v8.0.0

Summary

Added: 54 rules
Modified: 21 rules
Renamed: 1 rule
Deleted: 0 rules

Detailed release changes: rules v7.4.0...v8.0.0

Added rules (54)

• collection/browser/get-chrome-cookiemonster.yml
• collection/browser/get-elevation-service-for-chromium-based-browsers.yml
• collection/get-steam-token.yml
• linking/static/touchsocket/linked-against-touchsocket.yml
• nursery/get-shadow-password-file-entry-on-linux.yml
• nursery/persist-via-aedebug-registry-key.yml
• nursery/persist-via-amsi-registry-key.yml
• nursery/persist-via-app-paths-registry-key.yml
• nursery/persist-via-appcertdlls-registry-key.yml
• nursery/persist-via-application-shimming.yml
• nursery/persist-via-appx-registry-key.yml
• nursery/persist-via-autodialdll-registry-key.yml
• nursery/persist-via-autoplayhandlers-registry-key.yml
• nursery/persist-via-bits-job.yml
• nursery/persist-via-bootverificationprogram-registry-key.yml
• nursery/persist-via-code-signing-registry-key.yml
• nursery/persist-via-com-hijack.yml
• nursery/persist-via-command-processor-registry-key.yml
• nursery/persist-via-contextmenuhandlers-registry-key.yml
• nursery/persist-via-cor_profiler_path-registry-value.yml
• nursery/persist-via-default-file-association-registry-key.yml
• nursery/persist-via-disk-cleanup-handler-registry-key.yml
• nursery/persist-via-dotnet-dbgmanageddebugger-registry-key.yml
• nursery/persist-via-dotnet_startup_hooks-registry-key.yml
• nursery/persist-via-errorhandler-script.yml
• nursery/persist-via-explorer-tools-registry-key.yml
• nursery/persist-via-filter-handlers-registry-key.yml
• nursery/persist-via-get-variable-hijack.yml
• nursery/persist-via-group-policy-registry-key.yml
• nursery/persist-via-hhctrl-com-hijack.yml
• nursery/persist-via-htmlhelp-author-registry-key.yml
• nursery/persist-via-image-file-execution-options-registry-key.yml
• nursery/persist-via-iphlpapi-dll-hijack.yml
• nursery/persist-via-lnk-shortcut.yml
• nursery/persist-via-lsa-registry-key.yml
• nursery/persist-via-natural-language-registry-key.yml
• nursery/persist-via-netsh-registry-key.yml
• nursery/persist-via-network-provider-registry-key.yml
• nursery/persist-via-path-registry-key.yml
• nursery/persist-via-powershell-profile.yml
• nursery/persist-via-print-monitors-registry-key.yml
• nursery/persist-via-print-processors-registry-key.yml
• nursery/persist-via-rdp-startup-programs-registry-key.yml
• nursery/persist-via-silentprocessexit-registry-key.yml
• nursery/persist-via-telemetrycontroller-registry-key.yml
• nursery/persist-via-timeproviders-registry-key.yml
• nursery/persist-via-ts-initialprogram-registry-key.yml
• nursery/persist-via-userinitmprlogonscript-registry-value.yml
• nursery/persist-via-windows-accessibility-tools.yml
• nursery/persist-via-windows-error-reporting-registry-key.yml
• nursery/persist-via-windows-terminal-profile.yml
• nursery/set-shadow-password-file-entry-on-linux.yml
• nursery/write-to-browser-extension-directory.yml
• runtime/dotnet/compiled-with-dotnet-aot.yml

Modified rules (21)

• anti-analysis/anti-av/block-operations-on-executable-memory-pages-using-arbitrary-code-guard.yml
• data-manipulation/encryption/create-new-key-via-cryptacquirecontext.yml
• host-interaction/file-system/copy/copy-file.yml
• host-interaction/file-system/move/move-file.yml
• host-interaction/file-system/write/write-file-on-windows.yml
• host-interaction/process/get-process-filename.yml
• host-interaction/registry/create/set-registry-value.yml
• host-interaction/wmi/connect-to-wmi-namespace-via-wbemlocator.yml
• linking/runtime-linking/access-peb-ldr_data.yml
• nursery/execute-shell-command-via-windows-remote-management.yml
• nursery/get-password-database-entry-on-linux.yml
• nursery/hook-routines-via-microsoft-detours.yml
• persistence/registry/appinitdlls/persist-via-appinit_dlls-registry-key.yml
• persistence/registry/ginadll/persist-via-ginadll-registry-key.yml
• persistence/registry/persist-via-active-setup-registry-key.yml
• persistence/registry/run/persist-via-run-registry-key.yml
• persistence/registry/winlogon-helper/persist-via-winlogon-helper-dll-registry-key.yml
• persistence/scheduled-tasks/schedule-task-via-at.yml
• persistence/scheduled-tasks/schedule-task-via-schtasks.yml
• persistence/service/persist-via-windows-service.yml
• persistence/startup-folder/write-file-to-startup-folder.yml

Renamed rules (1)

• nursery/persist-via-screensaver-registry-key.yml (was nursery/reference-screen-saver-executable.yml)