RepoMirrors
/
osquery-defense-kit
mirror of https://github.com/chainguard-dev/osquery-defense-kit
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
osquery-defense-kit/detection
History
Thomas Stromberg 24bdaa243a
New detector: unexpected systemctl calls 		2023-01-19 11:39:52 -05:00
..
c2 False positives: Chrome extensions, Steam games, tmp files, Photoshop 2023-01-18 14:10:33 -05:00
collection False positive reduction: Messenger, Chrome, Final Cut Pro, etc 2023-01-18 09:49:56 -05:00
credentials FP removal: Selenium, PolKit helper, gephi, docker-credential-gcloud, firejail, etc 2023-01-16 12:56:39 -05:00
discovery New detectors: unexpected netutil calls 2023-01-19 11:39:02 -05:00
evasion Refactor unexpected-tmp-executables for magic awareness 2023-01-18 14:41:36 -05:00
execution False positives: Chrome extensions, Steam games, tmp files, Photoshop 2023-01-18 14:10:33 -05:00
exfil FP removal: Selenium, PolKit helper, gephi, docker-credential-gcloud, firejail, etc 2023-01-16 12:56:39 -05:00
impact Filter out new false positives 2023-01-13 15:24:18 -05:00
initial_access False positives: homekit, setxid overflows, buildx, tmp files 2023-01-18 10:57:43 -05:00
persistence New detector: unexpected systemctl calls 2023-01-19 11:39:52 -05:00
privesc False positives: homekit, setxid overflows, buildx, tmp files 2023-01-18 10:57:43 -05:00