osquery-defense-kit

History

Thomas Strömberg 6182f2957e Merge pull request #295 from tstromberg/process-ext netutil calls: add nscurl		2023-07-12 16:45:49 -04:00
..
c2	fpr: Velociraptor, Hyprland, iio	2023-07-12 15:00:36 -04:00
collection	fpr: Brave, Adobe, Signal, Kandji, SteelSeries, etc	2023-06-30 16:38:31 -04:00
credentials	fpr: terragrunt, mdnsResponder, Spotify, Zoom, etc	2023-06-14 10:58:41 -04:00
discovery	netutil calls: add nscurl	2023-07-12 16:45:09 -04:00
evasion	new detector: unexpected process extension linux	2023-07-12 16:06:05 -04:00
execution	macOS sysutils: add csrutil, ditto, unzip, whoami, system_profiler	2023-07-12 16:44:15 -04:00
exfil	fpr: terragrunt, mdnsResponder, Spotify, Zoom, etc	2023-06-14 10:58:41 -04:00
impact	fpr: Brave, Adobe, Signal, Kandji, SteelSeries, etc	2023-06-30 16:38:31 -04:00
initial_access	fpr: Steam, Presenting, Wavebox, multipass, parallels, cargo, dnf, Kindle, DaveTheDiver	2023-07-03 07:16:14 -04:00
persistence	fpr: Velociraptor, Hyprland, iio	2023-07-12 15:00:36 -04:00
privesc	fpr: Brave, Adobe, Signal, Kandji, SteelSeries, etc	2023-06-30 16:38:31 -04:00