From a5e070fc9d30ec572ec8c4a2cfe68eabf496cf88 Mon Sep 17 00:00:00 2001
From: Milad Cheraghi <82805580+CheraghiMilad@users.noreply.github.com>
Date: Sat, 31 May 2025 15:38:26 +0330
Subject: [PATCH] Merge PR #5441 from @CheraghiMilad - chore: update reference

chore: Disable ASLR Via Personality Syscall - Linux - update reference for PoC

---------

Co-authored-by: frack113 <62423083+frack113@users.noreply.github.com>
---
 rules/linux/auditd/lnx_auditd_disable_aslr_protection.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/rules/linux/auditd/lnx_auditd_disable_aslr_protection.yml b/rules/linux/auditd/lnx_auditd_disable_aslr_protection.yml
index 8a82f65c8..4681d6933 100644
--- a/rules/linux/auditd/lnx_auditd_disable_aslr_protection.yml
+++ b/rules/linux/auditd/lnx_auditd_disable_aslr_protection.yml
@@ -8,6 +8,7 @@ description: |
     A successful use of this flag can reduce the effectiveness of ASLR and make memory corruption
     attacks more reliable.
 references:
+    - https://github.com/CheraghiMilad/bypass-Neo23x0-auditd-config/blob/f1c478a37911a5447d5ffcd580f22b167bf3df14/personality-syscall/README.md
     - https://man7.org/linux/man-pages/man2/personality.2.html
     - https://manual.cs50.io/2/personality
 author: Milad Cheraghi