search

DataDog / guarddog

:snake: :mag: GuardDog is a CLI tool to Identify malicious PyPI and npm packages
https://securitylabs.datadoghq.com/articles/guarddog-identify-malicious-pypi-packages/
Apache License 2.0
585 stars 43 forks source link

Improve DLL hijacking rule coverage #414

Closed ikretz closed 2 months ago

ikretz commented 2 months ago

This PR improves the coverage of the DLL hijacking rules by adding patterns to match strings resembling various Windows commands for executing DLLs.