Open Issues Need Help
View All on GitHub Security • Other
add ZwTerminateProcess 24 days ago
AI Summary: This GitHub issue proposes adding a new rule to the `capa-rules` repository. The new rule would specifically detect the use of the `ZwTerminateProcess` native API function. This enhancement aims to broaden the `terminate-process.yml` rule set to identify more methods of process termination.
Complexity:
1/5
good first issue help wanted rule idea
Standard collection of rules for capa: the tool for enumerating the capabilities of programs