Thomas Stromberg
|
00398d447b
|
Look for setuid binaries in /usr/libexec too
|
2023-02-17 10:41:28 -05:00 |
Thomas Stromberg
|
42e9f2721b
|
FP removal: plymouth, 1Password, firejail, systemd
|
2023-01-16 13:55:53 -05:00 |
Thomas Stromberg
|
d415b36b57
|
FP removal: Selenium, PolKit helper, gephi, docker-credential-gcloud, firejail, etc
|
2023-01-16 12:56:39 -05:00 |
Thomas Stromberg
|
420d269025
|
Reformat and reduce false positives
|
2023-01-09 15:10:48 -05:00 |
Thomas Stromberg
|
4eb6993272
|
Catch up to some older false positives we ran into
|
2023-01-06 17:11:24 -05:00 |
Thomas Stromberg
|
16f9b2f3ee
|
Remove more false positives: kind, gopls, docker.socket, etc
|
2022-12-15 10:20:16 -05:00 |
Thomas Stromberg
|
d2bdffe89e
|
Add support for interval tags
|
2022-10-14 14:19:13 -04:00 |
Thomas Stromberg
|
20452b128b
|
Migrate query strings from double to single apostrophes
|
2022-10-13 14:59:32 -04:00 |
Thomas Stromberg
|
26ee658c4a
|
Initial re-organization around the MITRE ATT&CK framework
|
2022-10-11 21:53:36 -04:00 |