security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a7a4bce9b809b544cb2e28ab34fb439d0d7037df
blue-team-tools/rules/macos/process_creation
T
History
Nasreddine Bencherchali 0795ed6469 feat: additional updates and fixes
2023-02-04 21:06:47 +01:00
..
proc_creation_macos_applescript.yml
Update from review
2023-02-01 18:30:45 +01:00
proc_creation_macos_base64_decode.yml
proc_creation_macos_binary_padding.yml
proc_creation_macos_change_file_time_attr.yml
feat: updates multiple mitre tech/sub-tech/tactics (#3913)
2023-01-12 17:04:38 +01:00
proc_creation_macos_clear_system_logs.yml
proc_creation_macos_clipboard_data_via_osascript.yml
New Rule for T1115 macOS (#3988)
2023-01-31 14:32:08 +01:00
proc_creation_macos_create_account.yml
proc_creation_macos_create_hidden_account.yml
proc_creation_macos_creds_from_keychain.yml
chore: add nextron authors tag
2023-02-01 11:14:59 +01:00
proc_creation_macos_disable_security_tools.yml
proc_creation_macos_file_and_directory_discovery.yml
proc_creation_macos_find_cred_in_files.yml
proc_creation_macos_gui_input_capture.yml
proc_creation_macos_jxa_in_memory_execution.yml
fix: filename
2023-01-31 12:53:04 +01:00
proc_creation_macos_local_account.yml
proc_creation_macos_local_groups.yml
proc_creation_macos_network_service_scanning.yml
proc_creation_macos_network_sniffing.yml
proc_creation_macos_office_susp_child_processes.yml
feat: additional updates and fixes
2023-02-04 21:06:47 +01:00
proc_creation_macos_osacompile_runonly_execution.yml
fix: add ref and update description
2023-02-01 17:23:36 +01:00
proc_creation_macos_payload_decoded_and_decrypted.yml
proc_creation_macos_remote_system_discovery.yml
proc_creation_macos_schedule_task_job_cron.yml
proc_creation_macos_screencapture.yml
proc_creation_macos_security_software_discovery.yml
proc_creation_macos_space_after_filename.yml
update logsource
2023-01-04 18:52:24 +01:00
proc_creation_macos_split_file_into_pieces.yml
proc_creation_macos_susp_execution_macos_script_editor.yml
proc_creation_macos_susp_find_execution.yml
chore: add nextron authors tag
2023-02-01 11:14:59 +01:00
proc_creation_macos_susp_histfile_operations.yml
proc_creation_macos_susp_macos_firmware_activity.yml
proc_creation_macos_system_network_connections_discovery.yml
proc_creation_macos_system_network_discovery.yml
fix: remove folder start
2022-12-29 11:32:37 +01:00
proc_creation_macos_system_shutdown_reboot.yml
proc_creation_macos_wizardupdate_malware_infection.yml
proc_creation_macos_xattr_gatekeeper_bypass.yml
proc_creation_macos_xcsset_malware_infection.yml