Commit Graph

  • ae08b49ffc Merge pull request #9 from joswr1ght/master Eric Conrad 2019-04-30 19:42:00 +00:00
  • 6766ac618c Add Event ID 4673 Sensitive Privilege Use detection for Mimikatz Joshua Wright 2019-04-30 14:38:43 -04:00
  • cce18d1568 Version 2.01, added password spraying and initial Bloodhound detection Eric Conrad 2019-04-30 14:42:16 +00:00
  • 8952278d3b Merge pull request #8 from joswr1ght/master Eric Conrad 2019-04-29 16:50:19 -03:00
  • 2fe7d13599 Add detector and event log to watch for Event Log Service stop/start as an indicator or event log tampering with eventlogedit Joshua Wright 2019-04-28 14:23:23 -04:00
  • a98ef0e402 Post-DerbyCon update Eric Conrad 2017-11-07 12:28:21 -05:00
  • 6a4766e25e Update README.md Eric Conrad 2017-10-03 10:02:43 -04:00
  • 18ba3fc256 Delete Powershell-Invoke-Obfuscation-token-menu.evtx Eric Conrad 2017-09-22 14:14:02 -04:00
  • 4922dc7aa6 Tweaked the PowerShell 4104 CLI detector Eric Conrad 2017-09-20 16:03:21 -04:00
  • 36f958c9ed Update README-DeepBlue.py.md Eric Conrad 2017-09-20 10:37:14 -04:00
  • 084c307d22 Update README.md Eric Conrad 2017-09-20 10:35:42 -04:00
  • b53e8967ce Rename DeepWhite.md to README-DeepWhite.md Eric Conrad 2017-09-20 10:35:06 -04:00
  • 17b64603b1 Update README.md Eric Conrad 2017-09-20 10:34:06 -04:00
  • 6f1d57219f Update README-DeepBlue.py.md Eric Conrad 2017-09-20 10:30:24 -04:00
  • fcb1e4d3d8 Create README-DeepBlue.py.md Eric Conrad 2017-09-20 10:24:31 -04:00
  • 4d5351486c Delete file-whitelist.csv Eric Conrad 2017-09-20 10:23:28 -04:00
  • 17764ac951 Update README.md Eric Conrad 2017-09-20 10:22:24 -04:00
  • 0505507419 Create readme-deepblue.py Eric Conrad 2017-09-20 10:17:11 -04:00
  • 8bcd67ca8c Pre-DerbyCon update Eric Conrad 2017-09-20 09:01:04 -04:00
  • 72f9d7a944 Another pre-DerbyCon update Eric Conrad 2017-09-20 08:46:20 -04:00
  • c1067b0258 First release of DeepBlue.py Eric Conrad 2017-09-20 08:42:56 -04:00
  • 3663b9cff5 Update DeepWhite.md Eric Conrad 2017-09-19 08:47:09 -04:00
  • 3597a235d7 Update DeepWhite.md Eric Conrad 2017-09-19 08:45:58 -04:00
  • dc4af74e9b Update DeepWhite.md Eric Conrad 2017-09-19 08:45:28 -04:00
  • bcce36341a Update README.md Eric Conrad 2017-09-18 21:50:23 -04:00
  • a863f74553 Major Update to v1.9 pre-DerbyCon Eric Conrad 2017-09-18 21:49:19 -04:00
  • dff301f17a Add files via upload Eric Conrad 2017-09-10 21:29:48 -04:00
  • f91e4c8934 Add files via upload Eric Conrad 2017-09-10 18:24:28 -04:00
  • 3f9a8f45c3 Add files via upload Eric Conrad 2017-09-10 18:15:35 -04:00
  • 6b9018997f Update README.md Eric Conrad 2017-09-07 23:53:24 -04:00
  • 881e49f15a Update DeepWhite.md Eric Conrad 2017-09-07 20:06:23 -04:00
  • 2a8f71fdac Update DeepWhite.md Eric Conrad 2017-09-07 19:59:59 -04:00
  • c254e5a72d Update DeepWhite.md Eric Conrad 2017-09-07 19:40:08 -04:00
  • a40ad47117 Update DeepWhite.md Eric Conrad 2017-09-07 19:39:42 -04:00
  • 5686c8192b Update DeepWhite.md Eric Conrad 2017-09-07 19:38:39 -04:00
  • bce95448f6 Update DeepWhite.md Eric Conrad 2017-09-07 19:37:56 -04:00
  • 59609d5dc2 Update DeepWhite.md Eric Conrad 2017-09-07 19:33:33 -04:00
  • 7914291c98 Update DeepWhite.md Eric Conrad 2017-09-07 19:30:12 -04:00
  • b8059a00f0 Update DeepWhite.md Eric Conrad 2017-09-07 19:29:26 -04:00
  • 67cf3b6924 Update README.md Eric Conrad 2017-09-07 16:29:59 -04:00
  • c218b39263 Update README.md Eric Conrad 2017-09-07 16:29:36 -04:00
  • 341e9dcfcf Add files via upload Eric Conrad 2017-09-07 16:27:31 -04:00
  • 9885c1c2bc Update DeepWhite.md Eric Conrad 2017-09-07 16:25:43 -04:00
  • 37b7224646 Update DeepWhite.md Eric Conrad 2017-09-07 16:25:09 -04:00
  • 7b8aa13f41 Update DeepWhite.md Eric Conrad 2017-09-07 16:23:04 -04:00
  • dbc4d78195 Update DeepWhite.md Eric Conrad 2017-09-07 16:21:16 -04:00
  • 28e8b2c0b6 Update DeepWhite.md Eric Conrad 2017-09-07 16:19:18 -04:00
  • 43b40d5933 Update README.md Eric Conrad 2017-09-07 16:16:15 -04:00
