July 2024 updates
- 74 tools added + multiple tools updated
- 45917 detection patterns
- updated README
- A new column named
metadata_tags
was added to include multiple tags for identifying specific artifacts, such as #filehash, #namedpipe, #registry, #GUIDproject, etc. This will help avoid creating new columns or mixing them into the comment column (work in progress).
links
keyword detection patterns added for the following tools :
- ADAPE-Script
- Aoyama
- Arbitrium-RAT
- Ask4Creds
- BackHAck
- BarracudaRMM
- BlackShades
- Cam-Hackers
- CheckSMBSigning
- ComodoRMM
- CursedChrome
- DeadPotato
- EDRPrison
- Gecko
- Godzilla
- IHxExec
- Invoke-GrabTheHash
- Invoke-PowerIncrease
- Invoke-RunAsSystem
- Invoke-s4u2self
- Kematian Stealer
- KeyCredentialLink
- Lime-RAT
- Moriarty
- Necro-Stealer
- Openssh
- PEASS-ng
- POC
- PassSpray
- Powerlurk
- PredatorTheStealer
- ProtectMyTooling
- Psnmap
- SessionExec
- SharpIncrease
- SharpVeeamDecryptor
- SoftEtherVPN
- SomalifuscatorV2
- SystemBC
- TGT_Monitor
- Token-Impersonation
- WSAAcceptBackdoor
- WinSCP
- blackvision
- certutil
- dir
- dirdevil
- esxcli
- filetransfer.io
- gmer
- hackforums.net
- icacls
- impacket
- mshta
- net
- openssh-portable
- panix
- paste.ee
- plink
- powershell
- printspoofer
- ransomware_notes
- reg
- saycheese
- sc
- schtasks
- sgn
- shutter
- specula
- ssh
- taskkill
- vncviewer
- win-brute-logon
- wmic
⚠️ Details of added + updated tools Full Changelog: v1.0.3...v1.0.4