RepoMirrors/osquery-defense-kit
1
0
Fork 0
mirror of https://github.com/chainguard-dev/osquery-defense-kit synced 2025-02-03 03:01:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
7073cde5f0
osquery-defense-kit/detection
History
Thomas Stromberg 7073cde5f0
Allow chmod 0777 to match
2023-01-13 13:48:02 -05:00
..
c2 false positives: dots, ipn, apport-gtk, homebrew, hyperkey, contexts 2023-01-09 09:34:20 -05:00
collection Flush out more false positives across the stack 2023-01-06 10:36:48 -05:00
credentials false positives: dots, ipn, apport-gtk, homebrew, hyperkey, contexts 2023-01-09 09:34:20 -05:00
discovery Another false positive flush: Capital One, tailscaled, agetty, snap, ninja, epson printers, etc 2022-12-15 16:51:58 -05:00
evasion false positives: dots, ipn, apport-gtk, homebrew, hyperkey, contexts 2023-01-09 09:34:20 -05:00
execution Allow chmod 0777 to match 2023-01-13 13:48:02 -05:00
exfil Add some hash fields, fix some false positives 2023-01-09 09:04:38 -05:00
impact Resolve latest reported false positives 2022-12-02 11:20:18 -05:00
initial_access Remove Python whitelist, see pymafka 2023-01-13 13:47:19 -05:00
persistence false positives: dots, ipn, apport-gtk, homebrew, hyperkey, contexts 2023-01-09 09:34:20 -05:00
privesc false positives: dots, ipn, apport-gtk, homebrew, hyperkey, contexts 2023-01-09 09:34:20 -05:00