Commit Graph

62 Commits

Author SHA1 Message Date
Thomas Stromberg
310e51d2a2
fpr: Capture One, Grammarly, Mullvad, etc 2023-12-08 17:12:27 -05:00
Thomas Stromberg
5802021124
Optimize YARA process queries by deduping paths 2023-11-02 09:53:26 -04:00
Thomas Stromberg
6e1e7f29c2
fpr: dbeaver, AwesomeScreenshot, Hyper, etc 2023-11-02 09:39:41 -04:00
Thomas Stromberg
0060bb087e
fpr: aws, java, arch, cody, google, wireshark, etc 2023-10-31 11:40:10 -04:00
Thomas Stromberg
7d9aced380
fpr: mtr, vscode, cpptools, cron, firefox 2023-10-25 09:18:04 -04:00
Thomas Stromberg
9e6df92e3f
fpr: osquery release spam 2023-10-24 18:32:03 -04:00
Thomas Stromberg
3c2be1c16e
fpr: Kolide, qemu, bash, monday, macOS 2023-10-24 18:01:36 -04:00
Thomas Stromberg
5f2680ca8b
fpr: Monday, Splunk, Gnome, Git, Grammarly, etc 2023-10-02 11:35:11 -04:00
Thomas Stromberg
f73263bece
fpr: docker, fish, Stream Deck, rsync, lima, macOS 2023-09-26 15:14:38 -04:00
Thomas Stromberg
a7f0b3001d
Reduce false positives on Ubuntu + Lima 2023-09-26 13:09:22 -04:00
Thomas Stromberg
2bbc2f6c97
split detection pack into subpacks 2023-09-20 17:43:39 -04:00
Thomas Stromberg
b39fca4e9f
fpr: RSA keys, tcpdump, login, crane, souregraph, etc 2023-09-20 09:30:46 -04:00
Thomas Stromberg
f16c3cdf53 fpr: sourcegraph, nginx, factorio, fan control, emacs, nushell 2023-09-14 17:13:12 -04:00
Thomas Stromberg
84125c4bb1
Remove recently common false positives 2023-09-01 17:09:47 -04:00
Thomas Stromberg
ce2f0f06cb
fpr; Keybase, grype, UpdateBrainService, OpenOffice, sqlproxy 2023-07-20 10:56:49 -04:00
Thomas Stromberg
a0e4183bf4 fpr: Velociraptor, nessus, kandji, java, SteelSeries, etc 2023-07-12 17:38:26 -04:00
Thomas Stromberg
cebf617c82 fpr: terragrunt, mdnsResponder, Spotify, Zoom, etc 2023-06-14 10:58:41 -04:00
Thomas Stromberg
32328c91f1 fpr: Slack, Gnome, Sigstore, Logitune, etc 2023-06-12 10:10:57 -04:00
Thomas Stromberg
9575d18bc2 fpr: FleetDM, Edge, VSCode, dnf, Steam, etc 2023-06-01 11:52:20 -04:00
Thomas Stromberg
26b2b9a4c7
fpr: LGHUB, aomshm, Wisdolia, uubyte, eclipse, etc 2023-05-11 11:29:55 -04:00
Thomas Stromberg
41d83350a1
make reformat 2023-05-08 13:20:47 -04:00
Thomas Stromberg
778d53b169
Address merge conflicts 2023-05-08 13:11:24 -04:00
Thomas Stromberg
4856a0e80a
fpr: LogiTune, sharingd, gnome, sparkle, plex 2023-05-08 13:07:57 -04:00
Thomas Stromberg
0202e87b73
fpr: libopenblas, snapd, k3d, opera, nix, ssh, cargo, adobe installer 2023-05-03 16:28:00 -04:00
Thomas Stromberg
47124daa01
fpr: RetailMeNot, LogiTune, macOS, mediawriter, etc 2023-05-02 15:25:36 -04:00
Thomas Stromberg
df925eaa6c
fpr: lghub, brew, pve, chrome exts, etc 2023-04-20 20:45:35 -04:00
Thomas Stromberg
21cadbeb28
move missing comma 2023-03-24 11:20:37 -04:00
Thomas Stromberg
284796b895
fpr: snyk-ls, electron 2023-03-24 11:03:55 -04:00
Thomas Stromberg
570c36dc71
fpr: tilt, electron, cilium, write/read improvements 2023-03-24 10:42:06 -04:00
Thomas Stromberg
7a78199906
fpr: traceroute, thunderbird, garmin installer, chainctl, etc 2023-03-21 14:07:06 -04:00
Thomas Stromberg
fbab3701c0
fpr: Docker, Zwift, macOS updates, etc 2023-03-20 17:05:02 -04:00
Thomas Stromberg
9eeae99f24
modernize high-disk-bytes queries 2023-03-17 10:48:17 -04:00
Thomas Stromberg
824efa9705
fpr: yum, systemd, cloud-sql-proxy, image-automation-controller, helm, bom, aws 2023-03-14 19:00:44 -04:00
Thomas Stromberg
f25cfe1399
fpr: aws-sdk, melange, Tailscale, Xprotect, etc 2023-03-03 07:24:42 -05:00
Thomas Stromberg
fb7cd56249
fpr: abrt-dbus, gdm, chrome, ff, etc 2023-02-24 16:30:17 -05:00
Thomas Stromberg
45ab183557
fpr: New Chrome etxensions, vbox, chrome, gcloud, gdm3, yay, etc 2023-01-30 14:58:47 -05:00
Thomas Stromberg
f7c1557aee
fpr: libinput, kue, updatedb, mariadb, terraform 2023-01-23 08:13:04 -05:00
Thomas Stromberg
e6824d87e9
Run 'make reformat' 2023-01-20 09:24:24 -05:00
Thomas Stromberg
d415b36b57
FP removal: Selenium, PolKit helper, gephi, docker-credential-gcloud, firejail, etc 2023-01-16 12:56:39 -05:00
Thomas Stromberg
420d269025
Reformat and reduce false positives 2023-01-09 15:10:48 -05:00
Thomas Stromberg
2bcf9316cf
Add some hash fields, fix some false positives 2023-01-09 09:04:38 -05:00
Thomas Stromberg
ba23df1fef
Catch up to other false positives over winter break 2023-01-04 11:03:38 -05:00
Thomas Stromberg
a8b95a2c9e
New Years cleanup: monitorix, snap-confine, steam, spotify, etc 2023-01-03 08:50:19 -05:00
Thomas Stromberg
404adf3e1f
Another false positive flush: Capital One, tailscaled, agetty, snap, ninja, epson printers, etc 2022-12-15 16:51:58 -05:00
Thomas Stromberg
6a7c4b6668
Pre-Thanksgiving False Positive cleanup, including Pop!OS support 2022-11-22 09:21:03 -05:00
Thomas Stromberg
c9605d1c98
Add exceptions for terraform, hugo, macOS updates 2022-11-08 14:32:38 -05:00
Thomas Stromberg
3dec23370c
More exclusions 2022-11-08 12:59:11 -05:00
Thomas Stromberg
caab2a6c82
Loads of fresh new false-positives removal 2022-10-31 17:40:37 -04:00
Thomas Stromberg
6e2f7059b5
Add exceptions for Steam on Linux 2022-10-30 10:19:33 -04:00
Thomas Stromberg
a00af6c1fa
Merge another day worth of false positives 2022-10-27 10:23:15 -04:00