Thomas Stromberg
|
8d583131ca
|
fpr: cups, zed, pycharm, msedge, surfshark, ubiquiti
|
2024-09-24 15:10:21 -04:00 |
|
Thomas Stromberg
|
56ede74c54
|
fpr: Parallels, Stream Deck, tflint, gitstatus, snyk
|
2023-05-17 17:52:55 -04:00 |
|
Thomas Stromberg
|
f9dce0a72d
|
Include more process information across queries
|
2023-02-01 13:55:55 -05:00 |
|
Thomas Stromberg
|
9f63e3b21d
|
Begin making use of cgroup_paths, clear more false positives
|
2022-11-16 16:52:39 -05:00 |
|
Thomas Stromberg
|
f1a3354495
|
Address false positives: nginx-ingress-controller, dbus, etc
|
2022-11-10 11:04:48 -05:00 |
|
Thomas Stromberg
|
e7e714c9db
|
Make another stab at reducing false positives across the map
|
2022-11-03 11:51:54 -04:00 |
|
Thomas Stromberg
|
ab94de7770
|
Add a lot more mitre data
|
2022-10-19 16:56:32 -04:00 |
|
Thomas Stromberg
|
cee1710f74
|
Finish out the incident_response refactor
|
2022-10-19 16:19:53 -04:00 |
|
Thomas Stromberg
|
83a8c0d589
|
Improve how we deal with the zfs case
|
2022-10-18 11:40:42 -04:00 |
|
Thomas Stromberg
|
2b5ea76729
|
Apply 'npx sql-formatter -l sqlite'
|
2022-10-17 19:06:17 -04:00 |
|
Thomas Stromberg
|
984f754990
|
Add more false positive filters
|
2022-10-17 19:01:16 -04:00 |
|
Thomas Stromberg
|
d89335a21e
|
Add child/grandchild, filter out zfs recv false positive
|
2022-10-17 18:46:00 -04:00 |
|
Thomas Stromberg
|
d2bdffe89e
|
Add support for interval tags
|
2022-10-14 14:19:13 -04:00 |
|
Thomas Stromberg
|
1fb2b694bb
|
Use single quotes
|
2022-10-13 18:31:36 -04:00 |
|
Thomas Stromberg
|
3562bc898e
|
Remove sshd listener false positive
|
2022-10-13 18:02:14 -04:00 |
|
Thomas Stromberg
|
20452b128b
|
Migrate query strings from double to single apostrophes
|
2022-10-13 14:59:32 -04:00 |
|
Thomas Stromberg
|
26ee658c4a
|
Initial re-organization around the MITRE ATT&CK framework
|
2022-10-11 21:53:36 -04:00 |