RepoMirrors/osquery-defense-kit
1
0
Fork 0
mirror of https://github.com/chainguard-dev/osquery-defense-kit synced 2025-02-09 22:16:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
ad8d95516c
osquery-defense-kit/detection/persistence
History
Thomas Stromberg 7d9aced380
fpr: mtr, vscode, cpptools, cron, firefox
2023-10-25 09:18:04 -04:00
..
fake-apple-launchd.sql Run make reformat, update max rows for incident response 2023-02-02 17:58:19 -05:00
listening-from-unusual-location.sql Add detector for listening from an unusual location 2023-09-26 13:12:51 -04:00
low-fd-socket.sql fpr: Velociraptor, nessus, kandji, java, SteelSeries, etc 2023-07-12 17:38:26 -04:00
minimal-socket-client-linux.sql fpr: docker, fish, Stream Deck, rsync, lima, macOS 2023-09-26 15:14:38 -04:00
minimal-socket-client-macos.sql fpr: Kolide, qemu, bash, monday, macOS 2023-10-24 18:01:36 -04:00
unexpected-active-systemd-units.sql fpr: Monday, Splunk, Gnome, Git, Grammarly, etc 2023-10-02 11:35:11 -04:00
unexpected-chrome-extensions.sql fpr: Kolide, qemu, bash, monday, macOS 2023-10-24 18:01:36 -04:00
unexpected-cron-entries.sql fpr: mtr, vscode, cpptools, cron, firefox 2023-10-25 09:18:04 -04:00
unexpected-device.sql Reduce false positives on Ubuntu + Lima 2023-09-26 13:09:22 -04:00
unexpected-global-lock.sql Fix errors 2023-08-15 18:29:27 -04:00
unexpected-launchd-program-arguments.sql fpr: sourcegraph, nginx, factorio, fan control, emacs, nushell 2023-09-14 17:13:12 -04:00
unexpected-launchd-program-macos.sql fpr: docker, fish, Stream Deck, rsync, lima, macOS 2023-09-26 15:14:38 -04:00
unexpected-listening-port-linux.sql Reduce false positives on Ubuntu + Lima 2023-09-26 13:09:22 -04:00
unexpected-listening-port-macos.sql fpr: Kolide, qemu, bash, monday, macOS 2023-10-24 18:01:36 -04:00
unexpected-lock-opener.sql fpr: Velociraptor, Hyprland, iio 2023-07-12 15:00:36 -04:00
unexpected-small-udev-entry-linux.sql Remove recently common false positives 2023-09-01 17:09:47 -04:00
unexpected-ssh-authorized-keys.sql make reformat 2023-05-08 13:20:47 -04:00
unexpected-systemctl-calls-linux.sql Add many exceptions 2023-08-15 18:13:06 -04:00
unexpected-uid0-daemon-linux.sql fpr: docker, fish, Stream Deck, rsync, lima, macOS 2023-09-26 15:14:38 -04:00
unexpected-uid0-daemon-macos.sql fpr: mtr, vscode, cpptools, cron, firefox 2023-10-25 09:18:04 -04:00
yara-libtomcrypt-process.sql fpr: osquery release spam 2023-10-24 18:32:03 -04:00
yara-suspicious-strings-process-linux.sql fpr: Kolide, qemu, bash, monday, macOS 2023-10-24 18:01:36 -04:00