High Severity
Attachment: .csproj with suspicious commands
Description
Attached .csproj file contains suspicious commands.
Sublime Security
Created Aug 17th, 2023 • Last updated Aug 17th, 2023
Feed Source
Sublime Core Feed
Source
type.inbound
and any(attachments,
.file_extension == "csproj"
and any(file.explode(.),
(
(any(.scan.strings.strings, strings.contains(., 'DllImport')))
and (any(.scan.strings.strings, strings.icontains(., 'CreateProcess')))
)
)
)
Playground
Test against your own EMLs or sample data.