blue-team-tools

Files

T

$frack113$ frack113 a2e818ddca Merge pull request #3785 from veramine/patch-4

Add System to list of built-in Windows processes with no extension

2022-12-14 16:06:48 +01:00

builtin

fix: more fp found in testing and enhance fp metadata

2022-12-13 11:25:23 +01:00

create_remote_thread

fix: FP with NVIDIA driver installation

2022-12-14 13:21:54 +01:00

create_stream_hash

Merge pull request #3757 from SigmaHQ/aurora-false-positive-fixing

2022-12-05 18:54:31 +01:00

dns_query

Update title (#3734 )

2022-11-29 07:36:45 +01:00

driver_load

fix: fix empty field in selection

2022-11-30 00:57:38 +01:00

file

fix: add modified date

2022-12-09 19:24:44 +01:00

image_load

docs: explanation for filter

2022-12-14 13:08:10 +01:00

network_connection

fix: broken single item lists

2022-12-08 16:23:58 +01:00

pipe_created

refactor: remove unnesessary escape.

2022-12-03 21:56:00 +09:00

powershell

Merge pull request #3783 from nasbench/nasbench-rule-devel

2022-12-14 13:19:46 +01:00

process_access

fix: missing modified date update

2022-12-05 19:58:10 +01:00

process_creation

Merge pull request #3785 from veramine/patch-4

2022-12-14 16:06:48 +01:00

raw_access_thread

feat: enhance duplicate test (#3736 )

2022-11-29 13:47:09 +01:00

registry

fix: list with one element issue

2022-12-14 13:23:28 +01:00

sysmon

Update Title (#3731 )

2022-11-27 19:19:27 +01:00

wmi_event

Order yaml field

2022-10-25 12:00:56 +02:00