GitHub

powershell_fileless_script_contains_base64_encoded_content.yml

description: The following analytic detects the execution of PowerShell scripts containing Base64 encoded content, specifically identifying the use of `FromBase64String`. It leverages PowerShell ...
来自MSN

This Linux shell gives you the terminal features Bash forgot to add

Setting up a Linux terminal for a modern workflow can be daunting. Still, it remains an important task since the default Bash shell has not evolved at the same rate as the modern desktop. The terminal ...
GitHub

7zip_commandline_to_smb_share_path.yml

description: The following analytic detects the execution of 7z or 7za processes with command lines pointing to SMB network shares. It leverages data from Endpoint Detection and Response (EDR) agents, ...