Update generated site files

magicsword-io · Oct 7, 2024 · d0caa3f · d0caa3f
1 parent 5b73c9d
commit d0caa3f
Show file tree

Hide file tree

Showing 5 changed files with 26 additions and 17 deletions.
diff --git a/website/pages/tools/action1.mdx b/website/pages/tools/action1.mdx
@@ -18,7 +18,7 @@ Through the web interface of action1, the administrator must create a new policy
          category={""}
          created={"2024-08-03"}
          website={"https://www.action1.com/"}
-         lastModified={"2024-08-03"}
+         lastModified={"2024-10-06"}
          privileges={"SYSTEM"}
          free={ "Yes" }
          verification={"Corporate email required although temporary email services are accepted"}
@@ -43,7 +43,7 @@ Through the web interface of action1, the administrator must create a new policy
 
 #### Event Log Artifacts
 <EuiSpacer size="xl"/>
-<EventLogTable data={ [{"EventID": 7045, "ProviderName": "Service Control Manager", "LogFile": "System.evtx", "ServiceName": "Action1 Agent", "ImagePath": "\"C:\\\\Windows\\\\Action1\\\\action1_agent.exe\"", "Description": "Service installation event as result of Action1 installation."}, {"EventID": 4688, "ProviderName": "Microsoft-Security-Auditing", "LogFile": "Security.evtx", "CommandLine": "C:\\Windows\\Action1\\action1_agent.exe service", "Description": "Service installation event as result of Action1 installation."}, {"EventID": 4688, "ProviderName": "Microsoft-Security-Auditing", "LogFile": "Security.evtx", "CommandLine": "C:\\Windows\\Action1\\action1_agent.exe loggedonuser", "Description": "Executing command to get logged on user."}] }/>
+<EventLogTable data={ [{"EventID": 7045, "ProviderName": "Service Control Manager", "LogFile": "System.evtx", "ServiceName": "A1Agent", "ImagePath": "\"C:\\\\Windows\\\\Action1\\\\action1_agent.exe\"", "Description": "Service installation event as result of Action1 installation."}, {"EventID": 4697, "ProviderName": "Microsoft-Security-Auditing", "LogFile": "Security.evtx", "ServiceName": "A1Agent", "CommandLine": "C:\\Windows\\Action1\\action1_agent.exe service", "Description": "Service installation event as result of Action1 installation."}, {"EventID": 4688, "ProviderName": "Microsoft-Security-Auditing", "LogFile": "Security.evtx", "CommandLine": "C:\\Windows\\Action1\\action1_agent.exe loggedonuser", "Description": "Executing command to get logged on user."}] }/>
 
 #### Registry Artifacts
 <EuiSpacer size="xl"/>

diff --git a/website/pages/tools/anydesk.mdx b/website/pages/tools/anydesk.mdx
@@ -17,7 +17,7 @@ AnyDesk is a popular remote desktop software that enables users to access and co
          category={"RMM"}
          created={"2023-09-29"}
          website={"https://anydesk.com/en"}
-         lastModified={"2024-08-02"}
+         lastModified={"2024-10-06"}
          privileges={"User"}
          free={ true }
          verification={"False"}
@@ -44,7 +44,7 @@ AnyDesk is a popular remote desktop software that enables users to access and co
 
 #### Event Log Artifacts
 <EuiSpacer size="xl"/>
-<EventLogTable data={ [{"EventID": 7045, "ProviderName": "Service Control Manager", "LogFile": "System.evtx", "ServiceName": "AnyDesk Service", "ImagePath": "\"C:\\\\Program Files (x86)\\\\AnyDesk\\\\AnyDesk.exe\" --service", "Description": "Service installation event as result of AnyDesk installation."}] }/>
+<EventLogTable data={ [{"EventID": 7045, "ProviderName": "Service Control Manager", "LogFile": "System.evtx", "ServiceName": "AnyDesk Service", "ImagePath": "\"C:\\\\Program Files (x86)\\\\AnyDesk\\\\AnyDesk.exe\" --service", "Description": "Service installation event as result of AnyDesk installation."}, {"EventID": 4697, "ProviderName": "Microsoft-Security-Auditing", "LogFile": "Security.evtx", "ServiceName": "AnyDesk Service", "ImagePath": "\"C:\\\\Program Files (x86)\\\\AnyDesk\\\\AnyDesk.exe\" --service", "Description": "Service installation event as result of AnyDesk installation."}] }/>
 
