osquery-defense-kit

mirror of https://github.com/chainguard-dev/osquery-defense-kit synced 2025-01-12 00:29:29 +00:00

Author	SHA1	Message	Date
Thomas Stromberg	3cc2af51c1	fpr: elastic, rapid7, zwift	2024-01-10 11:20:04 -05:00
Thomas Strömberg	46defeab6f	Merge pull request #344 from tstromberg/simpler-make Simplify makefile, reduce config targets to 4	2024-01-09 16:57:34 -05:00
Thomas Stromberg	bdb25643d8	Simplify makefile, reduce config targets to 4	2024-01-09 16:56:40 -05:00
Thomas Strömberg	1462745390	Merge pull request #343 from tstromberg/fpr-jan9 fpr: syncthing, sourcegraph, phantombuster, iterm, cody, stickers	2024-01-09 16:21:03 -05:00
Thomas Stromberg	27a0d55737	fpr: syncthing	2024-01-09 16:19:52 -05:00
Thomas Stromberg	229a32a61e	fpr: sourcegraph,phantombuster,iterm,cody,stickers	2024-01-09 16:14:00 -05:00
Thomas Strömberg	16dd48b2f5	Merge pull request #342 from tstromberg/fpr-jan5 fpr: Elastic Defend, Rapid7 InsightIDR & others	2024-01-08 19:08:57 -05:00
Thomas Stromberg	875125fc94	Add exceptions for Elastic Defend & Rapid7 InsightIDR	2024-01-08 19:07:57 -05:00
Thomas Stromberg	c2c29a1a52	Optimize performance with Google Chrome image mounted	2024-01-08 18:47:36 -05:00
Thomas Stromberg	1304d66783	Add more Elastic exceptions	2024-01-08 17:55:30 -05:00
Thomas Stromberg	336a1fca4a	Add exceptions for Elastic Defend	2024-01-08 17:18:25 -05:00
Thomas Strömberg	d02d01b62d	Merge pull request #341 from tstromberg/osqtool-141 Upgrade osqtool to v1.4.1	2024-01-08 15:56:01 -05:00
Thomas Stromberg	45112c4b70	Upgrade osqtool to v1.4.1	2024-01-08 15:55:29 -05:00
Jed Salazar	3914fa7e40	Merge pull request #340 from jedsalazar/pr/jed/add-macdown-exception Add Macdown as an exception to minimal-socket-client-macos	2023-12-26 12:49:20 -07:00
Jed Salazar	243303ef75	Add Macdown as an exception to minimal-socket-client-macos Signed-off-by: Jed Salazar <jedsalazar@gmail.com>	2023-12-20 12:14:54 -07:00
Thomas Strömberg	79bbdb0257	Merge pull request #339 from tstromberg/combined-detection make: Add combined-detection.conf & osqtool versioning	2023-12-15 16:30:29 -06:00
Thomas Stromberg	3365d81d22	makefile: Add osqtool versioning	2023-12-15 17:29:26 -05:00
Thomas Stromberg	2be637e9c3	Add combined-detection rule	2023-12-15 17:25:54 -05:00
Thomas Strömberg	f8cc56cfde	Merge pull request #338 from tstromberg/dec15 fpr: A little bit of everything	2023-12-15 16:21:04 -06:00
Thomas Stromberg	202ce6be45	Ignore syncthing, nuclei, fix typos	2023-12-15 17:19:38 -05:00
Thomas Stromberg	8b9894ec74	filter out CSV from yara	2023-12-15 17:12:50 -05:00
Thomas Stromberg	800e4aa2cc	fpr: kind of everything	2023-12-15 17:10:06 -05:00
Thomas Strömberg	b5f61f4847	Merge pull request #337 from tstromberg/linuxperf exotic events linux: optimize query for reduced system CPU	2023-12-12 11:57:55 -06:00
Thomas Stromberg	2c783f17f4	exotic events linux: remove uptime join, use empty string	2023-12-12 12:56:09 -05:00
Thomas Stromberg	877b2c495b	exotic events linux: double interval, reduce hash lookups	2023-12-12 12:33:38 -05:00