  • cc1a029fc6 Delete readme.md Eric Conrad 2017-09-07 16:14:04 -04:00
  • 4cbe32ef2e Delete win10-x64.csv Eric Conrad 2017-09-07 16:13:55 -04:00
  • 2d54e718fb Update DeepWhite.md Eric Conrad 2017-09-07 16:13:38 -04:00
  • 223aa38d46 Create DeepWhite.md Eric Conrad 2017-09-07 16:12:41 -04:00
  • e844ac0188 Add files via upload Eric Conrad 2017-09-07 16:11:35 -04:00
  • 5f01091380 Delete win10-x64.csv Eric Conrad 2017-09-07 16:11:05 -04:00
  • 6885a8f030 Create readme.md Eric Conrad 2017-09-07 16:10:44 -04:00
  • 4c6e1767e2 Initial release of DeepWhite Eric Conrad 2017-09-07 16:10:09 -04:00
  • 7ecc8532b6 Initial version of DeepWhite Eric Conrad 2017-09-07 16:03:48 -04:00
  • 5da2bdc20b Update README.md Eric Conrad 2017-09-07 12:04:58 -04:00
  • 823fbcb814 Update README.md Eric Conrad 2017-09-07 12:03:19 -04:00
  • 1b0f1ad1e4 Update README.md Eric Conrad 2017-09-07 12:01:48 -04:00
  • 46ae5e079c Update README.md Eric Conrad 2017-09-07 12:00:35 -04:00
  • c9b47bc419 Update README.md Eric Conrad 2017-09-07 11:54:57 -04:00
  • 26ccd26e4e Update README.md Eric Conrad 2017-09-07 11:54:12 -04:00
  • 6ba6ff4e64 Update README.md Eric Conrad 2017-09-07 11:52:04 -04:00
  • 4027af0b9a Update README.md Eric Conrad 2017-09-07 11:50:53 -04:00
  • 17ab129b7b Update README.md Eric Conrad 2017-09-07 11:49:20 -04:00
  • b85152810c Updated file, a few more entries Eric Conrad 2017-09-07 10:38:33 -04:00
  • 4b1954df05 Update readme.md Eric Conrad 2017-09-07 10:32:51 -04:00
  • 81dbe55300 EXE and DLL hashes from clean win10x64 install Eric Conrad 2017-09-07 10:28:27 -04:00
  • 70467fe8ee Update readme.md Eric Conrad 2017-09-07 10:06:41 -04:00
  • 3101c89dba Update readme.md Eric Conrad 2017-09-07 10:04:35 -04:00
  • 5abf6b0620 Create readme.md Eric Conrad 2017-09-07 09:44:23 -04:00
  • ef595683ed Update README.md Eric Conrad 2017-09-02 10:30:28 -04:00
  • 4281b65bd6 Create readme.md Eric Conrad 2017-08-30 15:57:46 -04:00
  • 7f90195d1d Added Invoke-Obfuscation sample evtx files Eric Conrad 2017-08-30 15:49:46 -04:00
  • 35551bffb4 Update README.md Eric Conrad 2017-08-30 15:43:29 -04:00
  • 8c9bff9614 Major update to version 0.3 Eric Conrad 2017-08-30 15:43:08 -04:00
  • 28e9686a23 Update README.md Eric Conrad 2017-08-30 15:10:36 -04:00
  • 49836207d1 Minor version update Eric Conrad 2017-08-19 13:04:31 -04:00
  • 42f6273892 s/check-service/check-regex/g Eric Conrad 2017-08-19 13:03:27 -04:00
  • cbfee44993 Create .gitattributes Eric Conrad 2016-09-26 14:49:59 -04:00
  • 769149b343 Added command obfuscation detection Eric Conrad 2016-09-23 17:38:51 -04:00
  • 5a90b6987e Add files via upload Eric Conrad 2016-09-23 11:02:05 -04:00
  • 5a2f201331 Delete readme.md Eric Conrad 2016-09-21 10:06:01 -04:00
  • 821ca4c318 Add files via upload Eric Conrad 2016-09-21 00:03:48 -04:00
  • d1d21c91a1 Delete metasploit-psexec-native-upload-target-system.evtx Eric Conrad 2016-09-21 00:03:36 -04:00
  • c45dbc3655 Delete metasploit-psexec-native-upload-target-security.evtx Eric Conrad 2016-09-21 00:03:26 -04:00
  • cdf59ab6b5 Add files via upload Eric Conrad 2016-09-20 23:58:54 -04:00
  • b28c947438 Update README.md Eric Conrad 2016-09-20 16:47:43 -04:00
  • 927595c549 Update README.md Eric Conrad 2016-09-20 15:47:31 -04:00
  • 9c6854a0b2 Add files via upload Eric Conrad 2016-09-20 15:35:54 -04:00
  • 9250e34d6c Create readme.md Eric Conrad 2016-09-20 15:34:36 -04:00
  • 5755000882 Add files via upload Eric Conrad 2016-09-20 15:24:53 -04:00
  • 11c208c725 Update README.md Eric Conrad 2016-09-20 14:52:53 -04:00
  • 46a00b63a0 Update README.md Eric Conrad 2016-09-20 12:30:28 -04:00
  • a98cd73d2f Update README.md Eric Conrad 2016-09-20 12:29:48 -04:00
  • d183a9703e Update README.md Eric Conrad 2016-09-20 12:28:22 -04:00
  • 9f3d9cbadd Update README.md Eric Conrad 2016-09-20 12:28:06 -04:00
  • 258e1b4196 Update README.md Eric Conrad 2016-09-20 12:27:44 -04:00
  • 94009ecf90 Update README.md Eric Conrad 2016-09-20 12:26:24 -04:00