Bug fixes. - Githubissues

last-byte / PersistenceSniper

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte

Other

1.83k stars 180 forks source link

Bug fixes. #13

Closed suinswofi closed 1 year ago

suinswofi commented 1 year ago

Changed three lines of code that do the following:

Support expanding environment variables used in some persistence entries such as %windir% which do not get expanded and signatures are not checked as a result
Regex check for specific file extensions is case sensitive, so ignore case was added
Scheduled task persistence entries did not include command arguments, so those were added to the entry That's it!

last-byte commented 1 year ago

Nice, thanks for the contribution. I'll merge and upload the new release in a few hours!