| .. |
|
win_defender_amsi_trigger.yml
|
Windows Defender AMSI Trigger Detected
|
2020-09-14 18:10:38 +05:45 |
|
win_defender_bypass.yml
|
att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other
|
2020-08-25 01:09:17 +02:00 |
|
win_defender_disabled.yml
|
Split original to existing file
|
2021-06-07 20:27:14 +02:00 |
|
win_defender_history_delete.yml
|
Fix logsource to get accurate detection
|
2021-05-30 08:22:38 +02:00 |
|
win_defender_psexec_wmi_asr.yml
|
fix typos, update tags
|
2020-09-13 15:46:45 +02:00 |
|
win_defender_threat.yml
|
FIX: lint error for title
|
2020-06-28 11:05:19 +02:00 |
|
win_exchange_TransportAgent_failed.yml
|
Fixed meta informations
|
2021-06-10 12:44:19 +02:00 |
|
win_lateral_movement_condrv.yml
|
docs: change title and add references
|
2021-04-29 12:33:10 +02:00 |
|
win_ldap_recon.yml
|
Add rule to detect AD enumeration
|
2021-06-22 15:57:49 -04:00 |
|
win_pcap_drivers.yml
|
Merge branch 'oscd'
|
2021-03-02 22:58:41 +03:00 |
|
win_possible_zerologon_exploitation_using_wellknown_tools.yml
|
category other is useless
|
2021-05-30 09:17:41 +02:00 |
|
win_rare_schtask_creation.yml
|
att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other
|
2020-08-25 01:09:17 +02:00 |
|
win_tool_psexec.yml
|
Add Sysmon EventID 11, 17 and 18 to win_tool_psexec rule
|
2021-05-16 15:03:58 +02:00 |
|
win_wmi_persistence.yml
|
Merge branch 'oscd' into oscd_wmi
|
2021-02-06 00:34:53 +03:00 |
