RepoMirrors/osquery-defense-kit
1
0
Fork 0
mirror of https://github.com/chainguard-dev/osquery-defense-kit synced 2025-02-09 05:56:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
587 Commits 1 Branch 31 Tags 6.8 MiB
141ab28310
Commit Graph

26 Commits

Author SHA1 Message Date
Thomas Stromberg
d51bd731a1
fpr: Parallels, nerdctl, Xorg, nvidia, Stream, etc 2023-01-26 20:40:47 -05:00
Thomas Stromberg
83cc38207e
fpr: minikube, tailscale, dex, pacman, virtualbox, steam, lsmod, busybox, etc 2023-01-23 20:33:52 -05:00
Thomas Stromberg
e6824d87e9
Run 'make reformat' 2023-01-20 09:24:24 -05:00
Thomas Stromberg
d415b36b57
FP removal: Selenium, PolKit helper, gephi, docker-credential-gcloud, firejail, etc 2023-01-16 12:56:39 -05:00
Thomas Stromberg
e3401a07c6
Weekend false-positive flush 2023-01-14 08:19:26 -05:00
Thomas Stromberg
1b79359b68
Friday False Positive Flush 2023-01-13 14:10:43 -05:00
Thomas Stromberg
e8af31a348
false positives: dots, ipn, apport-gtk, homebrew, hyperkey, contexts 2023-01-09 09:34:20 -05:00
Thomas Stromberg
71cda72dc1
Add exception for dmesg reading /dev/kmsg 2023-01-04 11:08:05 -05:00
Thomas Stromberg
aa7d9d21f7
Fix firefox typo 2023-01-04 11:05:03 -05:00
Thomas Stromberg
ba23df1fef
Catch up to other false positives over winter break 2023-01-04 11:03:38 -05:00
Thomas Stromberg
350b0d8970
Add k3s /dev/kmsg exception, add parent info 2022-12-20 07:51:29 -05:00
Thomas Stromberg
15d3251120
False-positive flush: mount.ntfs, docker-credential-desktop, exotic socket refactor 2022-12-19 18:06:06 -05:00
Thomas Stromberg
49a19a6fd5
Sort out more false positives 2022-12-16 17:37:32 -05:00
Thomas Stromberg
404adf3e1f
Another false positive flush: Capital One, tailscaled, agetty, snap, ninja, epson printers, etc 2022-12-15 16:51:58 -05:00
Thomas Stromberg
16f9b2f3ee
Remove more false positives: kind, gopls, docker.socket, etc 2022-12-15 10:20:16 -05:00
Thomas Stromberg
6a7c4b6668
Pre-Thanksgiving False Positive cleanup, including Pop!OS support 2022-11-22 09:21:03 -05:00
Thomas Stromberg
e7e714c9db
Make another stab at reducing false positives across the map 2022-11-03 11:51:54 -04:00
Thomas Stromberg
3d75593c76
Add exceptions for Jetbrains/Delve, more for Steam 2022-10-30 12:00:43 -04:00
Thomas Stromberg
770496edea
dev opener: Add bluetoothd 2022-10-21 11:27:42 -04:00
Thomas Stromberg
9bf85e3137
Flush out more false positives 2022-10-17 20:37:44 -04:00
Thomas Stromberg
984f754990
Add more false positive filters 2022-10-17 19:01:16 -04:00
Thomas Stromberg
f2023c0021
Update interval tags, mostly for persistence 2022-10-14 14:26:49 -04:00
Thomas Stromberg
d2bdffe89e
Add support for interval tags 2022-10-14 14:19:13 -04:00
Thomas Stromberg
b9a64e8b99
Janitorial maintenance 2022-10-14 10:18:01 -04:00
Thomas Stromberg
20452b128b
Migrate query strings from double to single apostrophes 2022-10-13 14:59:32 -04:00
Thomas Stromberg
26ee658c4a
Initial re-organization around the MITRE ATT&CK framework 2022-10-11 21:53:36 -04:00