Sponsor of the Day:
Jerkmate
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_ruby_inline_command_execution/
Ruby Inline Command Execution | Detection.FYI
Detects execution of ruby using the
command execution detectionrubyinlinefyi
https://detection.fyi/sigmahq/sigma/windows/builtin/application/screenconnect/win_app_remote_access_tools_screenconnect_command_exec/
Remote Access Tool - ScreenConnect Command Execution | Detection.FYI
Detects command execution via ScreenConnect RMM
remote access toolcommand execution detectionscreenconnectfyi
https://detection.fyi/sigmahq/sigma/windows/process_creation/proc_creation_win_perl_inline_command_execution/
Perl Inline Command Execution | Detection.FYI
Detects execution of perl using the
command execution detectionperlinlinefyi