public-mirrors/LOLBAS
1
0
Fork 0
mirror of https://github.com/LOLBAS-Project/LOLBAS synced 2025-07-27 04:32:24 +02:00
Code Issues Projects Releases Wiki Activity

Adding Windows file path validation for values of File_Path (#403)

Browse Source
This commit is contained in:
Wietze
2024-10-01 23:14:19 +01:00
committed by GitHub
parent d8402e6651
commit 39a7120d40
22 changed files with 35 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
yml/OtherMSBinaries/Bginfo.yml
View File

@@ -59,7 +59,7 @@ Commands:
Tags:
- Execute: WSH
Full_Path:
- Path: No fixed path
- Path: no default
Detection:
- Sigma: https://github.com/SigmaHQ/sigma/blob/683b63f8184b93c9564c4310d10c571cbe367e1e/rules/windows/process_creation/proc_creation_win_lolbin_bginfo.yml
- Elastic: https://github.com/elastic/detection-rules/blob/414d32027632a49fb239abb8fbbb55d3fa8dd861/rules/windows/defense_evasion_unusual_process_network_connection.toml