
Rule Info
Name
Potential Signing Bypass Via Windows Developer Features - Registry
Description
Detects when the enablement of developer features such as "Developer Mode" or "Application Sideloading". Which allows the user to install untrusted packages.
Modified
None
Date
2023-01-12 00:00:00
Author
Nasreddine Bencherchali (Nextron Systems)
Tags
attack.defense_evasion DEMO
Id
b110ebaf-697f-4da1-afd5-b536fa27a2c1
Type
Community Rule
Link to Public Repo