www.cs.cmu.edu

HW6: Build a Database App

Goal: Build a small app that uses a SQLite database to store, retrieve, update, and delete data. You'll choose something personally interesting to track and build a working app around it using Python ...
GitHub

delete_shadowcopy_with_powershell.yml

description: The following analytic detects the use of PowerShell to delete shadow copies via the WMIC PowerShell module. It leverages EventCode 4104 and searches for specific keywords like ...
GitHub

detect_mshta_inline_hta_execution.yml

description: The following analytic detects the execution of "mshta.exe" with inline protocol handlers such as "JavaScript", "VBScript", and "About". It leverages data from Endpoint Detection and ...