Thomas Stromberg
|
cdcb2d48f3
|
Slow queries down, minor improvements
|
2023-02-01 16:17:36 -05:00 |
Thomas Stromberg
|
83cc38207e
|
fpr: minikube, tailscale, dex, pacman, virtualbox, steam, lsmod, busybox, etc
|
2023-01-23 20:33:52 -05:00 |
Thomas Stromberg
|
d415b36b57
|
FP removal: Selenium, PolKit helper, gephi, docker-credential-gcloud, firejail, etc
|
2023-01-16 12:56:39 -05:00 |
Thomas Stromberg
|
e3401a07c6
|
Weekend false-positive flush
|
2023-01-14 08:19:26 -05:00 |
Thomas Stromberg
|
eeeaeecda1
|
Add exceptions for Microsoft teams, ldconfig, fix go build paths
|
2022-11-17 07:20:19 -05:00 |
Thomas Stromberg
|
3d7bc8363e
|
More false positive management
|
2022-11-16 14:49:36 -05:00 |
Thomas Stromberg
|
9b99b0f657
|
tiny-executable-events: Add child hash & magic data, filter by regular
|
2022-11-09 09:14:10 -05:00 |
Thomas Stromberg
|
535d835290
|
Simplify exotic commands queries, remove more false positives
|
2022-10-18 11:32:18 -04:00 |
Thomas Stromberg
|
9bf85e3137
|
Flush out more false positives
|
2022-10-17 20:37:44 -04:00 |
Thomas Stromberg
|
2b5ea76729
|
Apply 'npx sql-formatter -l sqlite'
|
2022-10-17 19:06:17 -04:00 |
Thomas Stromberg
|
58dec12a49
|
Remove some false positives
|
2022-10-17 17:31:47 -04:00 |
Thomas Stromberg
|
d2bdffe89e
|
Add support for interval tags
|
2022-10-14 14:19:13 -04:00 |
Thomas Stromberg
|
26ee658c4a
|
Initial re-organization around the MITRE ATT&CK framework
|
2022-10-11 21:53:36 -04:00 |