osquery-defense-kit/detection
Thomas Stromberg 349ff58fb2 fpr: xfce4, Google Earth, Ubuntu 2023-06-07 08:58:02 -04:00
..
c2 fpr: multipass, go, macOS, Ubuntu, Opera, git, ko 2023-06-02 19:08:08 -04:00
collection Decrease download limits to begin with 2023-06-02 18:03:44 -04:00
credentials Query tuning after Geacon testing 2023-05-17 10:54:16 -04:00
discovery Query tuning after Geacon testing 2023-05-17 10:54:16 -04:00
evasion fpr: multipass, go, macOS, Ubuntu, Opera, git, ko 2023-06-02 19:08:08 -04:00
execution fpr: multipass, go, macOS, Ubuntu, Opera, git, ko 2023-06-02 19:08:08 -04:00
exfil fpr: FleetDM, Edge, VSCode, dnf, Steam, etc 2023-06-01 11:52:20 -04:00
impact fpr: minikube, tailscale, dex, pacman, virtualbox, steam, lsmod, busybox, etc 2023-01-23 20:33:52 -05:00
initial_access fpr: xfce4, Google Earth, Ubuntu 2023-06-07 08:58:02 -04:00
persistence Add lock exception for pipewire 2023-06-02 19:22:26 -04:00
privesc fpr: multipass, go, macOS, Ubuntu, Opera, git, ko 2023-06-02 19:08:08 -04:00