Closed netscylla closed 1 year ago
Added code to support potential detection of malicious WMI Events from "Microsoft-Windows-WMI-Activity/Operational"
T1546.003 : Persistence - WMI - Event Triggered Execution
Added code to support potential detection of malicious WMI Events from "Microsoft-Windows-WMI-Activity/Operational"
T1546.003 : Persistence - WMI - Event Triggered Execution