valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 09:48:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
30fc4bd030
SigmaHQ/rules/windows/powershell
History
Lurkkeli 30fc4bd030
powershell xor commandline 
New rule to detect -bxor usage in a powershell commandline.
2018-09-05 09:21:15 +02:00
..
powershell_downgrade_attack.yml Tagged windows powershell, other and malware rules. 2018-07-24 10:56:41 +02:00
powershell_exe_calling_ps.yml Tagged windows powershell, other and malware rules. 2018-07-24 10:56:41 +02:00
powershell_malicious_commandlets.yml Tagged windows powershell, other and malware rules. 2018-07-24 10:56:41 +02:00
powershell_malicious_keywords.yml Tagged windows powershell, other and malware rules. 2018-07-24 10:56:41 +02:00
powershell_NTFS_Alternate_Data_Streams Added quotation marks 2018-07-26 18:10:21 +02:00
powershell_prompt_credentials.yml Tagged windows powershell, other and malware rules. 2018-07-24 10:56:41 +02:00
powershell_psattack.yml Tagged windows powershell, other and malware rules. 2018-07-24 10:56:41 +02:00
powershell_suspicious_download.yml Tagged windows powershell, other and malware rules. 2018-07-24 10:56:41 +02:00
powershell_suspicious_invocation_generic.yml Tagged windows powershell, other and malware rules. 2018-07-24 10:56:41 +02:00
powershell_suspicious_invocation_specific.yml Tagged windows powershell, other and malware rules. 2018-07-24 10:56:41 +02:00
powershell_xor_commandline.yml powershell xor commandline 2018-09-05 09:21:15 +02:00