Commit Graph

64 Commits

Author SHA1 Message Date
hegusung
c9f0857f0f
Update CL_mutexverifiers.yml: Identation change 2024-10-13 20:24:41 +02:00
hegusung
43ae6c8a1b
Update pester.yml Tags and removed duplicate
Removed Duplicate Command field
Added Tags:
- Execute EXE
2024-10-13 20:23:33 +02:00
hegusung
76060761ae
Update Winrm.yml Tags
Added Tags:
Execute: CMD
Execute: Remote
2024-10-13 20:21:46 +02:00
hegusung
ac7ac2af00
Update UtilityFunctions.yml Tags
Changed Execute DLL to Execute .NetDLL
2024-10-13 20:19:59 +02:00
hegusung
66510df000
Update Syncappvpublishingserver.yml Tags
Added Tags:
Execute: Powershell
2024-10-13 20:18:52 +02:00
hegusung
8673165d4b
Update Pubprn.yml Tags
Added Tags:
Execute SCT
2024-10-13 20:18:06 +02:00
hegusung
4295f690a1
Update Manage-bde.yml Tags
Added Tags:
Execute EXE
2024-10-13 18:56:48 +02:00
hegusung
a7b0dfcf5e
Update Launch-VsDevShell.yml Tags
Added Tags
Execute EXE
2024-10-13 18:53:59 +02:00
hegusung
4c232b06fe
Update Cl_invocation.yml Tags
Added Tags:
Execute EXE
Execute CMD
2024-10-13 18:52:43 +02:00
hegusung
cb73a1cfd0
Update CL_mutexverifiers.yml tags
added tags:
Execute: powershell
2024-10-13 18:47:36 +02:00
hegusung
1f57c14845
Update CL_LoadAssembly.yml Tags
Changed DLL to .NetDLL
2024-10-13 18:44:40 +02:00
Wietze
f69b8abae1
Removing empty resource sections 2024-10-02 01:55:22 +01:00
Wietze
39a7120d40
Adding Windows file path validation for values of File_Path (#403) 2024-10-01 23:14:19 +01:00
Wietze
2cc0ee99e6
Applying MITRE ATT&CK v15 changes (#370)
https://attack.mitre.org/resources/updates/updates-april-2024/
2024-04-24 15:10:59 +01:00
Wietze
ebbf08ec4d
Adding tags (closes #9, #318) (#362)
* Adding various tags as a first iteration

* Adding quotes

* Adding 'Custom Format' properly

* Updating to key:value pairs

* Update template
2024-04-03 11:53:36 -04:00
frack113
4f83231697
Update old sigma link (#303)
* Update SigmaHQ ref

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>

* Update SigmaHQ ref

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>

* Update SigmaHq ref

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>

* Update SigmaHq ref

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>

---------

Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
2023-10-18 11:30:34 -04:00
frack113
e8ea28d4e9
Update SigmaHQ ref (#301)
Signed-off-by: frack113 <62423083+frack113@users.noreply.github.com>
2023-06-19 22:40:24 +01:00
frack113
1072d3dc34
Add sigma ref Detection (#272)
* Add sigma ref

