Rule Library

Sigma Rules

1 rule found for "Adam Swan"

3,707Total

3,116Detection

451Emerging

137Hunting

Filters

Type

Severity

Status

Product

Executable from Webdav

Detects executable access via webdav6. Can be seen in APT 29 such as from the emulated APT 29 hackathon https://github.com/OTRF/detection-hackathon-apt29/

Zeek (Bro)http

TA0011 · Command and ControlT1105 · Ingress Tool Transfer

SOC Prime+1Fri May 01network