security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8f8ce06ffb8d8fd3433dbffebccd33ec9d23e51a
blue-team-tools/rules/windows/builtin/application/esent
T
History
Nasreddine Bencherchali 52e39113b9 Merge PR #4503 from @nasbench - Multiple Updates & Fixes 
fix: Suspicious Sysmon as Execution Parent - Typo and restructure
update: Antivirus PrinterNightmare CVE-2021-34527 Exploit Detection
update: Antivirus Relevant File Paths Alerts
update: Dump Ntds.dit To Suspicious Location
update: MSI Installation From Suspicious Locations
update: PowerShell Profile Modification - Reduce rule level to medium
update: Obfuscated IP Download Activity

---------

Co-authored-by: frack113 <62423083+frack113@users.noreply.github.com>
2023-10-28 12:55:32 +02:00
..
win_esent_ntdsutil_abuse_susp_location.yml
Merge PR #4503 from @nasbench - Multiple Updates & Fixes
2023-10-28 12:55:32 +02:00
win_esent_ntdsutil_abuse.yml
Merge PR #4479 From @frack113 - Upgrade Rules Status
2023-10-17 14:35:26 +02:00