Search the Community
Showing results for tags 'cortex-xdr-config-extractor'.
-
This tool is meant to be used during Red Team Assessments and to audit the XDR Settings. With this tool its possible to parse the Database Lock Files of the Cortex XDR Agent by Palo Alto Networks and extract Agent Settings, the Hash and Salt of the Uninstall Password, as well as possible Exclusions. Supported Extractions Uninstall Password Hash & Salt Excluded Signer Names DLL Security Exclusions & Settings PE Security Exclusions & Settings Office Files Security Exclusions & Settings Credential Gathering Module Exclusions Webshell Protection Module Exclusions Childprocess Executionchain Exclusions Behavorial Threat Module Exclusions Local Malware Scan Module Exclusions Memory Protection Module Status Global Hash Exclusions Ransomware Protection Module Modus & Settings [hide][Hidden Content]]
-
- 2
-
- cortex-xdr-config-extractor
- cortex
-
(and 3 more)
Tagged with: