PowerShell Encoded Commands
Detects PowerShell execution with Base64-encoded commands (-enc, -encodedcommand) commonly used to evade AV/EDR detection.
Detects PowerShell execution with Base64-encoded commands (-enc, -encodedcommand) commonly used to evade AV/EDR detection.