keyboardcrunch-sentinelone-queries

Mirrors/keyboardcrunch-sentinelone-queries

mirror of https://github.com/keyboardcrunch/sentinelone-queries synced 2026-06-08 17:07:13 +00:00

Author	SHA1	Message	Date
keyboardcrunch	710d621de0	Create solarwinds_process_disabling_services.yml	2020-12-18 13:43:31 -06:00
keyboardcrunch	fa5b44c390	Create disable_or_modify_service_execution.yml	2020-12-18 13:39:22 -06:00
keyboardcrunch	2a0c1adc13	updated iocs	2020-12-13 22:46:00 -06:00
keyboardcrunch	f87ab44340	Adding query for sunburst campaign	2020-12-13 21:48:38 -06:00
keyboardcrunch	fad7b95528	Update dd_data_destruction.yml	2020-12-07 18:11:00 -06:00
keyboardcrunch	cbf14cd87c	updated to reflect changes	2020-12-07 18:09:57 -06:00
keyboardcrunch	4d4b09a627	fixed false pos	2020-12-06 01:09:10 -06:00
keyboardcrunch	a7503f04a6	fixed missing os	2020-12-06 00:58:24 -06:00
keyboardcrunch	bc3557a4ea	removed tactic from titles	2020-12-06 00:34:46 -06:00
keyboardcrunch	4d6ac236bc	Cleaned up signature descriptions and metadata.	2020-12-05 21:45:38 -06:00
keyboardcrunch	08e20670ee	clean and reword of signatures	2020-12-05 12:50:21 -06:00
keyboardcrunch	3ecab6de5b	Create rundll32_possible_cobalt_strike.yml	2020-12-02 11:54:10 -06:00
@	e4aae04765	powershell timestomp detection	2020-11-24 12:57:03 -06:00
@	a428941d64	PasswordVault Browser Cred extraction rule	2020-11-24 12:42:31 -06:00
@	eb3dec64e9	fix date on outlook_vba_persistence rule	2020-11-24 12:10:45 -06:00
@	54e3046b4a	added outlook_vba_persistence rule	2020-11-24 12:05:01 -06:00
@	bc33e8dda5	fix template	2020-11-24 12:03:43 -06:00
@	f2ffb3d9dd	current signature template	2020-11-23 12:08:44 -06:00
@	7c09d914d1	auto-generated queries from markdown notes	2020-11-23 12:08:31 -06:00
@	a3c07c2199	updated readme with basic details	2020-11-23 12:08:14 -06:00
keyboardcrunch	e65cdabb64	Initial commit	2020-11-23 11:45:42 -06:00

21 Commits