osquery-defense-kit

History

Thomas Stromberg 2bfd736d37 Use p0_cmd instead of p0.cmdline		2023-03-17 06:37:18 -04:00
..
c2	Add missing comma	2023-03-17 06:35:15 -04:00
collection	fpr: Signal, apko, aws, melange, dash, stern	2023-03-16 17:29:11 -04:00
credentials	fpr: Signal, apko, aws, melange, dash, stern	2023-03-16 17:29:11 -04:00
discovery	fpr: aws-sdk, melange, Tailscale, Xprotect, etc	2023-03-03 07:24:42 -05:00
evasion	fpr: Signal, apko, aws, melange, dash, stern	2023-03-16 17:29:11 -04:00
execution	Use p0_cmd instead of p0.cmdline	2023-03-17 06:37:18 -04:00
exfil	fpr: yum, systemd, cloud-sql-proxy, image-automation-controller, helm, bom, aws	2023-03-14 19:00:44 -04:00
impact	fpr: minikube, tailscale, dex, pacman, virtualbox, steam, lsmod, busybox, etc	2023-01-23 20:33:52 -05:00
initial_access	fpr: NetworkManager, packer, rancher desktop, proxmox, sd	2023-03-17 06:32:54 -04:00
persistence	fpr: NetworkManager, packer, rancher desktop, proxmox, sd	2023-03-17 06:32:54 -04:00
privesc	fpr: yum, systemd, cloud-sql-proxy, image-automation-controller, helm, bom, aws	2023-03-14 19:00:44 -04:00