Contact DMCA Privacy

Robuta

Sponsor of the Day: Jerkmate
https://blog.gbrueckl.at/2018/11/powershell-module-databricks-azure-aws/ PowerShell module for Databricks on Azure and AWS – Gerhard Brueckl on BI & Data powershell modulegerhard bruecklbi datadatabricksazure https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_obfuscated_iex/ Invoke-Obfuscation Obfuscated IEX Invocation - PowerShell Module | Detection.FYI Detects all variations of obfuscated powershell IEX invocation code generated by Invoke-Obfuscation framework from the code block cited in the reference... powershell module detectioninvoke obfuscationobfuscatediexinvocation https://www.iis.net/downloads/community/2015/01/powershell-module-including-functions-to-report-on-and-migrate-iis6-websites-to-iis85 Powershell module including functions to report on and migrate IIS6 websites to IIS8.5 : The... powershell moduleincludingfunctionsreportmigrate https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_invoke_obfuscation_via_use_rundll32/ Invoke-Obfuscation Via Use Rundll32 - PowerShell Module | Detection.FYI Detects Obfuscated Powershell via use Rundll32 in Scripts invoke obfuscation viapowershell module detectionuserundll32fyi https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_remotefxvgpudisablement_abuse/ Potential RemoteFXvGPUDisablement.EXE Abuse - PowerShell Module | Detection.FYI Detects PowerShell module creation where the module Contents are set to powershell module detectionpotentialexeabusefyi https://detection.fyi/sigmahq/sigma/windows/file/file_event/file_event_win_powershell_module_creation/ PowerShell Module File Created | Detection.FYI Detects the creation of a new PowerShell module powershell modulefile createddetection fyi https://detection.fyi/sigmahq/sigma/windows/powershell/powershell_module/posh_pm_syncappvpublishingserver_exe/ SyncAppvPublishingServer Bypass Powershell Restriction - PS Module | Detection.FYI Detects SyncAppvPublishingServer process execution which usually utilized by adversaries to bypass PowerShell execution restrictions. module detection fyibypasspowershellrestrictionps