Skip to content

Commit

Permalink
Merge pull request #344 from n00py/main
Browse files Browse the repository at this point in the history 
Add EnumAV Detection for Cortex XDR
  • Loading branch information
@NeffIsBack
NeffIsBack authored Jun 14, 2024
2 parents f2311b3 + cdffba9 commit 1af2828
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions nxc/modules/enum_av.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -247,6 +247,14 @@ def LsarLookupNames(self, dce, policyHandle, service):
"services": [{"name": "CSFalconService", "description": "CrowdStrike Falcon Sensor Service"}],
"pipes": [{"name": "CrowdStrike\\{*", "processes": ["CSFalconContainer.exe", "CSFalconService.exe"]}]
},
{
"name": "Cortex",
"services": [
{"name": "xdrhealth", "description": "Cortex XDR Health Helper"},
{"name": "cyserver", "description": " Cortex XDR"}
],
"pipes": []
},
{
"name": "Cybereason",
"services": [
Expand Down

0 comments on commit 1af2828

Please sign in to comment.