Index of /github/opensearch-project/security-analytics/src/main/resources/rules/windows/powershell/powershell_script/
../
posh_ps_access_to_browser_login_data.yml 05-Aug-2023 01:06 1382
posh_ps_accessing_win_api.yml 05-Aug-2023 01:06 2467
posh_ps_adrecon_execution.yml 05-Aug-2023 01:06 881
posh_ps_as_rep_roasting.yml 05-Aug-2023 01:06 1089
posh_ps_automated_collection.yml 05-Aug-2023 01:06 1026
posh_ps_azurehound_commands.yml 05-Aug-2023 01:06 901
posh_ps_capture_screenshots.yml 05-Aug-2023 01:06 802
posh_ps_cl_invocation_lolscript.yml 05-Aug-2023 01:06 769
posh_ps_cl_invocation_lolscript_count.yml 05-Aug-2023 01:06 892
posh_ps_cl_mutexverifiers_lolscript.yml 05-Aug-2023 01:06 809
posh_ps_cl_mutexverifiers_lolscript_count.yml 05-Aug-2023 01:06 948
posh_ps_clear_powershell_history.yml 05-Aug-2023 01:06 1337
posh_ps_clearing_windows_console_history.yml 05-Aug-2023 01:06 1146
posh_ps_cmdlet_scheduled_task.yml 05-Aug-2023 01:06 1309
posh_ps_copy_item_system32.yml 05-Aug-2023 01:06 697
posh_ps_cor_profiler.yml 05-Aug-2023 01:06 1241
posh_ps_create_local_user.yml 05-Aug-2023 01:06 693
posh_ps_create_volume_shadow_copy.yml 05-Aug-2023 01:06 917
posh_ps_data_compressed.yml 05-Aug-2023 01:06 894
posh_ps_detect_vm_env.yml 05-Aug-2023 01:06 1147
posh_ps_directorysearcher.yml 05-Aug-2023 01:06 879
posh_ps_directoryservices_accountmanagement.yml 05-Aug-2023 01:06 1036
posh_ps_dnscat_execution.yml 05-Aug-2023 01:06 637
posh_ps_dump_password_windows_credential_manage..> 05-Aug-2023 01:06 1379
posh_ps_enable_psremoting.yml 05-Aug-2023 01:06 942
posh_ps_enumerate_password_windows_credential_m..> 05-Aug-2023 01:06 993
posh_ps_etw_trace_evasion.yml 05-Aug-2023 01:06 1010
posh_ps_file_and_directory_discovery.yml 05-Aug-2023 01:06 1055
posh_ps_get_acl_service.yml 05-Aug-2023 01:06 1208
posh_ps_get_adreplaccount.yml 05-Aug-2023 01:06 1047
posh_ps_get_childitem_bookmarks.yml 05-Aug-2023 01:06 1084
posh_ps_hotfix_enum.yml 05-Aug-2023 01:06 728
posh_ps_icmp_exfiltration.yml 05-Aug-2023 01:06 1014
posh_ps_invoke_command_remote.yml 05-Aug-2023 01:06 973
posh_ps_invoke_dnsexfiltration.yml 05-Aug-2023 01:06 902
posh_ps_invoke_nightmare.yml 05-Aug-2023 01:06 616
posh_ps_invoke_obfuscation_clip.yml 05-Aug-2023 01:06 751
posh_ps_invoke_obfuscation_obfuscated_iex.yml 05-Aug-2023 01:06 1236
posh_ps_invoke_obfuscation_stdin.yml 05-Aug-2023 01:06 730
posh_ps_invoke_obfuscation_var.yml 05-Aug-2023 01:06 772
posh_ps_invoke_obfuscation_via_compress.yml 05-Aug-2023 01:06 922
posh_ps_invoke_obfuscation_via_rundll.yml 05-Aug-2023 01:06 791
posh_ps_invoke_obfuscation_via_stdin.yml 05-Aug-2023 01:06 706
posh_ps_invoke_obfuscation_via_use_clip.yml 05-Aug-2023 01:06 721
posh_ps_invoke_obfuscation_via_use_mhsta.yml 05-Aug-2023 01:06 821
posh_ps_invoke_obfuscation_via_use_rundll32.yml 05-Aug-2023 01:06 894
posh_ps_invoke_obfuscation_via_var.yml 05-Aug-2023 01:06 740
posh_ps_keylogging.yml 05-Aug-2023 01:06 1024
posh_ps_localuser.yml 05-Aug-2023 01:06 1120
posh_ps_malicious_commandlets.yml 05-Aug-2023 01:06 7374
posh_ps_malicious_keywords.yml 05-Aug-2023 01:06 1389
posh_ps_memorydump_getstoragediagnosticinfo.yml 05-Aug-2023 01:06 704
posh_ps_msxml_com.yml 05-Aug-2023 01:06 1271
posh_ps_nishang_malicious_commandlets.yml 05-Aug-2023 01:06 2707
posh_ps_ntfs_ads_access.yml 05-Aug-2023 01:06 898
posh_ps_office_comobject_registerxll.yml 05-Aug-2023 01:06 787
posh_ps_powerview_malicious_commandlets.yml 05-Aug-2023 01:06 4364
posh_ps_prompt_credentials.yml 05-Aug-2023 01:06 691
posh_ps_psattack.yml 05-Aug-2023 01:06 592
