 Ruben Groenewoud
|
1aea1ee9bb
|
[New rule] Sus File Creation in init.d for Persistence Detected (#2653)
* [New Rule] Init.d File and Service Creation
* Changed rule name
* [New Rule] Sus File Creation init.d Persistence
* Added Endgame compatibility
* added touch
* Added OSQuery to investigation guide
* added additional processes
* removed investigation guide to add in sep PR
* changed rule name
* removed investigation guide tag
* Update rules/linux/persistence_init_d_file_creation.toml
Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>
* Update rules/linux/persistence_init_d_file_creation.toml
Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>
* Update rules/linux/persistence_init_d_file_creation.toml
Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>
* Update rules/linux/persistence_init_d_file_creation.toml
Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>
* Update rules/linux/persistence_init_d_file_creation.toml
Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>
* Update persistence_init_d_file_creation.toml
---------
Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>
|
2023-05-05 09:54:42 +02:00 |
|