Arnim Rupp
Arnim Rupp
Have you tried directly piping it to 7z or bzip2 instead of first creating the file and then compressing it? e.g. ```bash cat private_ip_192 0-9999 ... | 7z a -si...
to: @airbnb/binaryalert-maintainers cc: size: small resolves # ## Background rule produces false positives on e.g. debians /usr/share/doc/hashcat-data/examples/example.dict ## Changes require MZ bytes ## Testing running yara on mimikatz.exe
So far most metrics show how difficult it would be to attack an AD but pingcastle also has already a lot of data, which can show the impact of that...
hello Vincent, the lists of indirect members in the control path analysis would be more useful, if they didn't only show the firstname, lastname and SID of the user, but...
hi Vincent, would be useful to write to the reports the used: - pingcastle version - user - hostname where it's running - DC - command line params - maybe...
hi Vincent, would be nice if problems with gathering gpo data would reflect in the report, e.g. during execution this error is shown: [10:38:28] Gathering gpo data Exception while generating...
add: HKTL_NET_GUID_Sharpcat HKTL_NET_GUID_SharpNamedPipePTH
performance fix regexes
is this really needed in yarGen.py? strings with double quotes end up with 5 backslashes when creating new json files with "-g -c", e.g. ``` "\\\\\"isexe@": 1, ``` probably they...
### Description With https://github.com/mandiant/capa/commit/58e94a35cbaa384307410ef846b5965868b051e2 the regexes returned by `get_value_str()` are escaped which breaks e.g. https://github.com/mandiant/capa/blob/3f449f3c0f1e2544ca7bad83c90e2d162ec0b916/scripts/capa2yara.py#L262 ### Steps to Reproduce Run ``` python ./scripts/capa2yara.py rules/host-interaction/file-system/reference-absolute-stream-path-on-windows.yml 2>&1 |grep x5D ``` The 2nd...