Wietze
|
ebbf08ec4d
|
Adding tags (closes #9, #318) (#362)
* Adding various tags as a first iteration
* Adding quotes
* Adding 'Custom Format' properly
* Updating to key:value pairs
* Update template
|
2024-04-03 11:53:36 -04:00 |
|
frack113
|
4f83231697
|
Update old sigma link (#303)
* Update SigmaHQ ref
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
* Update SigmaHQ ref
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
* Update SigmaHq ref
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
* Update SigmaHq ref
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
---------
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
|
2023-10-18 11:30:34 -04:00 |
|
Wietze
|
67e1040172
|
Merge remote-tracking branch 'upstream/master' into windows_11_sprint
|
2022-10-03 16:18:57 +01:00 |
|
Conor Richard
|
2c9a7a97ce
|
Merge pull request #244 from 721574n/tristan_add
Added external reference about Rundll32
|
2022-09-16 23:46:43 -04:00 |
|
xenoscr
|
ce36f924fc
|
Removing extra --- from each yaml file
|
2022-09-10 22:16:47 -04:00 |
|
721574n
|
4b564464fd
|
Added external reference for Rundll32
|
2022-08-24 12:11:31 +02:00 |
|
Wietze
|
6793a7d238
|
Fixing various issues identified
|
2021-12-14 16:50:22 +00:00 |
|
Wietze
|
754a451e76
|
Updating entries that have been confirmed to be working on Windows 11 (21H2)
|
2021-12-14 15:51:43 +00:00 |
|
bohops
|
23dd0236ae
|
Detection Resources and Other Updates (#179)
* Add detection links for scripts
* Add detection links for OtherMSBins. Fixed and updated as needed.
* Add detection links for MSBins. Fixed and updated as needed.
* Add detection links for oslibraries
* Updating template for Detections
* Removing empty Detection:Sigma entries
* Remove redundant blank line
* Replacing commit URL with file URL
Co-authored-by: root <root@DESKTOP-5CR935D.localdomain>
Co-authored-by: Wietze <wietze@users.noreply.github.com>
|
2021-11-15 08:19:03 -05:00 |
|
Wietze
|
4f7ec8d2af
|
MITRE ATT&CK realignment sprint
|
2021-11-05 18:58:26 +00:00 |
|
Wietze
|
14dca38278
|
Standardise date formats (see https://yaml.org/type/timestamp.html)
|
2021-01-10 15:04:52 +00:00 |
|
Oddvar Moe
|
794d3c04cc
|
Added Acknowledgement to rundll32
|
2020-07-03 14:03:51 +02:00 |
|
Martin Ingesen
|
e4face79af
|
Using rundll32 to execute dll via SMB
|
2020-03-18 15:20:50 +01:00 |
|
Oddvar Moe
|
94708ac5d6
|
Added links to obfuscation technique from Sailay(valen) on rundll32
|
2020-01-23 08:57:43 +01:00 |
|
Oddvar Moe
|
94368c1e69
|
Major changes to Web portal - Small fixes to source files to adjust
|
2018-12-10 14:28:12 +01:00 |
|
bohops
|
34b1287f10
|
Added rundll32 -sta COM server execution
|
2018-12-04 18:59:08 -05:00 |
|
Oddvar Moe
|
37cc1ee83e
|
Changed all OSBinaries according to the new template
|
2018-09-24 21:59:43 +02:00 |
|
Oddvar Moe
|
c949e100bd
|
MD files generate from Script, and adjustments to readme
|
2018-09-14 15:48:52 +02:00 |
|