| .. |
|
win_defender_amsi_trigger.yml
|
Add Microsoft-Windows-Windows Defender/Operational
|
2021-08-06 11:12:34 +02:00 |
|
win_defender_bypass.yml
|
att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other
|
2020-08-25 01:09:17 +02:00 |
|
win_defender_disabled.yml
|
fix: Correct broken rules, add documentation
|
2021-08-13 15:46:30 +02:00 |
|
win_defender_exclusions.yml
|
fix missing references and duplicate UUID
|
2021-07-15 11:06:54 +02:00 |
|
win_defender_history_delete.yml
|
Merging upstream updates
|
2021-07-01 12:18:30 +05:45 |
|
win_defender_psexec_wmi_asr.yml
|
fix typos, update tags
|
2020-09-13 15:46:45 +02:00 |
|
win_defender_tamper_protection_trigger.yml
|
Added and updated Defender's tamper related rules
|
2021-07-05 20:30:07 +05:45 |
|
win_defender_threat.yml
|
FIX: lint error for title
|
2020-06-28 11:05:19 +02:00 |
|
win_exchange_proxyshell_mailbox_export.yml
|
refactor: removed old rule that uses Message field
|
2021-08-12 09:27:50 +02:00 |
|
win_exchange_TransportAgent_failed.yml
|
fix: Correct incorrect message / keyword usage
|
2021-08-12 16:28:07 +02:00 |
|
win_lateral_movement_condrv.yml
|
Merging upstream updates
|
2021-07-01 12:18:30 +05:45 |
|
win_ldap_recon.yml
|
Merging upstream updates
|
2021-07-01 12:18:30 +05:45 |
|
win_pcap_drivers.yml
|
Merging upstream updates
|
2021-07-01 12:18:30 +05:45 |
|
win_possible_zerologon_exploitation_using_wellknown_tools.yml
|
fix: Correct incorrect message / keyword usage
|
2021-08-12 16:28:07 +02:00 |
|
win_rare_schtask_creation.yml
|
att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other
|
2020-08-25 01:09:17 +02:00 |
|
win_tool_psexec.yml
|
fix TargetFilename case error
|
2021-08-06 08:43:05 +02:00 |
|
win_wmi_persistence.yml
|
fix: Correct incorrect message / keyword usage
|
2021-08-12 16:28:07 +02:00 |
