Open lampnout opened 8 months ago
This PR is opened to add the module "ScheduledTasksAudit" (implemented in ScheduledTasksAuditCommand.cs) on Seatbelt.
The module is hunting for privilege escalation vectors in scheduled tasks by investigating the permissions of the files each action runs.
In summary, the following logic has been implemented:
This PR is opened to add the module "ScheduledTasksAudit" (implemented in ScheduledTasksAuditCommand.cs) on Seatbelt.
The module is hunting for privilege escalation vectors in scheduled tasks by investigating the permissions of the files each action runs.
In summary, the following logic has been implemented: