Microsoft-365-Defender-Hunting-Queries

Граф коммитов

Автор	SHA1	Сообщение	Дата
Michael Melone	376df726f2	Updating URL list Source: Defender proxy list. At a future date I will also update to include the * URLs.	2021-09-17 10:33:58 -04:00
tali-ash	0d921e78b5	Merge pull request #408 from Iveco/master C2 Framework detection by SMB named pipes	2021-08-19 13:53:19 +03:00
dreadphones	7720614e5f	Merge pull request #411 from alimajalt/patch-13 Create successive-tk-domain-calls.md	2021-08-17 17:05:51 -07:00
dreadphones	b9c6909965	Merge pull request #409 from alimajalt/patch-11 Update evasive-powershell-executions.md	2021-08-17 17:05:26 -07:00
dreadphones	bf11a7133b	Merge pull request #410 from alimajalt/patch-12 Create deimos-component-execution.md	2021-08-17 17:05:15 -07:00
Elif Kaya	e40124a5b5	Update evasive-powershell-executions.md correcting spelling error.	2021-08-17 17:01:59 -07:00
Elif Kaya	07c2728af9	Update deimos-component-execution.md correcting spelling error.	2021-08-17 17:01:46 -07:00
Elif Kaya	dfb65b5d4c	Update successive-tk-domain-calls.md correcting spelling error.	2021-08-17 17:01:31 -07:00
Elif Kaya	254f91e187	Update evasive-powershell-executions.md	2021-08-17 16:58:39 -07:00
Elif Kaya	f5167a988d	Update deimos-component-execution.md	2021-08-17 16:58:24 -07:00
Elif Kaya	4afc2ee5af	Update successive-tk-domain-calls.md	2021-08-17 16:58:02 -07:00
Elif Kaya	8e655871b2	Create successive-tk-domain-calls.md Adding new AHQ for simple TLD location for Jupyter	2021-08-17 14:55:26 -07:00
Elif Kaya	069d17b925	Create deimos-component-execution.md Updating Jupyter campaign to include additional AHQs	2021-08-17 13:34:04 -07:00
Elif Kaya	2ff4cde36b	Update evasive-powershell-executions.md Updating to reflect simpler syntax and newer versions.	2021-08-17 13:30:36 -07:00
Iveco	19253acb9f	Update C2-NamedPipe.md	2021-08-17 20:44:30 +02:00
Iveco	ad82f13fe6	Update C2-NamedPipe.md	2021-08-17 20:43:44 +02:00
Iveco	9f2bce56df	Update C2-NamedPipe.md	2021-08-17 20:43:21 +02:00
Iveco	5b205554a0	Update C2-NamedPipe.md	2021-08-17 20:41:23 +02:00
Iveco	4ba81ae4b5	Update C2-NamedPipe.md	2021-08-17 20:40:59 +02:00
Iveco	09d5d877bc	C2 Framework detection by SMB named pipes	2021-08-17 20:35:58 +02:00
Justin C	bcda0c9877	Merge pull request #407 from mcyr5/patch-1 Create JNLP-File-Attachment.md	2021-08-12 15:29:26 -07:00
Michael Cyr	1f86c01ae0	Update JNLP-File-Attachment.md fixed grammar	2021-08-12 15:26:51 -07:00
Michael Cyr	91722eb131	Rename Campaigns/JNLP-File-Attachment.md to Email Queries/JNLP-File-Attachment.md Updated path	2021-08-12 15:26:19 -07:00
Michael Cyr	0bb1f65b7e	Create JNLP-File-Attachment.md	2021-08-12 14:27:49 -07:00
Justin C	e54b5b1b07	Merge pull request #406 from alimajalt/patch-10 Moving LemonDuck-component-names.md	2021-08-12 09:20:14 -07:00
Elif Kaya	06fb7b6974	Moving LemonDuck-component-names.md Moving query to parent folder after duplicate folder creation.	2021-08-12 09:15:57 -07:00
Justin C	bec8ceae50	Merge pull request #405 from alimajalt/patch-9 Create LemonDuck-component-download-structure.md	2021-08-11 15:46:03 -07:00
