RepoMirrors/osquery-defense-kit
1
0
Fork 0
mirror of https://github.com/chainguard-dev/osquery-defense-kit synced 2025-02-20 12:06:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
4aeff07118
osquery-defense-kit/detection/initial_access
History
Thomas Stromberg 4aeff07118
More SilverBlue/Elastic allows
2024-05-23 21:22:59 -04:00
..
sketchy-download-name.sql fpr: RSA keys, tcpdump, login, crane, souregraph, etc 2023-09-20 09:30:46 -04:00
sketchy-mounted-diskimage.sql fpr: Docker Desktop, code-oss, incus, etc 2024-02-26 17:26:56 -05:00
unexpected-diskimage-name-macos.sql fpr: Github Absolute Date, Snagit, Figma, Seagate, aws, etc 2023-01-26 16:30:14 -05:00
unexpected-diskimage-source-macos.sql More SilverBlue/Elastic allows 2024-05-23 21:22:59 -04:00
unexpected-shell-parent-events.sql fpr: MHLink, k3d, BlueFin, query tuning 2024-04-26 16:14:02 -04:00
unexpected-shell-parents.sql fpr: Fedora Silverblue, MHLinkServer, new terminals 2024-05-23 17:26:33 -04:00
unexpected-volume-contents.sql fpr: Monday, Splunk, Gnome, Git, Grammarly, etc 2023-10-02 11:35:11 -04:00
unexpected-webmail-downloads.sql massive fpr: Rapid7, Elastic, everything 2024-01-26 14:07:37 -05:00
yara-recently-downloaded-miner.sql fpr: MHLink, k3d, BlueFin, query tuning 2024-04-26 16:14:02 -04:00
yara-recently-downloaded-ransom.sql fpr: MHLink, k3d, BlueFin, query tuning 2024-04-26 16:14:02 -04:00
yara-recently-downloaded-stealer.sql fpr: MHLink, k3d, BlueFin, query tuning 2024-04-26 16:14:02 -04:00