Mirrors/keyboardcrunch-sentinelone-queries
1
0
Fork 0
mirror of https://github.com/keyboardcrunch/sentinelone-queries synced 2026-06-08 17:07:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
28 Commits 1 Branch 0 Tags
166e451cf65054d5cb8aa5e6cba22915b98866a1
Commit Graph

15 Commits

Author SHA1 Message Date
keyboardcrunch 166e451cf6 Removed LSASSMemoryAccessed due to HIGH FP 2021-03-17 20:09:19 -05:00
keyboardcrunch 2f71277652 Adding T1003 OS Credential Dumping 2021-03-17 20:05:39 -05:00
keyboardcrunch 58b7368940 T1040 Network Sniffing 2021-03-17 19:20:55 -05:00
keyboardcrunch dd57246fde Revert "T1040 network sniffing" 
This reverts commit 50959302ed.
 2021-03-17 19:19:22 -05:00
keyboardcrunch 50959302ed T1040 network sniffing 2021-03-17 19:17:09 -05:00
keyboardcrunch fa5b44c390 Create disable_or_modify_service_execution.yml 2020-12-18 13:39:22 -06:00
keyboardcrunch a7503f04a6 fixed missing os 2020-12-06 00:58:24 -06:00
keyboardcrunch bc3557a4ea removed tactic from titles 2020-12-06 00:34:46 -06:00
keyboardcrunch 4d6ac236bc Cleaned up signature descriptions and metadata. 2020-12-05 21:45:38 -06:00
keyboardcrunch 3ecab6de5b Create rundll32_possible_cobalt_strike.yml 2020-12-02 11:54:10 -06:00
@ e4aae04765 powershell timestomp detection 2020-11-24 12:57:03 -06:00
@ a428941d64 PasswordVault Browser Cred extraction rule 2020-11-24 12:42:31 -06:00
@ eb3dec64e9 fix date on outlook_vba_persistence rule 2020-11-24 12:10:45 -06:00
@ 54e3046b4a added outlook_vba_persistence rule 2020-11-24 12:05:01 -06:00
@ 7c09d914d1 auto-generated queries from markdown notes 2020-11-23 12:08:31 -06:00