Detect webshells dropped on Microsoft Exchange servers exploited through "proxylogon" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)
This project has been discontinued Please use Microsoft tools instead: Microsoft Safety Scanner Other detections and mitigations listed in: githubcom/microsoft/CSS-Exchange/tree/main/Security When assessing impact we strongly suggest to assume breach and to preemptively examine all MS Exchange servers that were publically exposed since January, even if there are no s