As a developer working with Microsoft Visual Studio pulling down open source code I will take time to quickly scan through the MSBuild scripts to see if there is any custom build targets added that may perform an undesired action.
Would Avast detect any potential threats in an msbuild script file? The question is related to how would Avast protect against threats found in scripting files which I know nothing about Avast and if it is able to detect threats inside script files directly or if threats are detected indirectly.
Answers covering how Avast handles scripting technology scans might lead into insights. I don't know about msbuild threat vectors but what I also don't know is what type of threat vectors are checked in Avast's database. Which leads to another question is there a way to research Avast's threat database for attack vectors from MSBuild scripts or other sources? This would be useful to make decisions when making file extension exclusion lists. If the DB has known threats from a found file extension or technology that would fill in the knowledge gap end users may have on potential threat vectors from some file sources.
