Phoenix
Sigma Intelligence
Beta
Home
Detections
Rules
Authors
MITRE
KB
Convert
Analytics
Coverage
Field Explorer
Testing
Ecosystem
Releases
About
Team
Philosophy
Search Rules
Rule Library
Sigma Rules
1 rule found for "Fatih Sirin"
3,707
Total
3,116
Detection
451
Emerging
137
Hunting
Filters
Detection
medium
test
Firewall Disabled via Netsh.EXE
Detects netsh commands that turns off the Windows firewall
Windows
Process Creation
TA0005 · Defense Evasion
T1562.004 · Disable or Modify System Firewall
S0108 · S0108
Fatih Sirin
Fri Nov 01
windows