frack113
|
02100f1a3c
|
Tune detection in win_renamed_powershell.yml
|
2021-07-03 15:18:01 +02:00 |
|
Jonhnathan
|
57445969f1
|
Update win_renamed_powershell.yml
|
2020-10-15 18:24:16 -03:00 |
|
e6e6e
|
98c412044a
|
att&ck tags review: windows/process_creation part 5
added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes
|
2020-09-07 02:00:41 +04:00 |
|
e6e6e
|
7ae76b8d99
|
Revert "att&ck tags review: windows/process_creation part 5"
This reverts commit e94c47e74e .
|
2020-09-07 01:28:08 +04:00 |
|
e6e6e
|
e94c47e74e
|
att&ck tags review: windows/process_creation part 5
added missing ATT&CK v6.3 IDs with comments and removed unnecessary "modified" attributes
|
2020-09-07 01:19:41 +04:00 |
|
ecco
|
9a7f462d79
|
move renamed bnaries rule to process creation (they made a lot of false positives in sysmon as there was no event id specified in the rule)
|
2020-05-23 07:17:56 -04:00 |
|