yugoslavskiy 4fa928866f oscd task #6 done. ... add 25 new rules: - win_ad_replication_non_machine_account.yml - win_dpapi_domain_backupkey_extraction.yml - win_protected_storage_service_access.yml - win_dpapi_domain_masterkey_backup_attempt.yml - win_sam_registry_hive_handle_request.yml - win_sam_registry_hive_dump_via_reg_utility.yml - win_lsass_access_non_system_account.yml - win_ad_object_writedac_access.yml - powershell_alternate_powershell_hosts.yml - sysmon_remote_powershell_session_network.yml - win_remote_powershell_session.yml - win_scm_database_handle_failure.yml - win_scm_database_privileged_operation.yml - sysmon_wmi_module_load.yml - sysmon_remote_powershell_session_process.yml - sysmon_rdp_registry_modification.yml - sysmon_powershell_execution_pipe.yml - sysmon_alternate_powershell_hosts_pipe.yml - sysmon_powershell_execution_moduleload.yml - sysmon_createremotethread_loadlibrary.yml - sysmon_alternate_powershell_hosts_moduleload.yml - powershell_remote_powershell_session.yml - win_non_interactive_powershell.yml - win_syskey_registry_access.yml - win_wmiprvse_spawning_process.yml improve 1 rule: - rules/windows/builtin/win_account_backdoor_dcsync_rights.yml		2019-11-10 18:43:41 +03:00
..
application	Fixes for Elasticsearch query correctness CI tests	2018-04-09 22:33:29 +02:00
apt	Fixed wrong backslash escaping of *	2019-10-07 22:14:44 +02:00
compliance	Added level	2019-08-05 19:51:22 +02:00
linux	Merge pull request #477 from zinint/oscd	2019-11-05 04:55:29 +03:00
network	Merge pull request #315 from P4T12ICK/feature/net_dnc_c2_detection	2019-05-10 00:12:39 +02:00
proxy	rule: proxy malware ua - Zebrocy	2019-10-26 14:20:29 +02:00
web	Web Source Code Enumeration via .git	2019-06-08 22:40:28 -04:00
windows	oscd task #6 done.	2019-11-10 18:43:41 +03:00