posh_ps_remote_session_creation.yml 05-Aug-2023 01:06 947
posh_ps_remove_item_path.yml 05-Aug-2023 01:06 990
posh_ps_request_kerberos_ticket.yml 05-Aug-2023 01:06 901
posh_ps_root_certificate_installed.yml 05-Aug-2023 01:06 1066
posh_ps_run_from_mount_diskimage.yml 05-Aug-2023 01:06 1075
posh_ps_security_software_discovery.yml 05-Aug-2023 01:06 1051
posh_ps_send_mailmessage.yml 05-Aug-2023 01:06 1075
posh_ps_set_policies_to_unsecure_level.yml 05-Aug-2023 01:06 1314
posh_ps_shellcode_b64.yml 05-Aug-2023 01:06 810
posh_ps_shellintel_malicious_commandlets.yml 05-Aug-2023 01:06 706
posh_ps_software_discovery.yml 05-Aug-2023 01:06 1181
posh_ps_store_file_in_alternate_data_stream.yml 05-Aug-2023 01:06 815
posh_ps_susp_ad_group_reco.yml 05-Aug-2023 01:06 1062
posh_ps_susp_directory_enum.yml 05-Aug-2023 01:06 943
posh_ps_susp_download.yml 05-Aug-2023 01:06 730
posh_ps_susp_execute_batch_script.yml 05-Aug-2023 01:06 1339
posh_ps_susp_export_pfxcertificate.yml 05-Aug-2023 01:06 945
posh_ps_susp_extracting.yml 05-Aug-2023 01:06 1029
posh_ps_susp_follina_execution.yml 05-Aug-2023 01:06 958
posh_ps_susp_get_adcomputer.yml 05-Aug-2023 01:06 699
posh_ps_susp_get_addefaultdomainpasswordpolicy.yml 05-Aug-2023 01:06 972
posh_ps_susp_get_adgroup.yml 05-Aug-2023 01:06 701
posh_ps_susp_get_current_user.yml 05-Aug-2023 01:06 984
posh_ps_susp_get_gpo.yml 05-Aug-2023 01:06 736
posh_ps_susp_get_process.yml 05-Aug-2023 01:06 804
posh_ps_susp_getprocess_lsass.yml 05-Aug-2023 01:06 809
posh_ps_susp_gettypefromclsid.yml 05-Aug-2023 01:06 790
posh_ps_susp_gwmi.yml 05-Aug-2023 01:06 848
posh_ps_susp_hyper_v_condlet.yml 05-Aug-2023 01:06 890
posh_ps_susp_invocation_generic.yml 05-Aug-2023 01:06 946
posh_ps_susp_invocation_specific.yml 05-Aug-2023 01:06 2133
posh_ps_susp_invoke_webrequest_useragent.yml 05-Aug-2023 01:06 969
posh_ps_susp_iofilestream.yml 05-Aug-2023 01:06 804
posh_ps_susp_keywords.yml 05-Aug-2023 01:06 1406
posh_ps_susp_local_group_reco.yml 05-Aug-2023 01:06 1057
posh_ps_susp_mail_acces.yml 05-Aug-2023 01:06 963
posh_ps_susp_mount_diskimage.yml 05-Aug-2023 01:06 917
posh_ps_susp_mounted_share_deletion.yml 05-Aug-2023 01:06 898
posh_ps_susp_networkcredential.yml 05-Aug-2023 01:06 1125
posh_ps_susp_new_psdrive.yml 05-Aug-2023 01:06 974
posh_ps_susp_recon_export.yml 05-Aug-2023 01:06 862
posh_ps_susp_remove_adgroupmember.yml 05-Aug-2023 01:06 934
posh_ps_susp_smb_share_reco.yml 05-Aug-2023 01:06 885
posh_ps_susp_ssl_keyword.yml 05-Aug-2023 01:06 960
posh_ps_susp_start_process.yml 05-Aug-2023 01:06 869
posh_ps_susp_unblock_file.yml 05-Aug-2023 01:06 914
posh_ps_susp_wallpaper.yml 05-Aug-2023 01:06 1040
posh_ps_susp_win32_pnpentity.yml 05-Aug-2023 01:06 716
posh_ps_susp_win32_shadowcopy.yml 05-Aug-2023 01:06 870
posh_ps_susp_windowstyle.yml 05-Aug-2023 01:06 802
posh_ps_susp_zip_compress.yml 05-Aug-2023 01:06 831
posh_ps_syncappvpublishingserver_exe.yml 05-Aug-2023 01:06 883
posh_ps_tamper_defender.yml 05-Aug-2023 01:06 2403
posh_ps_test_netconnection.yml 05-Aug-2023 01:06 1159
posh_ps_timestomp.yml 05-Aug-2023 01:06 1152
posh_ps_trigger_profiles.yml 05-Aug-2023 01:06 901
posh_ps_upload.yml 05-Aug-2023 01:06 1053
posh_ps_web_request.yml 05-Aug-2023 01:06 1089
posh_ps_win32_product_install_msi.yml 05-Aug-2023 01:06 794
posh_ps_windows_firewall_profile_disabled.yml 05-Aug-2023 01:06 993
posh_ps_winlogon_helper_dll.yml 05-Aug-2023 01:06 1250
posh_ps_wmi_persistence.yml 05-Aug-2023 01:06 1266
posh_ps_wmimplant.yml 05-Aug-2023 01:06 1105
posh_ps_xml_iex.yml 05-Aug-2023 01:06 1076