JN

Josh Nickels

First rule: Sun Aug 14 2022 02:00:00 GMT+0200 (Central European Summer Time)

Share profile card

0rules authored

2sole author

11co-authored

Top Log Sources

windows / process_creation

windows / security

windows / file_event

Rule Types

11 emerging threat

1 threat hunting

By Severity

critical

0

high

3

medium

4

low

6

informational

0

By Status

stable

0

test

11

experimental

2

deprecated

0

unsupported

0

0

Total Rules

0

Stable Rules

0

High / Critical

0

Log Source Types

Recent RulesAll rules →

Potential CommandLine Obfuscation Using Unicode Characters From Suspicious Image

Mon Sep 02 2024 02:00:00 GMT+0200 (Central European Summer Time)

Suspicious Deno File Written from Remote Source

Thu May 22 2025 02:00:00 GMT+0200 (Central European Summer Time)

Azure Login Bypassing Conditional Access Policies

Wed Jan 08 2025 01:00:00 GMT+0100 (Central European Standard Time)

Startup/Logon Script Added to Group Policy Object

Fri Sep 06 2024 02:00:00 GMT+0200 (Central European Summer Time)

mediumDetection

Group Policy Abuse for Privilege Addition

Wed Sep 04 2024 02:00:00 GMT+0200 (Central European Summer Time)

mediumDetection

BitLockerTogo.EXE Execution

Thu Jul 11 2024 02:00:00 GMT+0200 (Central European Summer Time)

Browse all 13 rules by Josh Nickels

Filter the full rule library to see only their contributions