

2018-07-24 10:56:41 +02:00

powershell_suspicious_download.yml

Tagged windows powershell, other and malware rules.

2018-07-24 10:56:41 +02:00

powershell_suspicious_invocation_generic.yml

Tagged windows powershell, other and malware rules.

2018-07-24 10:56:41 +02:00

powershell_suspicious_invocation_specific.yml

Tagged windows powershell, other and malware rules.

2018-07-24 10:56:41 +02:00

powershell_xor_commandline.yml

powershell xor commandline

2018-09-05 09:21:15 +02:00