 Mika Ayenson
|
e6bab063dc
|
[Rule Tuning] LaunchDaemon Creation or Modification and Immediate Loading (#2154)
* update query
|
2022-07-27 08:24:57 -04:00 |
|
|
Jonhnathan
|
1c50f35aed
|
[Security Content] Update rules based on docs review (#1803)
* Adds suggestions from security-docs
* Update rules/windows/lateral_movement_powershell_remoting_target.toml
Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>
Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>
|
2022-03-01 21:39:30 -03:00 |
|
|
Colson Wilhoit
|
cfd4d431dd
|
MacOS Launch Daemon Creation Rule - Query Fix (#1722)
* launch daemon creation syntax fix
* change updated date
|
2022-01-25 12:47:51 -06:00 |
|
|
Justin Ibarra
|
3fc34b86f2
|
Update License to Elastic v2 (#944)
|
2021-03-03 22:12:11 -09:00 |
|
|
Samirbous
|
725f509700
|
[New Rule] LaunchDaemon Creation or Modification followed by Loading (#698)
* [New Rule] LaunchDaemon Creation or Modification followed by Loading
* fix technique
* Update rules/macos/persistence_creation_modif_launch_deamon_sequence.toml
Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com>
* Update rules/macos/persistence_creation_modif_launch_deamon_sequence.toml
Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com>
Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com>
|
2020-12-08 16:04:34 +01:00 |
|