RepoMirrors
/
osquery-defense-kit
mirror of https://github.com/chainguard-dev/osquery-defense-kit
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
osquery-defense-kit/detection/initial_access
History
Thomas Stromberg 0060bb087e
fpr: aws, java, arch, cody, google, wireshark, etc 		2023-10-31 11:40:10 -04:00
..
sketchy-download-name.sql
sketchy-mounted-diskimage.sql fpr: containerd, hyper, Docker, Chromium, spotify, busycal 2023-10-02 16:11:44 -04:00
unexpected-diskimage-name-macos.sql
unexpected-diskimage-source-macos.sql fpr: aws, java, arch, cody, google, wireshark, etc 2023-10-31 11:40:10 -04:00
unexpected-shell-parent-events.sql fpr: Kolide, qemu, bash, monday, macOS 2023-10-24 18:01:36 -04:00
unexpected-shell-parents.sql fpr: aws, java, arch, cody, google, wireshark, etc 2023-10-31 11:40:10 -04:00
unexpected-volume-contents.sql fpr: Monday, Splunk, Gnome, Git, Grammarly, etc 2023-10-02 11:35:11 -04:00
unexpected-webmail-downloads.sql
yara-recently-downloaded-miner.sql YARA rules everywhere! 2023-09-20 17:03:21 -04:00
yara-recently-downloaded-ransom.sql YARA rules everywhere! 2023-09-20 17:03:21 -04:00
yara-recently-downloaded-rust-http-exec.sql YARA rules everywhere! 2023-09-20 17:03:21 -04:00
yara-recently-downloaded-stealer.sql YARA rules everywhere! 2023-09-20 17:03:21 -04:00
yara-recently-downloaded-upx.sql YARA rules everywhere! 2023-09-20 17:03:21 -04:00