Potential Signing Bypass Via Windows Developer Features - Registry

Rule Info

Name
Potential Signing Bypass Via Windows Developer Features - Registry
Author
Nasreddine Bencherchali (Nextron Systems)
Description
Detects when the enablement of developer features such as "Developer Mode" or "Application Sideloading". Which allows the user to install untrusted packages.
Date
2023-01-12 00:00:00
Modified
2023-08-17 00:00:00
Id
b110ebaf-697f-4da1-afd5-b536fa27a2c1
Tags
attack.defense-evasion
Type
Community Rule

Rule History

Author
Title
Date
Commit
Nasreddine Bencherchali
Merge PR #4950 from @nasbench - Comply With v2 Spec Changes
2024-08-12
github-actions[bot]
Merge PR #4891 from @nasbench - Promote older rules status from `experimental` to `test`
2024-07-01
frack113
Refractor registry_set rules
2023-08-17
Nasreddine Bencherchali
chore: add nextron authors tag
2023-02-01
Nasreddine Bencherchali
feat: add new reg variant of dev mode
2023-01-12