Closed therealtoastycat closed 1 year ago
Hi @tothi,
Thank you for the awesome tool! I'd like to add the following services / pipe names to detect Cybereason EDR and Symantec Endpoint Protection.
Cybereason;pipe;CybereasonAPConsoleMinionHostIpc_*;minionhost.exe Cybereason;pipe;CybereasonAPServerProxyIpc_*;minionhost.exe Cybereason;service;CybereasonActiveProbe;Cybereason Active Probe Cybereason;service;CybereasonCRS;Cybereason Anti-Ransomware Cybereason;service;CybereasonBlocki;Cybereason Execution Prevention Symantec Endpoint Protection;service;SepMasterService;Symantec Endpoint Protection Symantec Endpoint Protection;service;SepScanService;Symantec Endpoint Protection Scan Services Symantec Endpoint Protection;service;SNAC;Symantec Network Access Control
Let me know your thoughts,
awesome, thanks! going to add it, but if you would like to add it as a pull request, feel free to do it (and I'll merge it).
merged https://github.com/tothi/serviceDetector/pull/2
Hi @tothi,
Thank you for the awesome tool! I'd like to add the following services / pipe names to detect Cybereason EDR and Symantec Endpoint Protection.
Let me know your thoughts,