RepoMirrors
/
osquery-defense-kit
mirror of https://github.com/chainguard-dev/osquery-defense-kit
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
osquery-defense-kit/detection/initial_access
History
egibs a24c3d2333
Add exceptions for Autodesk, cloud_sql_proxy, .md downloads, TF providers in /tmp/, and more 
Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
 		2024-11-20 13:45:50 -06:00
..
sketchy-download-name.sql False-positives be damned 2024-08-27 18:40:43 -04:00
sketchy-mounted-diskimage.sql fpr: lima, rpm-ostree, gitsign, kde, python, etc 2024-07-01 21:56:28 -04:00
unexpected-diskimage-name-macos.sql fpr: Github Absolute Date, Snagit, Figma, Seagate, aws, etc 2023-01-26 16:30:14 -05:00
unexpected-diskimage-source-macos.sql fpr: mc, colima, webfilterproxyd, headlamp, record it, etc 2024-11-13 16:34:12 -05:00
unexpected-shell-parent-events.sql Merge pull request #388 from tstromberg/net-events 2024-09-24 15:53:07 -04:00
unexpected-shell-parents.sql widen query scope 2024-10-16 09:32:00 -04:00
unexpected-volume-contents.sql fpr: Monday, Splunk, Gnome, Git, Grammarly, etc 2023-10-02 11:35:11 -04:00
unexpected-webmail-downloads.sql Add exceptions for Autodesk, cloud_sql_proxy, .md downloads, TF providers in /tmp/, and more 2024-11-20 13:45:50 -06:00
yara-recently-downloaded-miner.sql run 'make reformat' 2024-08-27 18:45:06 -04:00
yara-recently-downloaded-packed.sql run 'make reformat' 2024-08-27 18:45:06 -04:00
yara-recently-downloaded-ransom.sql run 'make reformat' 2024-08-27 18:45:06 -04:00
yara-recently-downloaded-stealer.sql run 'make reformat' 2024-08-27 18:45:06 -04:00