Open connorcarnes opened 1 year ago
PowerShell versions 6 and above use the executable pwsh.exe instead of powershell.exe:
pwsh.exe
powershell.exe
pwsh.exe doesn't come installed by default like powershell.exe but I thought it may still be worth adding to the list of "Suspicious Windows tools" in the NetworkConnect rule group.
PowerShell versions 6 and above use the executable
pwsh.exeinstead ofpowershell.exe:pwsh.exedoesn't come installed by default likepowershell.exebut I thought it may still be worth adding to the list of "Suspicious Windows tools" in the NetworkConnect rule group.