security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ffcc2dc04926b47a0bc4e772101cfbc6cac700a7
blue-team-tools/rules/windows
T
History
Thomas Patzke 5f1e933b93 Merge pull request #588 from timbMSFT/timb 
Sigma queries - defense evasion by tampering with svchost; recently released GALLIUM activity group IOCs
2020-01-20 10:06:06 +01:00
..
builtin
rule: added a reference
2020-01-15 21:27:40 +01:00
malware
Add scriptlets
2019-11-14 22:26:22 +01:00
other
Added UUIDs to rules
2019-11-12 23:12:27 +01:00
powershell
Add the ability to detect PowerUp - Invoke-AllChecks
2019-12-23 11:50:57 +01:00
process_creation
Merge pull request #585 from Neo23x0/devel
2019-12-30 15:08:43 +01:00
sysmon
Sigma queries for
2020-01-02 14:47:55 +00:00