EricZimmerman / evtx

C# based evtx parser with lots of extras
MIT License
282 stars 59 forks source link

Antivirus Maps #236

Closed reece394 closed 5 months ago

reece394 commented 5 months ago

Description

Added Trellix Endpoint Security Map based on the work from Peter Snyder on McAfee Endpoint Security (Worked without changes beyond the Provider Name) Added F-Secure Anti-Virus 12 Security Maps (May work on other versions but 12 was the only one tested for these rules) Added F-Secure Anti-Virus 11 Security Map (May work on other versions but 11 was the only one tested for these rules)

Checklist:

Please replace every instance of [ ] with [X] OR click on the checkboxes after you submit your PR

Thank you for your submission and for contributing to the DFIR community!