From 60fcf9874198b4c1f1527b4f8609020d3be64f32 Mon Sep 17 00:00:00 2001
From: Matt Williams <13837569+mwilliams31@users.noreply.github.com>
Date: Tue, 15 Oct 2024 15:03:46 +0000
Subject: [PATCH] access-peb-ldr_data.yml: reference update

---
 linking/runtime-linking/access-peb-ldr_data.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/linking/runtime-linking/access-peb-ldr_data.yml b/linking/runtime-linking/access-peb-ldr_data.yml
index 3fa40062..99c5dd00 100644
--- a/linking/runtime-linking/access-peb-ldr_data.yml
+++ b/linking/runtime-linking/access-peb-ldr_data.yml
@@ -10,7 +10,7 @@ rule:
     att&ck:
       - Execution::Shared Modules [T1129]
     references:
-      - https://www.geoffchappell.com/studies/windows/win32/ntdll/structs/peb_ldr_data.htm
+      - https://www.geoffchappell.com/studies/windows/km/ntoskrnl/inc/api/ntpsapi_x/peb_ldr_data.htm
       - https://github.com/d35ha/CallObfuscator/blob/5834aff9ff4511f1408ae4ce80b79737af4ae77b/ShellCode/shell_x64.asm#L8
     examples:
       - 3FDFB2D522E7DEECAAAF2F87420F7E75:0x4117B7