Memdump_urls.py use cwd whitelist #457
Open
Commits on Aug 3, 2019
-
-
Use cwd whitelist for memdump_urls.py signature
This allows users an easy way to whitelist domains using the domain.txt file located in cwd/whitelist/. This signature caused misleading "hits "that require the analyst to spend large amounts of time sifting through legitimate URL's in order to find a malicious URL.
Commits on Aug 11, 2019
-
Whitelisting the Microsoft Temporary Owner Files
Microsoft states that: "Owner File (Same Directory as Source File) When a previously saved file is opened for editing, for printing, or for review, Word creates a temporary file that has a .doc file name extension. This file name extension begins with a tilde (~) that is followed by a dollar sign ($) that is followed by the remainder of the original file name." https://support.microsoft.com/en-us/help/211632/description-of-how-word-creates-temporary-files
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.