Mirrors/keyboardcrunch-sentinelone-queries
1
0
Fork 0
mirror of https://github.com/keyboardcrunch/sentinelone-queries synced 2026-06-08 09:05:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 3196e55d5a Create PrintNightmare.yml main keyboardcrunch 2021-06-30 15:52:46 +00:00
  • e1fdca6dfa changed to arg detection vs file detection keyboardcrunch 2021-06-08 14:07:33 -05:00
  • 90651e37c2 Add detection for kerberoasting keyboardcrunch 2021-03-17 20:21:25 -05:00
  • 166e451cf6 Removed LSASSMemoryAccessed due to HIGH FP keyboardcrunch 2021-03-17 20:09:19 -05:00
  • 2f71277652 Adding T1003 OS Credential Dumping keyboardcrunch 2021-03-17 20:05:39 -05:00
  • 58b7368940 T1040 Network Sniffing keyboardcrunch 2021-03-17 19:20:55 -05:00
  • dd57246fde Revert "T1040 network sniffing" keyboardcrunch 2021-03-17 19:19:22 -05:00
  • 50959302ed T1040 network sniffing keyboardcrunch 2021-03-17 19:15:51 -05:00
  • cff3330a29 mentions to WIP status keyboardcrunch 2021-01-11 13:43:18 -06:00
  • ce658f9e1c Update sunburst_campaign.yml keyboardcrunch 2020-12-18 13:43:47 -06:00
  • 710d621de0 Create solarwinds_process_disabling_services.yml keyboardcrunch 2020-12-18 13:43:31 -06:00
  • fa5b44c390 Create disable_or_modify_service_execution.yml keyboardcrunch 2020-12-18 13:39:22 -06:00
  • 2a0c1adc13 updated iocs keyboardcrunch 2020-12-13 22:46:00 -06:00
  • f87ab44340 Adding query for sunburst campaign keyboardcrunch 2020-12-13 21:48:38 -06:00
  • fad7b95528 Update dd_data_destruction.yml keyboardcrunch 2020-12-07 18:11:00 -06:00
  • cbf14cd87c updated to reflect changes keyboardcrunch 2020-12-07 18:09:57 -06:00
  • 4d4b09a627 fixed false pos keyboardcrunch 2020-12-06 01:09:10 -06:00
  • a7503f04a6 fixed missing os keyboardcrunch 2020-12-06 00:58:24 -06:00
  • bc3557a4ea removed tactic from titles keyboardcrunch 2020-12-06 00:34:46 -06:00
  • 4d6ac236bc Cleaned up signature descriptions and metadata. keyboardcrunch 2020-12-05 21:45:38 -06:00
  • 08e20670ee clean and reword of signatures keyboardcrunch 2020-12-05 12:50:21 -06:00
  • 3ecab6de5b Create rundll32_possible_cobalt_strike.yml keyboardcrunch 2020-12-02 11:54:10 -06:00
  • e4aae04765 powershell timestomp detection @ 2020-11-24 12:57:03 -06:00
  • a428941d64 PasswordVault Browser Cred extraction rule @ 2020-11-24 12:42:31 -06:00
  • eb3dec64e9 fix date on outlook_vba_persistence rule @ 2020-11-24 12:10:45 -06:00
  • 54e3046b4a added outlook_vba_persistence rule @ 2020-11-24 12:05:01 -06:00
  • bc33e8dda5 fix template @ 2020-11-24 12:03:43 -06:00
  • f2ffb3d9dd current signature template @ 2020-11-23 12:08:44 -06:00
  • 7c09d914d1 auto-generated queries from markdown notes @ 2020-11-23 12:08:31 -06:00
  • a3c07c2199 updated readme with basic details @ 2020-11-23 12:08:14 -06:00
  • e65cdabb64 Initial commit keyboardcrunch 2020-11-23 11:45:42 -06:00