RepoMirrors/osquery-defense-kit
1
0
Fork 0
mirror of https://github.com/chainguard-dev/osquery-defense-kit synced 2024-12-12 17:14:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
47bb017183
osquery-defense-kit/detection/execution
History
Thomas Stromberg 47bb017183
Add /usr/local/lib/libmimalloc.so to allowed list of LD_PRELOAD
2022-11-10 11:20:58 -05:00
..
exotic-command-events-linux.sql Refactor execdir, remove false positives 2022-11-07 20:36:37 -05:00
exotic-command-events-macos.sql Address false positives: nginx-ingress-controller, dbus, etc 2022-11-10 11:04:48 -05:00
exotic-commands.sql noop: Run 'make reformat' 2022-10-21 17:45:43 -04:00
recently-created-executables-linux.sql Address false positives: nginx-ingress-controller, dbus, etc 2022-11-10 11:04:48 -05:00
recently-created-executables-macos.sql Address false positives: nginx-ingress-controller, dbus, etc 2022-11-10 11:04:48 -05:00
reverse-shell-socket.sql Add support for interval tags 2022-10-14 14:19:13 -04:00
sketchy-fetcher-events.sql Reduce false positives 2022-10-20 08:04:24 -04:00
sketchy-fetcher.sql Make another stab at reducing false positives across the map 2022-11-03 11:51:54 -04:00
tiny-executable-events.sql tiny-executable-events: Add child hash & magic data, filter by regular 2022-11-09 09:14:10 -05:00
tiny-executable.sql Simplify macos-execdir, reduce false positives 2022-11-07 10:03:43 -05:00
unexpected-env-values-linux.sql Add /usr/local/lib/libmimalloc.so to allowed list of LD_PRELOAD 2022-11-10 11:20:58 -05:00
unexpected-env-values-macos.sql Make another stab at reducing false positives across the map 2022-11-03 11:51:54 -04:00
unexpected-execdir-events-linux.sql Add exceptions for terraform, hugo, macOS updates 2022-11-08 14:32:38 -05:00
unexpected-execdir-events-macos.sql Add exceptions for terraform, hugo, macOS updates 2022-11-08 14:32:38 -05:00
unexpected-execdir-linux.sql Add exceptions for terraform, hugo, macOS updates 2022-11-08 14:32:38 -05:00
unexpected-execdir-macos.sql Address false positives: nginx-ingress-controller, dbus, etc 2022-11-10 11:04:48 -05:00
unexpected-executable-permissions.sql jetbrains-toolbox can be owned by anyone 2022-11-04 08:08:43 -04:00
unexpected-gatekeeper-approvals-macos.sql Fix platform name: darwin instead of macos 2022-10-21 17:39:35 -04:00
unexpected-mounts.sql Add support for interval tags 2022-10-14 14:19:13 -04:00
unexpected-osascript-calls.sql Allow more gcloud auth paths 2022-11-04 11:57:47 -04:00
unexpected-raw-socket.sql Add support for interval tags 2022-10-14 14:19:13 -04:00
unexpected-setuid-binaries.sql Add support for interval tags 2022-10-14 14:19:13 -04:00
xprotect-reports.sql Add support for interval tags 2022-10-14 14:19:13 -04:00