SigmaHQ/rules/windows/powershell
2019-02-11 13:02:38 +01:00
..
powershell_downgrade_attack.yml Tagged windows powershell, other and malware rules. 2018-07-24 10:56:41 +02:00
powershell_exe_calling_ps.yml Tagged windows powershell, other and malware rules. 2018-07-24 10:56:41 +02:00
powershell_malicious_commandlets.yml Removed duplicate filters 2019-01-25 12:21:57 +03:00
powershell_malicious_keywords.yml rule: false positive reduction in PowerShell rules 2019-01-22 16:37:36 +01:00
powershell_ntfs_ads_access.yml Merge branch 'master' of https://github.com/SherifEldeeb/sigma into SherifEldeeb-master 2018-12-04 23:35:23 +01:00
powershell_prompt_credentials.yml Replace "logsource: description" with "definition" to match the specs 2018-11-15 09:00:06 +03:00
powershell_psattack.yml Replace "logsource: description" with "definition" to match the specs 2018-11-15 09:00:06 +03:00
powershell_shellcode_b64.yml Rule: Detect base64 encoded PowerShell shellcode 2018-11-17 09:10:09 +01:00
powershell_suspicious_download.yml Tagged windows powershell, other and malware rules. 2018-07-24 10:56:41 +02:00
powershell_suspicious_invocation_generic.yml Tagged windows powershell, other and malware rules. 2018-07-24 10:56:41 +02:00
powershell_suspicious_invocation_specific.yml Tagged windows powershell, other and malware rules. 2018-07-24 10:56:41 +02:00
powershell_suspicious_keywords.yml Rule: Suspicious PowerShell keywords 2019-02-11 13:02:38 +01:00
powershell_xor_commandline.yml Update powershell_xor_commandline.yml 2018-12-05 05:51:41 +03:00