Common Information
| Type | Value |
|---|---|
| Value |
rule pentest_tool_deepce {
meta:
description = "Detects DeepCE"
author = " [email protected] "
date = "2021-06-28"
license = "Apache License 2.0"
hash1 = ""
strings:
$ = "should be used for authorized penetration testing" ascii wide nocase
$ = "Docker Enumeration, Escalation of Privileges and Container Escapes" ascii wide nocase
$ = "Are we inside kubenetes?" ascii wide nocase
$ = "ip route get 1 | head -1" ascii wide nocase
condition:
all of them
}
|
| Category | |
| Type | Yara Rule |
| Misp Type | |
| Description |