Thomas Strömberg	1aaf59c36c	Merge pull request #336 from tstromberg/dec5 fpr: Capture One, Grammarly, Mullvad, etc	2023-12-08 16:13:31 -06:00
Thomas Stromberg	310e51d2a2	fpr: Capture One, Grammarly, Mullvad, etc	2023-12-08 17:12:27 -05:00
Thomas Strömberg	803f21cb8a	Merge pull request #335 from tstromberg/fpr-nov2 fpr: ThingsWidgetExtension	2023-11-02 11:18:37 -04:00
Thomas Stromberg	40078d357a	fpr: ThingsWidgetExtension	2023-11-02 11:17:58 -04:00
Thomas Strömberg	9e9da1244a	Merge pull request #334 from tstromberg/fpr-nov2 Optimize YARA process queries by deduping paths	2023-11-02 10:09:05 -04:00
Thomas Stromberg	5802021124	Optimize YARA process queries by deduping paths	2023-11-02 09:53:26 -04:00
Thomas Strömberg	6a343d09a7	Merge pull request #333 from tstromberg/fpr-nov2 fpr: dbeaver, AwesomeScreenshot, Hyper, etc	2023-11-02 09:40:55 -04:00
Thomas Stromberg	6e1e7f29c2	fpr: dbeaver, AwesomeScreenshot, Hyper, etc	2023-11-02 09:39:41 -04:00
Thomas Strömberg	7ce3a5222c	Merge pull request #332 from tstromberg/fpr-oct31 fpr: aws, java, arch, cody, google, wireshark, etc	2023-10-31 11:40:36 -04:00
Thomas Stromberg	0060bb087e	fpr: aws, java, arch, cody, google, wireshark, etc	2023-10-31 11:40:10 -04:00
Thomas Strömberg	51baf32292	Merge pull request #331 from tstromberg/fpr-oct25 fpr: rootlesskit, sshd, Fedora, Oracle Linux	2023-10-25 13:42:56 -04:00
Thomas Stromberg	23fadda33b	fpr: rootlesskit, sshd, Fedora, Oracle Linux	2023-10-25 13:42:22 -04:00
Thomas Strömberg	ad8d95516c	Merge pull request #330 from chainguard-dev/fpr-oct25 fpr: Electron, Github	2023-10-25 09:49:32 -04:00
Thomas Stromberg	d7990dd063	fpr: Electron, Github	2023-10-25 09:49:07 -04:00
Thomas Strömberg	3e25510b8c	Merge pull request #329 from chainguard-dev/fpr-oct25 fpr: mtr, vscode, cpptools, cron, firefox	2023-10-25 09:18:55 -04:00
Thomas Stromberg	7d9aced380	fpr: mtr, vscode, cpptools, cron, firefox	2023-10-25 09:18:04 -04:00
Thomas Strömberg	7b76585736	Merge pull request #328 from tstromberg/fpr-oct24 fpr: osquery release spam	2023-10-24 18:32:59 -04:00
Thomas Stromberg	9e6df92e3f	fpr: osquery release spam	2023-10-24 18:32:03 -04:00
Thomas Strömberg	5cc769c5a0	Merge pull request #327 from tstromberg/fpr-oct24 fpr: Kolide, qemu, bash, monday, macOS	2023-10-24 18:03:49 -04:00
Thomas Stromberg	3c2be1c16e	fpr: Kolide, qemu, bash, monday, macOS	2023-10-24 18:01:36 -04:00
Thomas Strömberg	3e970ed93f	Merge pull request #326 from tstromberg/fpr-sep26 makefile: Extend timeouts for YARA queries	2023-10-03 11:21:24 -04:00
Thomas Stromberg	9a03776699	Extend timeouts	2023-10-03 11:20:40 -04:00
Thomas Strömberg	db67613a38	Merge pull request #325 from tstromberg/fpr-oct2 fpr: containerd, hyper, Docker, Chromium, spotify, busycal	2023-10-02 16:13:10 -04:00
Thomas Stromberg	bf66053d5c	fpr: containerd, hyper, Docker, Chromium, spotify, busycal	2023-10-02 16:11:44 -04:00
Thomas Strömberg	c8f2fa0cb5	Merge pull request #324 from tstromberg/fpr-sep26 fpr: Monday, Splunk, Gnome, Git, Grammarly, etc	2023-10-02 11:46:20 -04:00

1 2 3 4 5 ...

1086 Commits