From 19fb3458effac81ce6f606ef39759d8cb306a886 Mon Sep 17 00:00:00 2001
From: Erick Cheng <19863605+ec4n6@users.noreply.github.com>
Date: Tue, 2 Nov 2021 16:21:32 +0100
Subject: [PATCH] Add wget and curl to remote_file_copy_binaries

Signed-off-by: Erick Cheng <19863605+ec4n6@users.noreply.github.com>
---
 rules/falco_rules.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/falco_rules.yaml b/rules/falco_rules.yaml
index 795ba562..6ab28ce0 100644
--- a/rules/falco_rules.yaml
+++ b/rules/falco_rules.yaml
@@ -2676,7 +2676,7 @@
   tags: [file, mitre_persistence]
 
 - list: remote_file_copy_binaries
-  items: [rsync, scp, sftp, dcp]
+  items: [rsync, scp, sftp, dcp, wget, scp]
 
 - macro: remote_file_copy_procs
   condition: (proc.name in (remote_file_copy_binaries))