Marty Hernandez Avedon 7aea4c8726 title updates, see-also, typos		2021-03-09 17:56:58 -05:00
..
Detect-Not-Active-AD-User-Accounts.md	Update Detect-Not-Active-AD-User-Accounts.md	2020-04-22 21:56:14 +04:00
DetectTorRelayConnectivity.md	Create DetectTorRelayConnectivity.md	2021-01-06 18:53:58 +11:00
DetectTorrentUse.txt	Update DetectTorrentUse.txt	2020-04-22 13:52:43 +03:00
Discover hosts doing possible network scans.txt	Update github queries to use the new advanced hunting device schema	2020-01-05 15:46:07 +02:00
Enumeration of users & groups for lateral movement.txt	improve detection of use of net CLI	2020-04-16 14:54:16 +03:00
MultipleLdaps.md	Update MultipleLdaps.md	2020-06-24 14:30:13 +03:00
MultipleSensitiveLdaps.md	Fix the query based on the change in Roasting.md	2020-06-24 16:59:33 +03:00
PasswordSearch.md	Update PasswordSearch.md	2020-06-24 14:26:44 +03:00
PrevalentInteractiveLogons	Update PrevalentInteractiveLogons	2020-04-22 13:35:28 +03:00
Roasting.md	Add initiated process correlation from MDATP	2020-06-30 16:21:38 +03:00
SMB shares discovery.txt	Update github queries to use the new advanced hunting device schema	2020-01-05 15:46:07 +02:00
SensitiveLdaps.md	Update SensitiveLdaps.md	2020-06-24 14:28:11 +03:00
SuspiciousEnumerationUsingAdfind[Nobelium].md	title updates, see-also, typos	2021-03-09 17:56:58 -05:00
URL Detection.txt	Update github queries to use the new advanced hunting device schema	2020-01-05 15:46:07 +02:00
VulnComputers.md	Update VulnComputers.md	2020-06-24 14:29:29 +03:00
detect-nbtscan-activity.md	Update detect-nbtscan-activity.md	2020-07-22 19:23:51 +03:00
detect-suspicious-commands-initiated-by-web-server-processes.md	Update detect-suspicious-commands-initiated-by-web-server-processes.md	2020-07-22 19:24:51 +03:00
doppelpaymer.md	files related to doppelpaymer	2020-09-08 15:32:16 -04:00
qakbot-campaign-esentutl.md	5 more files related to qakbot	2020-08-10 16:53:38 -04:00
qakbot-campaign-outlook.md	5 more files related to qakbot	2020-08-10 16:53:38 -04:00