GitHub

dns_exfiltration_using_nslookup_app.yml

description: The following analytic identifies potential DNS exfiltration using the nslookup application. It detects specific command-line parameters such as query type (TXT, A, AAAA) and retry ...
GitHub

powershell_enable_smb1protocol_feature.yml

description: The following analytic detects the enabling of the SMB1 protocol via `powershell.exe`. It leverages PowerShell script block logging (EventCode 4104) to identify the execution of the ...
Lifewire on MSN

Master every Command Prompt command: Comprehensive Windows guide

Explore 280+ CMD commands with detailed descriptions across Windows versions, from Windows XP to 11 The Command Prompt in ...