* Add missing sigma ref

* Fix sigma link

* Remove by Defender

* Remove by Defender
2022-12-29 09:51:15 -05:00
Nasreddine Bencherchali
0d7efb8ead
Adding and updating various LOLBINS (#229)
Co-authored-by: Wietze <wietze@users.noreply.github.com>
2022-11-11 16:42:44 +00:00
frack113
01d7580886
Add Sigma rule references to various LOLBAS (#260) 2022-10-26 09:10:39 +01:00
Wietze
67e1040172
Merge remote-tracking branch 'upstream/master' into windows_11_sprint 2022-10-03 16:18:57 +01:00
xenoscr
2c3653f0c4
Fixing more file formatting issues. 2022-09-11 01:36:14 -04:00
xenoscr
654cdd2d61
Fixing file formating. 2022-09-11 01:33:36 -04:00
xenoscr
98813fe01b
Fixing errors found in yaml lint action. 2022-09-11 01:07:18 -04:00
xenoscr
d585695b08
Adding missing Descriptions. 2022-09-10 23:26:10 -04:00
xenoscr
ce36f924fc
Removing extra --- from each yaml file 2022-09-10 22:16:47 -04:00
securepeacock
68c14b894c
Update UtilityFunctions.yml (#228) 2022-09-02 18:42:59 +01:00
Wietze
e1df4e9f83
Merge remote-tracking branch 'upstream/master' into windows_11_sprint 2022-09-02 17:23:45 +01:00
Oddvar Moe
c5c227a7ba
added sigma detection for pester 2022-09-02 17:18:24 +01:00
Oddvar Moe
5a38aa722f
Adjusted comment in command 2022-09-02 17:18:24 +01:00
Oddvar Moe
4b99cadd85
Update pester.bat with an additional example 2022-09-02 17:18:23 +01:00
Wietze
400158f2df
Add sigma references to CL_LoadAssembly, CLMutexVerifiers entries (#221) 2022-09-02 17:16:58 +01:00
Oddvar Moe
68a6f0a35f added sigma detection for pester 2022-08-24 12:32:48 +02:00
Oddvar Moe
c53a8ea06e Adjusted comment in command 2022-08-23 15:47:17 +02:00
Oddvar Moe
fdc1b2c827 Update pester.bat with an additional example 2022-08-23 15:44:57 +02:00
frack113
91350057ce
Add sigma references to CL_LoadAssembly, CLMutexVerifiers entries (#221) 2022-06-04 11:50:35 +01:00
Wietze
b92ee99627
Addressing @bohops's feedback 2022-05-05 11:12:22 +01:00
Wietze
085aaa37b1
Adding more missed-out entries 2021-12-15 11:50:18 +00:00
Wietze
6793a7d238
Fixing various issues identified 2021-12-14 16:50:22 +00:00
Wietze
adf171d089
Applying minor format changes (incorrectly formatted dates, typos, etc.) 2021-12-14 15:53:03 +00:00
Wietze
754a451e76
Updating entries that have been confirmed to be working on Windows 11 (21H2) 2021-12-14 15:51:43 +00:00
Wietze
39d4e815af
Minor formatting changes (redudant backslashes, incorrect dates, typos, etc.) 2021-12-14 14:57:32 +00:00
bohops
23dd0236ae
Detection Resources and Other Updates (#179)
* Add detection links for scripts

* Add detection links for OtherMSBins. Fixed and updated as needed.

* Add detection links for MSBins. Fixed and updated as needed.

* Add detection links for oslibraries

* Updating template for Detections

* Removing empty Detection:Sigma entries

* Remove redundant blank line

* Replacing commit URL with file URL

Co-authored-by: root <root@DESKTOP-5CR935D.localdomain>
Co-authored-by: Wietze <wietze@users.noreply.github.com>
2021-11-15 08:19:03 -05:00
Wietze
8257d60aad
Realigning .ps1 scripts to T1216 2021-11-05 20:29:07 +00:00
Wietze
bc51cb4e03
More changes (mainly changing some T1218 instances to T1202) 2021-11-05 20:19:39 +00:00
Wietze
4f7ec8d2af
MITRE ATT&CK realignment sprint 2021-11-05 18:58:26 +00:00
Oddvar Moe
9f9af1cfee
Merge branch 'master' into feat/yamllinting 2021-10-22 15:20:35 +02:00
Oddvar Moe
a55e2249c1
Merge branch 'master' into fixing-yaml-issues 2021-10-22 14:53:09 +02:00
bohops
741d0f7b36
Update CL_LoadAssembly.yml 2021-09-26 23:35:01 -04:00
root
b5357cdec0 Adding app-ctrl bypass bins and a few lolscripts 2021-09-26 23:31:30 -04:00