blue-team-tools/rules/windows at ae62acf3d232de8b9be994e20bdf2b2ff20c2f5e - blue-team-tools - GreySec Git

security-tools/blue-team-tools

Files

T

History

Tareq AlKhatib 2e3a2b9ba6 Merged 'Eventlog Cleared' and 'Eventlog Cleared Experimental'

2019-02-18 21:03:53 +03:00

..

Merged 'Eventlog Cleared' and 'Eventlog Cleared Experimental'

2019-02-18 21:03:53 +03:00

Escaped '\*' to '\\*' where required

2019-02-03 00:24:57 +01:00

Rule: WMI Persistence - FPs

2019-02-05 14:35:23 +01:00

Rule: Suspicious PowerShell keywords

2019-02-11 13:02:38 +01:00

Removed unnecessary '1 of them' in condition

2019-02-13 21:26:02 +03:00