40 Commits

Author	SHA1	Message	Date
Thomas Stromberg	462fbef639	Mark as extra, as this query is racey	2024-10-24 15:36:21 -04:00
Thomas Stromberg	0b41ec5d07	unexpected fetcher parents: add Cursor Helper	2024-10-24 15:34:04 -04:00
Thomas Stromberg	8d583131ca	fpr: cups, zed, pycharm, msedge, surfshark, ubiquiti	2024-09-24 15:10:21 -04:00
Thomas Stromberg	4d0a9fd533	fpr: sequoia, osquery, cups, atops, transmission, etc	2024-09-23 11:07:53 -04:00
Thomas Stromberg	4b10d10520	False-positives be damned	2024-08-27 18:40:43 -04:00
Thomas Stromberg	5ef3c88213	Overdue False Positive Reduction	2024-03-29 10:12:36 -04:00
Thomas Stromberg	310e51d2a2	fpr: Capture One, Grammarly, Mullvad, etc	2023-12-08 17:12:27 -05:00
Thomas Stromberg	6e1e7f29c2	fpr: dbeaver, AwesomeScreenshot, Hyper, etc	2023-11-02 09:39:41 -04:00
Thomas Stromberg	b39fca4e9f	fpr: RSA keys, tcpdump, login, crane, souregraph, etc	2023-09-20 09:30:46 -04:00
Thomas Stromberg	84125c4bb1	Remove recently common false positives	2023-09-01 17:09:47 -04:00
Thomas Stromberg	921cdc521e	fpr: nvidia drivers, su, agetty, crystalhd, hercules, etc	2023-07-19 15:22:43 -04:00
Thomas Stromberg	a0e4183bf4	fpr: Velociraptor, nessus, kandji, java, SteelSeries, etc	2023-07-12 17:38:26 -04:00
Thomas Stromberg	32328c91f1	fpr: Slack, Gnome, Sigstore, Logitune, etc	2023-06-12 10:10:57 -04:00
Thomas Stromberg	ff2ab95431	Remove file sizes from systemd exception key	2023-06-08 18:26:57 -04:00
Thomas Stromberg	111c15e20b	fpr: macOS, yubikey, Premiere, dnf, vagrant, etc	2023-05-23 11:31:37 -04:00
Thomas Stromberg	785b7c2bde	fpr: LogiTune, EndeavourOS, less	2023-05-08 12:19:19 -04:00
Thomas Stromberg	47124daa01	fpr: RetailMeNot, LogiTune, macOS, mediawriter, etc	2023-05-02 15:25:36 -04:00
Thomas Stromberg	02337c28f0	fpr: cleanup and new additions	2023-04-27 12:00:08 -04:00
Thomas Stromberg	fbab3701c0	fpr: Docker, Zwift, macOS updates, etc	2023-03-20 17:05:02 -04:00
Thomas Stromberg	f25cfe1399	fpr: aws-sdk, melange, Tailscale, Xprotect, etc	2023-03-03 07:24:42 -05:00
Thomas Stromberg	f87541c945	False positive flush, particularly in talkers	2023-02-17 11:57:23 -05:00
Thomas Stromberg	cf858d193d	fpr: ACE, Prusa, steam, pacman, Xcode, Adobe	2023-02-14 20:16:02 -05:00
Thomas Stromberg	d897f0b50d	fpr: Nessus, mysql-shell, ntia-checker, Ecamm, CopyClip, etc	2023-02-14 08:33:05 -05:00
Thomas Stromberg	593991adb8	Purge observed false positives	2023-02-09 17:54:41 -05:00
Thomas Stromberg	72326c3b5c	Massive reduction of false positives across the board	2023-02-08 20:06:26 -05:00
Thomas Stromberg	d302a9ff55	Purge false positives, again and again	2023-02-02 21:46:53 -05:00
Thomas Stromberg	66ee3484c0	Remove unused active fields, add WhatsApp ioreg exception	2023-01-27 08:46:48 -05:00
Thomas Stromberg	d51bd731a1	fpr: Parallels, nerdctl, Xorg, nvidia, Stream, etc	2023-01-26 20:40:47 -05:00
Thomas Stromberg	f5fe9a4aac	Refactor process_events queries for more accurate parenting	2023-01-26 11:40:54 -05:00
Thomas Stromberg	7b79b19090	False positive reduction: Messenger, Chrome, Final Cut Pro, etc	2023-01-18 09:49:56 -05:00
Thomas Stromberg	d415b36b57	FP removal: Selenium, PolKit helper, gephi, docker-credential-gcloud, firejail, etc	2023-01-16 12:56:39 -05:00
Thomas Stromberg	e3401a07c6	Weekend false-positive flush	2023-01-14 08:19:26 -05:00
Thomas Stromberg	1b79359b68	Friday False Positive Flush	2023-01-13 14:10:43 -05:00
Thomas Stromberg	420d269025	Reformat and reduce false positives	2023-01-09 15:10:48 -05:00
Thomas Stromberg	c7e4252af1	Remove false positives, fix some queries that failed to show a parent pid	2023-01-09 10:46:30 -05:00
Thomas Stromberg	4eb6993272	Catch up to some older false positives we ran into	2023-01-06 17:11:24 -05:00
Thomas Stromberg	1aefbe5e91	More false positive removal	2023-01-06 16:01:35 -05:00
Thomas Stromberg	05a39a78d3	Flush out more false positives across the stack	2023-01-06 10:36:48 -05:00
Thomas Stromberg	9843def319	Fix more false positives, particularly in shell/fetcher parents	2023-01-06 10:18:19 -05:00
Thomas Stromberg	9c512c5fd7	new detector: unexpected fetcher parents	2023-01-04 15:48:13 -05:00