Thomas Stromberg
|
f72e6424c0
|
Run reformat
|
2024-02-16 17:21:00 -05:00 |
|
Thomas Stromberg
|
310e51d2a2
|
fpr: Capture One, Grammarly, Mullvad, etc
|
2023-12-08 17:12:27 -05:00 |
|
Thomas Stromberg
|
2bbc2f6c97
|
split detection pack into subpacks
|
2023-09-20 17:43:39 -04:00 |
|
Thomas Stromberg
|
b39fca4e9f
|
fpr: RSA keys, tcpdump, login, crane, souregraph, etc
|
2023-09-20 09:30:46 -04:00 |
|
Thomas Stromberg
|
961a673a52
|
Detect vulnerable versions of Acrobat Reader
|
2023-09-14 16:30:05 -04:00 |
|
Thomas Stromberg
|
ff2ab95431
|
Remove file sizes from systemd exception key
|
2023-06-08 18:26:57 -04:00 |
|
Thomas Stromberg
|
066c88dc18
|
fpr: multipass, go, macOS, Ubuntu, Opera, git, ko
|
2023-06-02 19:08:08 -04:00 |
|
Thomas Stromberg
|
9575d18bc2
|
fpr: FleetDM, Edge, VSCode, dnf, Steam, etc
|
2023-06-01 11:52:20 -04:00 |
|
Thomas Stromberg
|
111c15e20b
|
fpr: macOS, yubikey, Premiere, dnf, vagrant, etc
|
2023-05-23 11:31:37 -04:00 |
|
Thomas Stromberg
|
56ede74c54
|
fpr: Parallels, Stream Deck, tflint, gitstatus, snyk
|
2023-05-17 17:52:55 -04:00 |
|
Thomas Stromberg
|
26b2b9a4c7
|
fpr: LGHUB, aomshm, Wisdolia, uubyte, eclipse, etc
|
2023-05-11 11:29:55 -04:00 |
|
Thomas Stromberg
|
41d83350a1
|
make reformat
|
2023-05-08 13:20:47 -04:00 |
|
Thomas Stromberg
|
9eed574026
|
fpr: sharingd, sparkle, golang, Snagit
|
2023-05-05 15:10:54 -04:00 |
|
Thomas Stromberg
|
272711ae7a
|
fpr: node, nc, busybox, libvirt, etc
|
2023-05-05 12:44:46 -04:00 |
|
Thomas Stromberg
|
0202e87b73
|
fpr: libopenblas, snapd, k3d, opera, nix, ssh, cargo, adobe installer
|
2023-05-03 16:28:00 -04:00 |
|
Thomas Stromberg
|
76cf1006c6
|
fpr: microbit, i3, Grammarly for Safari, wine
|
2023-05-02 17:49:53 -04:00 |
|
Thomas Stromberg
|
47124daa01
|
fpr: RetailMeNot, LogiTune, macOS, mediawriter, etc
|
2023-05-02 15:25:36 -04:00 |
|
Thomas Stromberg
|
02337c28f0
|
fpr: cleanup and new additions
|
2023-04-27 12:00:08 -04:00 |
|
Thomas Stromberg
|
df925eaa6c
|
fpr: lghub, brew, pve, chrome exts, etc
|
2023-04-20 20:45:35 -04:00 |
|
Thomas Stromberg
|
0dc6748dff
|
fpr: LGHUB keys, go, Acrobat, code, yum, fwupdatemgr
|
2023-03-31 06:19:30 -04:00 |
|
Thomas Stromberg
|
fbab3701c0
|
fpr: Docker, Zwift, macOS updates, etc
|
2023-03-20 17:05:02 -04:00 |
|
Thomas Stromberg
|
0aac121cbb
|
gcp keys mdfind: filter out more filenames
|
2023-03-17 10:15:07 -04:00 |
|
Thomas Stromberg
|
fbc2b207b4
|
fpr: Signal, apko, aws, melange, dash, stern
|
2023-03-16 17:29:11 -04:00 |
|
Thomas Stromberg
|
824efa9705
|
fpr: yum, systemd, cloud-sql-proxy, image-automation-controller, helm, bom, aws
|
2023-03-14 19:00:44 -04:00 |
|
Thomas Stromberg
|
09652bd91f
|
fpr: SA keys, libgtop, haproxy, gvproxy, slirp
|
2023-03-14 16:05:16 -04:00 |
|
Thomas Stromberg
|
b3825ba2b9
|
fpr: Canon Universal Installer, melange, GPG, key names
|
2023-03-06 15:11:11 -05:00 |
|
Thomas Stromberg
|
81b09ae711
|
fpr: aws certs, AdobePIM, slack
|
2023-03-04 12:20:53 -05:00 |
|
Thomas Stromberg
|
f25cfe1399
|
fpr: aws-sdk, melange, Tailscale, Xprotect, etc
|
2023-03-03 07:24:42 -05:00 |
|
Thomas Stromberg
|
fa7a0971d4
|
Add RSA key finders, and mdfind-based GCP key finder
|
2023-03-01 11:05:35 -05:00 |
|
Thomas Stromberg
|
e6824d87e9
|
Run 'make reformat'
|
2023-01-20 09:24:24 -05:00 |
|
Thomas Stromberg
|
8e9ae0fda3
|
Less false positives: particularly among systemctl calls
|
2023-01-20 08:40:08 -05:00 |
|
Thomas Stromberg
|
0b057b45d2
|
Increase long uptime cutoff from 60d to 90d
|
2023-01-19 12:11:01 -05:00 |
|
Thomas Stromberg
|
cb896b9e10
|
Filter out new false positives
|
2023-01-13 15:24:18 -05:00 |
|
Thomas Strömberg
|
cb0ed647d8
|
Merge branch 'main' into bugfixesJan13
|
2023-01-13 13:56:19 -05:00 |
|
Thomas Stromberg
|
1084843ed4
|
Add header metadata
|
2023-01-13 13:47:33 -05:00 |
|
Thomas Stromberg
|
7b83467305
|
new detector: unencrypted GCP service account keys
|
2023-01-13 11:21:48 -05:00 |
|
Thomas Stromberg
|
546d1367eb
|
Rename unusually-long-uptime
|
2022-11-23 07:10:41 -05:00 |
|
Thomas Stromberg
|
39e9aee6eb
|
Split parent-missing-from-disk, address false positives
|
2022-11-23 07:10:03 -05:00 |
|
Thomas Stromberg
|
26ee658c4a
|
Initial re-organization around the MITRE ATT&CK framework
|
2022-10-11 21:53:36 -04:00 |
|