Cyberdefense/DeepBlueCLI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated the events table

Browse Source
This commit is contained in:
Eric Conrad
2019-05-08 10:47:14 -07:00
committed by GitHub
parent 9834750e0e
commit 5e796ca588
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -71,9 +71,11 @@ See [Logging setup](#logging-setup) section below for how to configure these log
* Password spraying via explicit credentials * Password spraying via explicit credentials
* Bloodhound (admin privileges assigned to the same account with multiple Security IDs) * Bloodhound (admin privileges assigned to the same account with multiple Security IDs)
* Command line/Sysmon/PowerShell auditing * Command line/Sysmon/PowerShell auditing
* Long command lines
* Regex searches * Regex searches
* Obfuscated commands * Obfuscated commands
* PowerShell launched via WMIC or PsExec * PowerShell launched via WMIC or PsExec
* PowerShell Net.WebClient Downloadstring
* Compressed/Base64 encoded commands (with automatic decompression/decoding) * Compressed/Base64 encoded commands (with automatic decompression/decoding)
* Unsigned EXEs or DLLs * Unsigned EXEs or DLLs
* Service auditing * Service auditing