Merge pull request #183 from zaicurity/patch-1

Create KeepVMDisksByExtension.toml

Author: l0ss

Snaffler/SnaffRules/DefaultRules/FileRules/Keep/Infrastructure/VirtualMachines/KeepVMDisksByExtension.toml

@@ -0,0 +1,14 @@
+[[ClassifierRules]]
+EnumerationScope = "FileEnumeration"
+RuleName = "KeepVMDisksByExtension"
+MatchAction = "Snaffle"
+Description = "Virtual Machine Disks can contain sensitive data or credentials."
+MatchLocation = "FileExtension"
+WordListType = "Exact"
+MatchLength = 0
+WordList = [
+"\\.vmdk",
+"\\.vdi",
+"\\.vhd",
+"\\.vhdx"]
+Triage = "Red"