security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,001 Commits 1 Branch 0 Tags
2ad8b32ce2299d4f736c5bfa25de0148c07692d2
Commit Graph

4 Commits

Author SHA1 Message Date
Jonhnathan 82331f05d1 [Rule Tuning] Update PowerShell script_block queries to avoid partial matches (#1807) 
* Update script_block queries

* Update execution_posh_psreflect.toml

(cherry picked from commit 5c477849fe)
 2022-03-03 10:39:59 +00:00
Jonhnathan 73b3bec457 [Security Content] Update rules based on docs review (#1803) 
* Adds suggestions from security-docs

* Update rules/windows/lateral_movement_powershell_remoting_target.toml

Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>

Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>

(cherry picked from commit 1c50f35aed)
 2022-03-02 00:41:56 +00:00
Jonhnathan 678f7cb93c [Rule Tuning] Update rules based on docs review (#1778) 
* Update rules based on docs review

* trivial change to trigger CLA

* undo changes from triggering build

Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com>

(cherry picked from commit dec4243db0)
 2022-02-16 16:44:51 +00:00
Jonhnathan 7bbeaf3053 [New Rule] PowerShell PSReflect Script (#1558) 2022-01-19 15:31:08 -09:00