Frank Block
Frank Block
The detection of Windows Defender Exclusions within `windows/builtin/windefend/win_defender_exclusions.yml` fails since it uses the `NewValue` field instead of `New Value`.
For windows, the overloaded _page_is_valid is used (from WindowsMixin), which also returns true if a PTE/PDE is in transition state. While this is fine for most cases (normal/4kb pages resp....
The file [Log4jVulnHunter.yaml](https://github.com/Velocidex/velociraptor-docs/tree/master/content/exchange/artifacts/Log4jVulnHunter.yaml) causes multiple instances of the following errors and finishes in ERROR state. ``` glob: Field root Expecting a path arg type, not *url.URL ``` and ``` Symbol...