Rule Library
Sigma Rules
2 rules found for "Natalia Shornikova"
3,707Total
3,116Detection
451Emerging
137Hunting
Threat Huntmediumtest
Potential Credential Dumping Attempt Via PowerShell
Detects a PowerShell process requesting access to "lsass.exe", which can be indicative of potential credential dumping attempts
WindowsProcess Access
TA0006 · Credential AccessT1003.001 · LSASS Memorydetection.threat-hunting
oscd.community+1Tue Oct 06windows
Threat Huntlowtest
Unusually Long PowerShell CommandLine
Detects unusually long PowerShell command lines with a length of 1000 characters or more
WindowsProcess Creation
TA0002 · ExecutionT1059.001 · PowerShelldetection.threat-hunting
oscd.community+1Tue Oct 06windows