Jonhnathan
|
fc6c727c70
|
Update powershell_malicious_commandlets.yml
|
2020-10-15 20:59:27 -03:00 |
|
Jonhnathan
|
1584ddf918
|
Update sysmon_susp_service_installed.yml
|
2020-10-15 20:50:42 -03:00 |
|
Jonhnathan
|
f4872118a2
|
Update win_powershell_dll_execution.yml
|
2020-10-15 20:38:55 -03:00 |
|
Jonhnathan
|
3566dd1594
|
Fix
|
2020-10-15 20:35:50 -03:00 |
|
Jonhnathan
|
44c909a4a4
|
Update win_apt_mustangpanda.yml
|
2020-10-15 20:33:00 -03:00 |
|
Jonhnathan
|
5fc348fd45
|
Fix
|
2020-10-15 20:32:16 -03:00 |
|
Jonhnathan
|
37ee747dfe
|
Update win_apt_chafer_mar18.yml
|
2020-10-15 20:30:52 -03:00 |
|
Jonhnathan
|
1fac65dad0
|
Fix
|
2020-10-15 20:29:02 -03:00 |
|
Jonhnathan
|
0dfacd1f63
|
Fix
|
2020-10-15 20:27:10 -03:00 |
|
Jonhnathan
|
9795c95a9b
|
Update av_webshell.yml
|
2020-10-15 20:25:34 -03:00 |
|
Jonhnathan
|
345c3c6451
|
Fix
|
2020-10-15 20:24:31 -03:00 |
|
Jonhnathan
|
86ade194a4
|
Fix
|
2020-10-15 20:22:56 -03:00 |
|
Jonhnathan
|
0666d21b06
|
Update win_dcsync.yml
|
2020-10-15 20:19:06 -03:00 |
|
Jonhnathan
|
d7eda3fe7e
|
Update sysmon_wmi_susp_scripting.yml
|
2020-10-15 20:15:22 -03:00 |
|
Jonhnathan
|
92aaeca075
|
Update sysmon_susp_powershell_rundll32.yml
|
2020-10-15 20:14:23 -03:00 |
|
Jonhnathan
|
26b36086c7
|
Update sysmon_cmstp_execution.yml
|
2020-10-15 20:13:39 -03:00 |
|
Jonhnathan
|
df81f5180d
|
Update sysmon_cactustorch.yml
|
2020-10-15 20:12:54 -03:00 |
|
Jonhnathan
|
457217bfc0
|
Update sysmon_win_reg_persistence.yml
|
2020-10-15 20:11:52 -03:00 |
|
Jonhnathan
|
229e57777a
|
Update sysmon_win_reg_persistence.yml
|
2020-10-15 20:11:37 -03:00 |
|
Jonhnathan
|
8a52610bf8
|
Update sysmon_uac_bypass_eventvwr.yml
|
2020-10-15 20:11:11 -03:00 |
|
Jonhnathan
|
6ea18efdaf
|
Update sysmon_sysinternals_eula_accepted.yml
|
2020-10-15 20:10:44 -03:00 |
|
Jonhnathan
|
7dfb8f0e99
|
Update sysmon_suspicious_keyboard_layout_load.yml
|
2020-10-15 20:10:21 -03:00 |
|
Jonhnathan
|
9c434eaf04
|
Update sysmon_susp_service_installed.yml
|
2020-10-15 20:10:06 -03:00 |
|
Jonhnathan
|
33ed01e285
|
Update sysmon_susp_run_key_img_folder.yml
|
2020-10-15 20:09:42 -03:00 |
|
Jonhnathan
|
45466cf95d
|
Update sysmon_susp_reg_persist_explorer_run.yml
|
2020-10-15 20:08:47 -03:00 |
|
Jonhnathan
|
b55b78c42d
|
Update sysmon_susp_lsass_dll_load.yml
|
2020-10-15 20:08:12 -03:00 |
|
Jonhnathan
|
17ade8e5f5
|
Update sysmon_susp_download_run_key.yml
|
2020-10-15 20:07:53 -03:00 |
|
Jonhnathan
|
6fc6409c7f
|
Update sysmon_stickykey_like_backdoor.yml
|
2020-10-15 20:07:11 -03:00 |
|
Jonhnathan
|
03ea1375e2
|
Update sysmon_registry_persistence_search_order.yml
|
2020-10-15 20:05:46 -03:00 |
|
Jonhnathan
|
f101d661f0
|
Update sysmon_reg_office_security.yml
|
2020-10-15 20:05:11 -03:00 |
|
Jonhnathan
|
176b7ce08f
|
Update sysmon_rdp_settings_hijack.yml
|
2020-10-15 20:04:57 -03:00 |
|
Jonhnathan
|
4c9cf8b759
|
Update sysmon_new_dll_added_to_appinit_dlls_registry_key.yml
|
2020-10-15 20:04:31 -03:00 |
|
Jonhnathan
|
51eefbae0c
|
Update sysmon_logon_scripts_userinitmprlogonscript_reg.yml
|
2020-10-15 20:04:05 -03:00 |
|
Jonhnathan
|
143e6512ad
|
Update sysmon_dns_serverlevelplugindll.yml
|
2020-10-15 20:03:42 -03:00 |
|
Jonhnathan
|
c4a44e2376
|
Update sysmon_dns_serverlevelplugindll.yml
|
2020-10-15 20:03:29 -03:00 |
|
Jonhnathan
|
bdca2febe9
|
Update sysmon_dhcp_calloutdll.yml
|
2020-10-15 20:02:58 -03:00 |
|
Jonhnathan
|
337e26a034
|
Update sysmon_cmstp_execution.yml
|
2020-10-15 20:02:37 -03:00 |
|
Jonhnathan
|
4adf092a25
|
Update win_workflow_compiler.yml
|
2020-10-15 20:00:57 -03:00 |
|
Jonhnathan
|
eb9bac761f
|
Update win_wmi_spwns_powershell.yml
|
2020-10-15 20:00:44 -03:00 |
|
Jonhnathan
|
b2e1b857ae
|
Update win_wmi_backdoor_exchange_transport_agent.yml
|
2020-10-15 20:00:27 -03:00 |
|
Jonhnathan
|
86ad1f45f5
|
Update win_win10_sched_task_0day.yml
|
2020-10-15 20:00:13 -03:00 |
|
Jonhnathan
|
630e92f3c2
|
Update win_webshell_spawn.yml
|
2020-10-15 19:59:59 -03:00 |
|
Jonhnathan
|
138b8fed06
|
Update win_webshell_recon_detection.yml
|
2020-10-15 19:59:36 -03:00 |
|
Jonhnathan
|
e402356e82
|
Update win_webshell_detection.yml
|
2020-10-15 19:58:37 -03:00 |
|
Jonhnathan
|
2d9233d418
|
Update win_vul_java_remote_debugging.yml
|
2020-10-15 19:57:43 -03:00 |
|
Jonhnathan
|
d9afa1aec6
|
Update win_termserv_proc_spawn.yml
|
2020-10-15 19:57:05 -03:00 |
|
Jonhnathan
|
737fbd1619
|
Update win_system_exe_anomaly.yml
|
2020-10-15 19:55:57 -03:00 |
|
Jonhnathan
|
434c6257f0
|
Update win_susp_wmi_execution.yml
|
2020-10-15 19:52:25 -03:00 |
|
Jonhnathan
|
7b9ec4709f
|
Update win_susp_whoami.yml
|
2020-10-15 19:51:55 -03:00 |
|
Jonhnathan
|
d09dd70695
|
Update win_susp_userinit_child.yml
|
2020-10-15 19:51:42 -03:00 |
|