1 Commits

Author	SHA1	Message	Date
Samirbous	e7695f862f	[New Rule] Potential Credential Access with LolBas (#620) ... * [New Rule] Potential Credential Access with LolBas * typo * added procdump and steam lolbins * added cisco Jabber lobas * eql syntax * ecs_version * Update rules/windows/credential_access_lolbas_dump_cmdline.toml Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com> * Update rules/windows/credential_access_lolbas_dump_cmdline.toml Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com> * renamed rule and filename as suggested by DanStep * adjust name and desc Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com>	2020-12-08 17:56:25 +01:00