-
-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New rules suggested for AD Container WRITE_DAC & WRITE_OWNER detection + DNS Server DLL injection #4606
base: master
Are you sure you want to change the base?
Commits on Nov 30, 2023
-
win_security_ad_adminsdholder_writedac.yml
Detects WRITE_DAC to AdminSDHolder object > possible AdminSDHolder Backdooring
Configuration menu - View commit details
-
Copy full SHA for a69417b - Browse repository at this point
Copy the full SHA a69417bView commit details -
win_security_ad_adminsdholder_writeowner.yml
Detects WRITE_OWNER to AdminSDHolder object > possible AdminSDHolder Backdooring
Configuration menu - View commit details
-
Copy full SHA for 55e8e27 - Browse repository at this point
Copy the full SHA 55e8e27View commit details
Commits on May 8, 2024
-
Configuration menu - View commit details
-
Copy full SHA for 1de8689 - Browse repository at this point
Copy the full SHA 1de8689View commit details
Commits on May 9, 2024
-
Update and rename win_security_ad_adminsdholder_writedac.yml to win_s…
…ecurity_ad_container_writedac.yml
Configuration menu - View commit details
-
Copy full SHA for f11ebb1 - Browse repository at this point
Copy the full SHA f11ebb1View commit details -
Update and rename win_security_ad_adminsdholder_writeowner.yml to win…
…_security_ad_container_writeowner.yml
Configuration menu - View commit details
-
Copy full SHA for a30e4c0 - Browse repository at this point
Copy the full SHA a30e4c0View commit details -
Configuration menu - View commit details
-
Copy full SHA for cf51af9 - Browse repository at this point
Copy the full SHA cf51af9View commit details -
Configuration menu - View commit details
-
Copy full SHA for c2da446 - Browse repository at this point
Copy the full SHA c2da446View commit details -
Configuration menu - View commit details
-
Copy full SHA for 6df8bcb - Browse repository at this point
Copy the full SHA 6df8bcbView commit details