 #### Registry Artifacts
 <EuiSpacer size="xl"/>

diff --git a/website/pages/tools/atera.mdx b/website/pages/tools/atera.mdx
@@ -15,9 +15,9 @@ Atera is a remote monitoring and management (RMM) tool. It is used by threat act
 ### Details
 <Details author={""}
          category={""}
-         created={"2024/08/03"}
+         created={"2024-08-03"}
          website={"https://www.atera.com/"}
-         lastModified={""}
+         lastModified={"2024-10-06"}
          privileges={"SYSTEM"}
          free={ "30 day trial" }
          verification={"None"}
@@ -45,7 +45,7 @@ Atera is a remote monitoring and management (RMM) tool. It is used by threat act
 
 #### Event Log Artifacts
 <EuiSpacer size="xl"/>
-<EventLogTable data={ [{"EventID": 7045, "ProviderName": "Service Control Manager", "LogFile": "System.evtx", "ServiceName": "AteraAgent", "ImagePath": "\"C:\\\\Program Files (x86)\\\\ATERA Networks\\\\AteraAgent\\\\AteraAgent.exe\"", "Description": "Service installation event as result of AteraAgent installation."}, {"EventID": 7045, "ProviderName": "Service Control Manager", "LogFile": "System.evtx", "ServiceName": "WinRing0_1_2_0", "ImagePath": "\"C:\\\\Program Files (x86)\\\\ATERA Networks\\\\AteraAgent\\\\Packages\\\\AgentPackageMonitoring\\\\OpenHardwareMonitorLib.sys\"", "Description": "Service installation event as result of Atera pakcage manager installation."}, {"EventID": 11707, "ProviderName": "MsiInstaller", "LogFile": "Application.evtx", "Data": "Product: AteraAgent -- Installation completed successfully.", "Description": "Service installation event as result of AteraAgent installation."}, {"EventID": 4688, "ProviderName": "Microsoft-Security-Auditing", "LogFile": "Security.evtx", "CommandLine": "C:\\\\Program Files\\\\ATERA Networks\\\\AteraAgent\\\\Packages\\\\AgentPackageFileExplorer\\\\AgentPackageFileExplorer.exe XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX agent-api.atera.com/Production 443 [BASE64BLOB]", "Description": "Service installation event as result of AteraAgent installation."}] }/>
+<EventLogTable data={ [{"EventID": 7045, "ProviderName": "Service Control Manager", "LogFile": "System.evtx", "ServiceName": "AteraAgent", "ImagePath": "\"C:\\\\Program Files (x86)\\\\ATERA Networks\\\\AteraAgent\\\\AteraAgent.exe\"", "Description": "Service installation event as result of AteraAgent installation."}, {"EventID": 7045, "ProviderName": "Service Control Manager", "LogFile": "System.evtx", "ServiceName": "WinRing0_1_2_0", "ImagePath": "\"C:\\\\Program Files (x86)\\\\ATERA Networks\\\\AteraAgent\\\\Packages\\\\AgentPackageMonitoring\\\\OpenHardwareMonitorLib.sys\"", "Description": "Service installation event as result of Atera pakcage manager installation."}, {"EventID": 11707, "ProviderName": "MsiInstaller", "LogFile": "Application.evtx", "Data": "Product: AteraAgent -- Installation completed successfully.", "Description": "Service installation event as result of AteraAgent installation."}, {"EventID": 4697, "ProviderName": "Microsoft-Security-Auditing", "LogFile": "Security.evtx", "CommandLine": "C:\\\\Program Files\\\\ATERA Networks\\\\AteraAgent\\\\Packages\\\\AgentPackageFileExplorer\\\\AgentPackageFileExplorer.exe XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX agent-api.atera.com/Production 443 [BASE64BLOB]", "Description": "Service installation event as result of AteraAgent installation."}] }/>
 
 #### Registry Artifacts
 <EuiSpacer size="xl"/>