osquery-defense-kit

History

egibs 78ec36eca0 Add elastic-endpoint Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>		2024-11-20 14:02:05 -06:00
..
c2	Add exceptions for Autodesk, cloud_sql_proxy, .md downloads, TF providers in /tmp/, and more	2024-11-20 13:45:50 -06:00
collection	fpr: mc, colima, webfilterproxyd, headlamp, record it, etc	2024-11-13 16:34:12 -05:00
credentials	fpr: mumbel, gvproxy, chainlink, telegram, systemd, etc	2024-11-18 16:16:52 -05:00
discovery	fpr: mumbel, gvproxy, chainlink, telegram, systemd, etc	2024-11-18 16:16:52 -05:00
evasion	Add elastic-endpoint	2024-11-20 14:02:05 -06:00
execution	fpr: mark exotic queries as extra, add flatpak/pop-os uid0 procs	2024-11-19 15:49:30 -05:00
exfil	Merge pull request #410 from tstromberg/oct25	2024-10-25 16:38:43 -04:00
impact	Update evenly-timestomped.sql	2024-10-23 10:02:37 -04:00
initial_access	Add exceptions for Autodesk, cloud_sql_proxy, .md downloads, TF providers in /tmp/, and more	2024-11-20 13:45:50 -06:00
persistence	Add exceptions for Autodesk, cloud_sql_proxy, .md downloads, TF providers in /tmp/, and more	2024-11-20 13:45:50 -06:00
privesc	Add exceptions for Autodesk, cloud_sql_proxy, .md downloads, TF providers in /tmp/, and more	2024-11-20 13:45:50 -06:00