Merge remote-tracking branch 'upstream/master' into windows_11_sprint

2025-07-26 04:04:09 +02:00 · 2022-10-03 16:16:30 +01:00
parent e1df4e9f83 da38f3d8ed
commit 67e1040172
176 changed files with 502 additions and 341 deletions
--- a/yml/OSScripts/CL_LoadAssembly.yml
+++ b/yml/OSScripts/CL_LoadAssembly.yml
@@ -22,4 +22,3 @@ Resources:
 Acknowledgement:
  - Person: Jimmy
    Handle: '@bohops'
---
--- a/yml/OSScripts/CL_mutexverifiers.yml
+++ b/yml/OSScripts/CL_mutexverifiers.yml
@@ -1,6 +1,6 @@
 ---
 Name: CL_Mutexverifiers.ps1
-Description:
+Description: Proxy execution with CL_Mutexverifiers.ps1
 Author: 'Oddvar Moe'
 Created: 2018-05-25
 Commands:
@@ -26,4 +26,3 @@ Resources:
 Acknowledgement:
  - Person: Pierre-Alexandre Braeken
    Handle: '@pabraeken'
---
--- a/yml/OSScripts/Cl_invocation.yml
+++ b/yml/OSScripts/Cl_invocation.yml
@@ -28,4 +28,3 @@ Acknowledgement:
    Handle: '@bohops'
  - Person: Pierre-Alexandre Braeken
    Handle: '@pabraeken'
---
--- a/yml/OSScripts/Manage-bde.yml
+++ b/yml/OSScripts/Manage-bde.yml
@@ -36,4 +36,3 @@ Acknowledgement:
    Handle: '@danielbohannon'
  - Person: John Lambert
    Handle: '@JohnLaTwC'
---
--- a/yml/OSScripts/Pubprn.yml
+++ b/yml/OSScripts/Pubprn.yml
@@ -1,6 +1,6 @@
 ---
 Name: Pubprn.vbs
-Description:
+Description: Proxy execution with Pubprn.vbs
 Author: 'Oddvar Moe'
 Created: 2018-05-25
 Commands:
@@ -25,4 +25,3 @@ Resources:
 Acknowledgement:
  - Person: Matt Nelson
    Handle: '@enigma0x3'
---
--- a/yml/OSScripts/Syncappvpublishingserver.yml
+++ b/yml/OSScripts/Syncappvpublishingserver.yml
@@ -25,4 +25,3 @@ Acknowledgement:
    Handle: '@monoxgas'
  - Person: Casey Smith
    Handle: '@subtee'
---
--- a/yml/OSScripts/UtilityFunctions.yml
+++ b/yml/OSScripts/UtilityFunctions.yml
@@ -16,9 +16,9 @@ Full_Path:
 Code_Sample:
  - Code:
 Detection:
+  - Sigma: https://github.com/SigmaHQ/sigma/blob/0.21-688-gd172b136b/rules/windows/process_creation/proc_creation_win_lolbas_utilityfunctions.yml
 Resources:
  - Link: https://twitter.com/nickvangilder/status/1441003666274668546
 Acknowledgement:
  - Person: Nick VanGilder
    Handle: '@nickvangilder'
---
--- a/yml/OSScripts/Winrm.yml
+++ b/yml/OSScripts/Winrm.yml
@@ -55,4 +55,3 @@ Acknowledgement:
    Handle: '@bohops'
  - Person: Red Canary Company cc Tony Lambert
    Handle: '@redcanaryco'
---
--- a/yml/OSScripts/pester.yml
+++ b/yml/OSScripts/pester.yml
@@ -43,6 +43,3 @@ Acknowledgement:
    Handle: '@p0w3rsh3ll'
  - Person: Stamatis Chatzimangou
    Handle: '@_st0pp3r_'
-  - Person: Stamatis Chatzimangou
-    Handle: '@_st0pp3r_'
---