BlueTeamOps 6ef5f0a0a2 Added detection for Dumpert ...

-Dumpert based LSASS dump using DLL
-Dumpert.exe detection

2021-03-27 07:34:05 +11:00

..

av_exploiting.yml

Added additional CS signatures

2021-03-25 22:44:24 +11:00

av_password_dumper.yml

Added detection for Dumpert

2021-03-27 07:34:05 +11:00

av_relevant_files.yml

Add scriptlets

2019-11-14 22:26:22 +01:00

av_webshell.yml

more AV event and suspicious commands

2021-01-07 17:54:19 +01:00

mal_azorult_reg.yml

fixed various spelling errors all over rules and source code

2021-02-24 14:43:13 +00:00

win_mal_blue_mockingbird.yml

fix: condition location

2020-05-15 12:06:34 +02:00

win_mal_flowcloud.yml

Fix rules with incorrect escaping of wildcars

2020-06-15 13:38:18 -04:00

win_mal_octopus_scanner.yml

Further subtechnique updates

2020-06-17 11:31:40 -06:00

win_mal_ryuk.yml

Added UUIDs to rules

2019-11-12 23:12:27 +01:00

win_mal_ursnif.yml

Added UUIDs to rules

2019-11-12 23:12:27 +01:00