RepoMirrors
/
osquery-defense-kit
mirror of https://github.com/chainguard-dev/osquery-defense-kit
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
874 Commits 1 Branch 31 Tags 5.6 MiB
Commit Graph

28 Commits

Author SHA1 Message Date
Thomas Stromberg 41d83350a1
make reformat 2023-05-08 13:20:47 -04:00
Thomas Stromberg 9eed574026
fpr: sharingd, sparkle, golang, Snagit 2023-05-05 15:10:54 -04:00
Thomas Stromberg 272711ae7a
fpr: node, nc, busybox, libvirt, etc 2023-05-05 12:44:46 -04:00
Thomas Stromberg 0202e87b73
fpr: libopenblas, snapd, k3d, opera, nix, ssh, cargo, adobe installer 2023-05-03 16:28:00 -04:00
Thomas Stromberg 76cf1006c6
fpr: microbit, i3, Grammarly for Safari, wine 2023-05-02 17:49:53 -04:00
Thomas Stromberg 47124daa01
fpr: RetailMeNot, LogiTune, macOS, mediawriter, etc 2023-05-02 15:25:36 -04:00
Thomas Stromberg 02337c28f0
fpr: cleanup and new additions 2023-04-27 12:00:08 -04:00
Thomas Stromberg df925eaa6c
fpr: lghub, brew, pve, chrome exts, etc 2023-04-20 20:45:35 -04:00
Thomas Stromberg 0dc6748dff fpr: LGHUB keys, go, Acrobat, code, yum, fwupdatemgr 2023-03-31 06:19:30 -04:00
Thomas Stromberg fbab3701c0
fpr: Docker, Zwift, macOS updates, etc 2023-03-20 17:05:02 -04:00
Thomas Stromberg 0aac121cbb
gcp keys mdfind: filter out more filenames 2023-03-17 10:15:07 -04:00
Thomas Stromberg fbc2b207b4
fpr: Signal, apko, aws, melange, dash, stern 2023-03-16 17:29:11 -04:00
Thomas Stromberg 824efa9705
fpr: yum, systemd, cloud-sql-proxy, image-automation-controller, helm, bom, aws 2023-03-14 19:00:44 -04:00
Thomas Stromberg 09652bd91f
fpr: SA keys, libgtop, haproxy, gvproxy, slirp 2023-03-14 16:05:16 -04:00
Thomas Stromberg b3825ba2b9
fpr: Canon Universal Installer, melange, GPG, key names 2023-03-06 15:11:11 -05:00
Thomas Stromberg 81b09ae711
fpr: aws certs, AdobePIM, slack 2023-03-04 12:20:53 -05:00
Thomas Stromberg f25cfe1399
fpr: aws-sdk, melange, Tailscale, Xprotect, etc 2023-03-03 07:24:42 -05:00
Thomas Stromberg fa7a0971d4
Add RSA key finders, and mdfind-based GCP key finder 2023-03-01 11:05:35 -05:00
Thomas Stromberg e6824d87e9
Run 'make reformat' 2023-01-20 09:24:24 -05:00
Thomas Stromberg 8e9ae0fda3
Less false positives: particularly among systemctl calls 2023-01-20 08:40:08 -05:00
Thomas Stromberg 0b057b45d2
Increase long uptime cutoff from 60d to 90d 2023-01-19 12:11:01 -05:00
Thomas Stromberg cb896b9e10
Filter out new false positives 2023-01-13 15:24:18 -05:00
Thomas Strömberg cb0ed647d8
Merge branch 'main' into bugfixesJan13 2023-01-13 13:56:19 -05:00
Thomas Stromberg 1084843ed4
Add header metadata 2023-01-13 13:47:33 -05:00
Thomas Stromberg 7b83467305
new detector: unencrypted GCP service account keys 2023-01-13 11:21:48 -05:00
Thomas Stromberg 546d1367eb
Rename unusually-long-uptime 2022-11-23 07:10:41 -05:00
Thomas Stromberg 39e9aee6eb
Split parent-missing-from-disk, address false positives 2022-11-23 07:10:03 -05:00
Thomas Stromberg 26ee658c4a
Initial re-organization around the MITRE ATT&CK framework 2022-10-11 21:53:36 -04:00