Commit Graph

39 Commits

Author SHA1 Message Date
Thomas Stromberg
f72e6424c0 Run reformat 2024-02-16 17:21:00 -05:00
Thomas Stromberg
310e51d2a2
fpr: Capture One, Grammarly, Mullvad, etc 2023-12-08 17:12:27 -05:00
Thomas Stromberg
2bbc2f6c97
split detection pack into subpacks 2023-09-20 17:43:39 -04:00
Thomas Stromberg
b39fca4e9f
fpr: RSA keys, tcpdump, login, crane, souregraph, etc 2023-09-20 09:30:46 -04:00
Thomas Stromberg
961a673a52 Detect vulnerable versions of Acrobat Reader 2023-09-14 16:30:05 -04:00
Thomas Stromberg
ff2ab95431 Remove file sizes from systemd exception key 2023-06-08 18:26:57 -04:00
Thomas Stromberg
066c88dc18 fpr: multipass, go, macOS, Ubuntu, Opera, git, ko 2023-06-02 19:08:08 -04:00
Thomas Stromberg
9575d18bc2 fpr: FleetDM, Edge, VSCode, dnf, Steam, etc 2023-06-01 11:52:20 -04:00
Thomas Stromberg
111c15e20b fpr: macOS, yubikey, Premiere, dnf, vagrant, etc 2023-05-23 11:31:37 -04:00
Thomas Stromberg
56ede74c54 fpr: Parallels, Stream Deck, tflint, gitstatus, snyk 2023-05-17 17:52:55 -04:00
Thomas Stromberg
26b2b9a4c7
fpr: LGHUB, aomshm, Wisdolia, uubyte, eclipse, etc 2023-05-11 11:29:55 -04:00
Thomas Stromberg
41d83350a1
make reformat 2023-05-08 13:20:47 -04:00
Thomas Stromberg
9eed574026
fpr: sharingd, sparkle, golang, Snagit 2023-05-05 15:10:54 -04:00
Thomas Stromberg
272711ae7a
fpr: node, nc, busybox, libvirt, etc 2023-05-05 12:44:46 -04:00
Thomas Stromberg
0202e87b73
fpr: libopenblas, snapd, k3d, opera, nix, ssh, cargo, adobe installer 2023-05-03 16:28:00 -04:00
Thomas Stromberg
76cf1006c6
fpr: microbit, i3, Grammarly for Safari, wine 2023-05-02 17:49:53 -04:00
Thomas Stromberg
47124daa01
fpr: RetailMeNot, LogiTune, macOS, mediawriter, etc 2023-05-02 15:25:36 -04:00
Thomas Stromberg
02337c28f0
fpr: cleanup and new additions 2023-04-27 12:00:08 -04:00
Thomas Stromberg
df925eaa6c
fpr: lghub, brew, pve, chrome exts, etc 2023-04-20 20:45:35 -04:00
Thomas Stromberg
0dc6748dff fpr: LGHUB keys, go, Acrobat, code, yum, fwupdatemgr 2023-03-31 06:19:30 -04:00
Thomas Stromberg
fbab3701c0
fpr: Docker, Zwift, macOS updates, etc 2023-03-20 17:05:02 -04:00
Thomas Stromberg
0aac121cbb
gcp keys mdfind: filter out more filenames 2023-03-17 10:15:07 -04:00
Thomas Stromberg
fbc2b207b4
fpr: Signal, apko, aws, melange, dash, stern 2023-03-16 17:29:11 -04:00
Thomas Stromberg
824efa9705
fpr: yum, systemd, cloud-sql-proxy, image-automation-controller, helm, bom, aws 2023-03-14 19:00:44 -04:00
Thomas Stromberg
09652bd91f
fpr: SA keys, libgtop, haproxy, gvproxy, slirp 2023-03-14 16:05:16 -04:00
Thomas Stromberg
b3825ba2b9
fpr: Canon Universal Installer, melange, GPG, key names 2023-03-06 15:11:11 -05:00
Thomas Stromberg
81b09ae711
fpr: aws certs, AdobePIM, slack 2023-03-04 12:20:53 -05:00
Thomas Stromberg
f25cfe1399
fpr: aws-sdk, melange, Tailscale, Xprotect, etc 2023-03-03 07:24:42 -05:00
Thomas Stromberg
fa7a0971d4
Add RSA key finders, and mdfind-based GCP key finder 2023-03-01 11:05:35 -05:00
Thomas Stromberg
e6824d87e9
Run 'make reformat' 2023-01-20 09:24:24 -05:00
Thomas Stromberg
8e9ae0fda3
Less false positives: particularly among systemctl calls 2023-01-20 08:40:08 -05:00
Thomas Stromberg
0b057b45d2
Increase long uptime cutoff from 60d to 90d 2023-01-19 12:11:01 -05:00
Thomas Stromberg
cb896b9e10
Filter out new false positives 2023-01-13 15:24:18 -05:00
Thomas Strömberg
cb0ed647d8
Merge branch 'main' into bugfixesJan13 2023-01-13 13:56:19 -05:00
Thomas Stromberg
1084843ed4
Add header metadata 2023-01-13 13:47:33 -05:00
Thomas Stromberg
7b83467305
new detector: unencrypted GCP service account keys 2023-01-13 11:21:48 -05:00
Thomas Stromberg
546d1367eb
Rename unusually-long-uptime 2022-11-23 07:10:41 -05:00
Thomas Stromberg
39e9aee6eb
Split parent-missing-from-disk, address false positives 2022-11-23 07:10:03 -05:00
Thomas Stromberg
26ee658c4a
Initial re-organization around the MITRE ATT&CK framework 2022-10-11 21:53:36 -04:00