valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-08 10:13:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
5,188 Commits 20 Branches 25 Tags 21 MiB
def4a7dbb9
Commit Graph

6 Commits

Author SHA1 Message Date
Furkan ÇALIŞKAN
edb5b7718e
Deleted a part of an already-defined rule 
Lolbin rule for explorer.exe proxy execution;

Test scenario;

cd c:\windows\system32
explorer.exe calc.exe
(pops calc.exe) as in https://twitter.com/bohops/status/986984122563391488/photo/1
 2020-10-11 21:08:17 +03:00
Furkan ÇALIŞKAN
789a0c174f
Fixed OSCD wording 2020-10-09 09:25:38 +03:00
Furkan CALISKAN
52edc13d15 Fixed dates 2020-10-06 19:10:33 +03:00
Furkan ÇALIŞKAN
b147fc3296
Update win_susp_explorer.yml 
Added known-fp
 2020-10-05 13:22:43 +03:00
Furkan ÇALIŞKAN
85962665fd
Update win_susp_explorer.yml 2020-10-05 10:49:54 +03:00
Furkan CALISKAN
00cf61cc5b Added explorer.exe LOLbin, OSCD 2020-10-04 23:47:16 +03:00