search

Security-Experts-Community / open-xp-rules

Открытый репозиторий с правилами на языке eXtraction and Processing (XP)
Apache License 2.0
20 stars 44 forks source link

Детект SharpNoPSExec #354

Closed driverenok closed 1 year ago

driverenok commented 1 year ago

Detect

Выявление активности SharpNoPSExec

[evtx] (https://github.com/driverenok/siem-content/tree/main/evtx_attack_samples/execution/system_services/service_execution/sharpnopsexec)

pcap