Commit Graph

9 Commits

Author SHA1 Message Date
Thomas Stromberg 00398d447b
Look for setuid binaries in /usr/libexec too 2023-02-17 10:41:28 -05:00
Thomas Stromberg 42e9f2721b
FP removal: plymouth, 1Password, firejail, systemd 2023-01-16 13:55:53 -05:00
Thomas Stromberg d415b36b57
FP removal: Selenium, PolKit helper, gephi, docker-credential-gcloud, firejail, etc 2023-01-16 12:56:39 -05:00
Thomas Stromberg 420d269025
Reformat and reduce false positives 2023-01-09 15:10:48 -05:00
Thomas Stromberg 4eb6993272
Catch up to some older false positives we ran into 2023-01-06 17:11:24 -05:00
Thomas Stromberg 16f9b2f3ee
Remove more false positives: kind, gopls, docker.socket, etc 2022-12-15 10:20:16 -05:00
Thomas Stromberg d2bdffe89e
Add support for interval tags 2022-10-14 14:19:13 -04:00
Thomas Stromberg 20452b128b
Migrate query strings from double to single apostrophes 2022-10-13 14:59:32 -04:00
Thomas Stromberg 26ee658c4a
Initial re-organization around the MITRE ATT&CK framework 2022-10-11 21:53:36 -04:00