Skip to content

Commit

Permalink
63: New virtualuzation, service, firewall, filetype monitoring
Browse files Browse the repository at this point in the history 
- Now monitoring VirtualStore UAC compatibility virtualization file writes, which may be used as a persistence cloaking mechanism
- New monitoring of "ServiceManifest" key for services, persistence mechanism I found
- New domain-specific firewall monitoring
- New monitoring of "Show hidden files" and "Show file extensions" and "Show system files" settings, which malware sometimes disables to frustrate novice users
- Added vbe file monitoring, more filetypes coming soon as they are tested
- New Win10 1709 services exclusions
- More comments! Everybody loves comments
- Rearranged various areas
  • Loading branch information
@SwiftOnSecurity
SwiftOnSecurity committed Jan 30, 2018
1 parent 1c19d2b commit e78e763
Showing 1 changed file with 69 additions and 58 deletions.
Loading

0 comments on commit e78e763

Please sign in to comment.