|
|
c2dfa045ff
|
Added event log example
|
2019-05-01 16:59:17 -03:00 |
|
|
|
2aa4cfe191
|
Minor formatting
|
2019-05-01 16:15:55 -03:00 |
|
|
|
8ca0df7a0e
|
Menu cleanup
|
2019-05-01 11:51:14 -03:00 |
|
|
|
7c8e3eef00
|
Cleaned up the menus
|
2019-05-01 11:46:43 -03:00 |
|
|
|
7557597acb
|
Updated intro
|
2019-05-01 11:31:02 -03:00 |
|
|
|
12238e78e5
|
s/Lines/Line/g
|
2019-05-01 11:23:47 -03:00 |
|
|
|
68d482ac56
|
More examples
|
2019-05-01 11:00:42 -03:00 |
|
|
|
ecd1a6be47
|
Updated the examples table
|
2019-05-01 10:57:29 -03:00 |
|
|
|
3d3e0b281b
|
Added initial examples menu
|
2019-05-01 10:51:42 -03:00 |
|
|
|
f453ede47c
|
s/Powershell/PowerShell/g
|
2019-05-01 10:31:09 -03:00 |
|
|
|
82cc713117
|
Mentioned run as administrator for live security log
|
2019-05-01 09:58:29 -03:00 |
|
|
|
ac077b145c
|
Merge pull request #10 from joswr1ght/master
Add password spray detection, sample evtx
|
2019-04-30 21:26:54 +00:00 |
|
|
|
f17d32491e
|
Add password spray detection, sample evtx
|
2019-04-30 17:11:56 -04:00 |
|
|
|
cd44a63604
|
Added list of detected events
|
2019-04-30 17:29:44 -03:00 |
|
|
|
4514af7f4a
|
Minor update, added Set-ExecutionPolicy bypass example
|
2019-04-30 17:12:51 -03:00 |
|
|
|
ae08b49ffc
|
Merge pull request #9 from joswr1ght/master
Add Event ID 4673 Sensitive Privilege Use detection for Mimikatz
|
2019-04-30 19:42:00 +00:00 |
|
|
|
6766ac618c
|
Add Event ID 4673 Sensitive Privilege Use detection for Mimikatz
|
2019-04-30 14:38:43 -04:00 |
|
|
|
cce18d1568
|
Version 2.01, added password spraying and initial Bloodhound detection
|
2019-04-30 14:42:16 +00:00 |
|
|
|
8952278d3b
|
Merge pull request #8 from joswr1ght/master
Add detector and event log to watch for Event Log Service stop/start …
|
2019-04-29 16:50:19 -03:00 |
|
|
|
2fe7d13599
|
Add detector and event log to watch for Event Log Service stop/start as an indicator or event log tampering with eventlogedit
|
2019-04-28 14:23:23 -04:00 |
|
|
|
a98ef0e402
|
Post-DerbyCon update
|
2017-11-07 12:28:21 -05:00 |
|
|
|
6a4766e25e
|
Update README.md
|
2017-10-03 10:02:43 -04:00 |
|
|
|
18ba3fc256
|
Delete Powershell-Invoke-Obfuscation-token-menu.evtx
|
2017-09-22 14:14:02 -04:00 |
|
|
|
4922dc7aa6
|
Tweaked the PowerShell 4104 CLI detector
|
2017-09-20 16:03:21 -04:00 |
|
|
|
36f958c9ed
|
Update README-DeepBlue.py.md
|
2017-09-20 10:37:14 -04:00 |
|
|
|
084c307d22
|
Update README.md
|
2017-09-20 10:35:42 -04:00 |
|
|
|
b53e8967ce
|
Rename DeepWhite.md to README-DeepWhite.md
|
2017-09-20 10:35:06 -04:00 |
|
|
|
17b64603b1
|
Update README.md
|
2017-09-20 10:34:06 -04:00 |
|
|
|
6f1d57219f
|
Update README-DeepBlue.py.md
|
2017-09-20 10:30:24 -04:00 |
|
|
|
fcb1e4d3d8
|
Create README-DeepBlue.py.md
|
2017-09-20 10:24:31 -04:00 |
|
|
|
4d5351486c
|
Delete file-whitelist.csv
|
2017-09-20 10:23:28 -04:00 |
|
|
|
17764ac951
|
Update README.md
|
2017-09-20 10:22:24 -04:00 |
|
|
|
0505507419
|
Create readme-deepblue.py
|
2017-09-20 10:17:11 -04:00 |
|
|
|
8bcd67ca8c
|
Pre-DerbyCon update
|
2017-09-20 09:01:04 -04:00 |
|
|
|
72f9d7a944
|
Another pre-DerbyCon update
|
2017-09-20 08:46:20 -04:00 |
|
|
|
c1067b0258
|
First release of DeepBlue.py
|
2017-09-20 08:42:56 -04:00 |
|
|
|
3663b9cff5
|
Update DeepWhite.md
|
2017-09-19 08:47:09 -04:00 |
|
|
|
3597a235d7
|
Update DeepWhite.md
|
2017-09-19 08:45:58 -04:00 |
|
|
|
dc4af74e9b
|
Update DeepWhite.md
|
2017-09-19 08:45:28 -04:00 |
|
|
|
bcce36341a
|
Update README.md
|
2017-09-18 21:50:23 -04:00 |
|
|
|
a863f74553
|
Major Update to v1.9 pre-DerbyCon
|
2017-09-18 21:49:19 -04:00 |
|
|
|
dff301f17a
|
Add files via upload
|
2017-09-10 21:29:48 -04:00 |
|
|
|
f91e4c8934
|
Add files via upload
|
2017-09-10 18:24:28 -04:00 |
|
|
|
3f9a8f45c3
|
Add files via upload
|
2017-09-10 18:15:35 -04:00 |
|
|
|
6b9018997f
|
Update README.md
|
2017-09-07 23:53:24 -04:00 |
|
|
|
881e49f15a
|
Update DeepWhite.md
|
2017-09-07 20:06:23 -04:00 |
|
|
|
2a8f71fdac
|
Update DeepWhite.md
|
2017-09-07 19:59:59 -04:00 |
|
|
|
c254e5a72d
|
Update DeepWhite.md
|
2017-09-07 19:40:08 -04:00 |
|
|
|
a40ad47117
|
Update DeepWhite.md
|
2017-09-07 19:39:42 -04:00 |
|
|
|
5686c8192b
|
Update DeepWhite.md
|
2017-09-07 19:38:39 -04:00 |
|
