DK

Daniel Koifman

KoifSec

First rule: Mon Oct 21 2024 02:00:00 GMT+0200 (Central European Summer Time)

Share profile card

0rules authored

3sole author

3co-authored

Top Log Sources

windows / process_creation

windows / security

Rule Types

5 threat hunting

By Severity

critical

0

high

0

medium

5

low

1

informational

0

By Status

stable

0

test

2

experimental

4

deprecated

0

unsupported

0

0

Total Rules

0

Stable Rules

0

High / Critical

0

Log Source Types

Recent RulesAll rules →

Github Self-Hosted Runner Execution

Sat Nov 29 2025 01:00:00 GMT+0100 (Central European Standard Time)

mediumDetection

RDP Enable or Disable via Win32_TerminalServiceSetting WMI Class

Sat Nov 15 2025 01:00:00 GMT+0100 (Central European Standard Time)

mediumDetection

Windows Recovery Environment Disabled Via Reagentc

Thu Jul 31 2025 02:00:00 GMT+0200 (Central European Summer Time)

mediumDetection

Registry Manipulation via WMI Stdregprov

Wed Jul 30 2025 02:00:00 GMT+0200 (Central European Summer Time)

mediumDetection

Password Set to Never Expire via WMI

Wed Jul 30 2025 02:00:00 GMT+0200 (Central European Summer Time)

mediumDetection

Access To Browser Credential Files By Uncommon Applications - Security

Mon Oct 21 2024 02:00:00 GMT+0200 (Central European Summer Time)

Browse all 6 rules by Daniel Koifman

Filter the full rule library to see only their contributions