Justin C	e4d00c175d	Merge pull request #404 from alimajalt/patch-8 Create LemonDuck-defender-exclusions.md	2021-08-11 15:45:44 -07:00
Justin C	dd33353a87	Merge pull request #403 from alimajalt/patch-7 Create LemonDuck-competition-killer.md	2021-08-11 15:45:21 -07:00
Justin C	e5fa4b0ebf	Merge pull request #402 from alimajalt/patch-6 Create LemonDuck-id-generation.md	2021-08-11 15:44:47 -07:00
Justin C	b8242699c9	Merge pull request #401 from alimajalt/patch-5 Create LemonDuck-component-names.md	2021-08-11 15:44:30 -07:00
Justin C	fb5b3129cf	Merge pull request #400 from alimajalt/patch-4 Create LemonDuck-control-structure.md	2021-08-11 15:44:17 -07:00
Justin C	0cb9414571	Merge pull request #399 from alimajalt/patch-3 Create LemonDuck-registration-function	2021-08-11 15:44:04 -07:00
Justin C	630b6e2e9a	Merge pull request #398 from alimajalt/patch-2 Create LemonDuck-email-subjects	2021-08-11 15:43:54 -07:00
Elif Kaya	d915e916e5	Create LemonDuck-component-download-structure.md uploading recent variation AHQs for short-links	2021-08-11 12:13:12 -07:00
Elif Kaya	a10a8815bd	Create LemonDuck-defender-exclusions.md uploading recent variation AHQs for short-links	2021-08-11 12:08:48 -07:00
Elif Kaya	e3c0926183	Create LemonDuck-competition-killer.md uploading recent variation AHQs for short-links	2021-08-11 12:05:55 -07:00
Elif Kaya	43044c1119	Create LemonDuck-id-generation.md uploading recent variation AHQs for short-links	2021-08-11 12:03:02 -07:00
Justin C	1af1b45f4b	Merge pull request #397 from dreadphones/patch-18 Create Stolen Images Execution.md	2021-08-10 14:01:02 -07:00
Elif Kaya	c64ec856b0	Create LemonDuck-component-names.md uploading recent variation AHQs for short-links	2021-08-10 13:47:39 -07:00
Elif Kaya	4592d7c9ec	Create LemonDuck-control-structure.md uploading recent variation AHQs for short-links	2021-08-10 13:40:43 -07:00
Elif Kaya	4704b6e2d7	Rename LemonDuck-registration-function to LemonDuck-registration-function.md	2021-08-10 13:37:16 -07:00
Elif Kaya	589b2d95d5	Rename LemonDuck-email-subjects to LemonDuck-email-subjects.md	2021-08-10 13:36:21 -07:00
Elif Kaya	c08d3f9c0d	Create LemonDuck-registration-function uploading recent variation AHQs for short-links	2021-08-10 13:34:01 -07:00
Elif Kaya	470a5e2095	Create LemonDuck-email-subjects uploading recent variation AHQs for short-links	2021-08-10 13:24:42 -07:00
dreadphones	9c8efe43f9	Create Zip-Doc - Creation of JPG Payload File.md Added JPG Payload query	2021-08-10 11:20:52 -07:00
dreadphones	86c6bf0cd0	Rename Zip-Doc - Word Launching MSHTA to Zip-Doc - Word Launching MSHTA.md Forgot to make it a markdown	2021-08-10 11:15:49 -07:00
dreadphones	3b940bed68	Create Zip-Doc - Word Launching MSHTA Query for word launching MSHTA	2021-08-10 11:15:28 -07:00
dreadphones	cdeae42b89	Create Stolen Images Execution.md	2021-08-10 10:04:40 -07:00
Dulce Montemayor	994b594b0b	Merge pull request #394 from alimajalt/patch-1 Create referral-phish-emails.md	2021-07-30 12:46:05 -07:00

1 2 3 4 5 ...

1104 Коммитов Все ветки Поиск

1104 Коммитов

Все ветки