valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-08 02:18:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
88 Commits 2 Branches 109 Tags 25 MiB
9973335e49
Commit Graph

62 Commits

Author SHA1 Message Date
mike@arpaia.co
9973335e49 OS X virtual tables for currently installed applications 2014-08-15 12:58:19 -07:00
mike@arpaia.co
e723306c13 Ran clang-format across the codebase 2014-08-15 12:29:51 -07:00
mike@arpaia.co
f1b0bef782 listFilesInDirectory 2014-08-14 16:27:20 -07:00
mike@arpaia.co
f6e6629d98 fixing include path in osx_version.mm 2014-08-14 11:35:30 -07:00
Mike Arpaia
3161e8cfeb Merge pull request #48 from facebook/firewall 
Virtual table for Apple's application level firewall
 2014-08-14 11:33:53 -07:00
mike@arpaia.co
1a381e0feb Virtual tables for Apple's application level firewall 2014-08-14 11:33:20 -07:00
mike@arpaia.co
2311022e7f moving cocoa backports to core/osx 2014-08-13 23:20:58 -07:00
mike@arpaia.co
826f9d9905 adding an example of what happens when you pt::ptree::get something that doesn't exist 2014-08-13 12:12:24 -07:00
mike@arpaia.co
7d1ce83183 fixing the unit test in filesystem 2014-08-13 11:55:29 -07:00
Mike Arpaia
5f9a24202f Merge pull request #42 from facebook/kexts 
Loaded kernel extensions vtable
 2014-08-13 11:49:48 -07:00
mike@arpaia.co
e2bd07008d [kextstat] osquery virtual table which uses the Core Foundation APIs to 
expose kernel extension information.

For information about memory managament in Core Foudnation, see:
https://developer.apple.com/library/ios/documentation/CoreFoundation/Conceptual/CFMemoryMgmt/Concepts/Ownership.html#//apple_ref/doc/uid/20001148-103029
 2014-08-13 11:48:53 -07:00
Mike Arpaia
702d53af10 Merge pull request #47 from facebook/system_version 
osx_version table which exposes the major, minor and patch version of the operating system
 2014-08-13 11:44:14 -07:00
Mike Arpaia
609f0bbf07 Merge pull request #46 from facebook/plist_parsing 
property list parsing with native C++ data types
 2014-08-13 11:43:27 -07:00
mike@arpaia.co
b65f96d666 osx_version table which exposes the major, minor and patch version of 
the operating system
 2014-08-13 11:02:17 -07:00
mike@arpaia.co
3b85618ae0 property list parsing with native C++ data types 2014-08-13 11:00:28 -07:00
Teddy Reed
1b6ef08611 Silencing various compiler errors for goto statements. 2014-08-13 08:56:39 -07:00
Mike Arpaia
25ecc35a98 Merge pull request #44 from facebook/vtable_nvram 
[vtable_nvram] Added NVRAM variables vtable (name, variable type, value).
 2014-08-12 18:09:31 -07:00
Teddy Reed
83dc09bca3 [vtable_nvram] Various code cleanups 2014-08-12 11:43:38 -07:00
Teddy Reed
1888150596 [vtable_nvram] Added NVRAM variables vtable (name, variable type, value). 2014-08-12 00:02:38 -07:00
mike@arpaia.co
845cb6ef3b more sane formatting by default in the repl 2014-08-11 22:38:51 -07:00
mike@arpaia.co
2862407079 fixing a spacing issue in the repl so that multi-line SQL statements are aligned properly 2014-08-11 21:57:16 -07:00
mike@arpaia.co
e7a65b21c7 readline support in the repl 2014-08-11 21:55:45 -07:00
mike@arpaia.co
2a571d8aae making sure that database objects aren't built before rocksdb is 2014-08-11 18:03:25 -07:00
mike@arpaia.co
7a56756073 moving sqlite to third-party 2014-08-11 17:37:49 -07:00
mike@arpaia.co
9a9ae03506 renaming CMakeLists.txt 2014-08-10 02:07:15 -07:00
mike@arpaia.co
98942a7b3c whitespace inconsistency in base.h 2014-08-07 13:35:49 -07:00
mike@arpaia.co
b0a5c9cfe4 changing forward decl signature in unit test 2014-08-07 13:28:16 -07:00
mike@arpaia.co
968a8a8355 forward declarations in table files 2014-08-07 13:14:06 -07:00
mike@arpaia.co
a72e87805f adding objcxx support to tables 2014-08-06 17:42:35 -07:00
mike@arpaia.co
d32a7a8037 moving the example table to an examples directory 2014-08-06 16:33:54 -07:00
mike@arpaia.co
a453db8a09 merging etc_hosts with master 2014-08-06 16:26:33 -07:00
mike@arpaia.co
7d9dc341ce getting rid of bind1st and relevant headers 2014-08-06 16:24:44 -07:00
mike@arpaia.co
21afc0b75b raw string literals in etc_hosts test content 2014-08-06 16:08:16 -07:00
mike@arpaia.co
4bec86c534 zwass' comment on etc_host table 2014-08-06 15:55:46 -07:00
mike@arpaia.co
b048b699d4 a zwass special, unordered_set::find 2014-08-06 15:24:08 -07:00
mike@arpaia.co
64bf1db2fe more intelligent sizing of data structures 2014-08-06 15:17:51 -07:00
mike@arpaia.co
5a4517cfe6 removing range based for loop for pids and removing memsets for chars 2014-08-06 15:02:14 -07:00
mike@arpaia.co
a5edef6782 string::length instead of strlen 2014-08-06 14:13:37 -07:00
mike@arpaia.co
5863fb2948 unordered set 2014-08-06 14:09:37 -07:00
mike@arpaia.co
9cb52eb1e1 unordered_map and better logic around on_disk 2014-08-06 14:07:19 -07:00
mike@arpaia.co
e6a38a2b71 num_pids lower case and comment on negative pids 2014-08-06 13:58:23 -07:00
mike@arpaia.co
b0863e1af5 reorder of headers 2014-08-05 18:16:27 -07:00
mike@arpaia.co
32808d5830 moving processes table into systems dir 2014-08-05 18:14:32 -07:00
mike@arpaia.co
48c8ebed17 moving networking vtables into their own dir 2014-08-05 18:10:18 -07:00
mike@arpaia.co
ee3d9948ea removing generated code 2014-08-05 17:53:59 -07:00
mike@arpaia.co
14c20204a6 more columns 2014-08-05 17:53:59 -07:00
mike@arpaia.co
8b7282bd60 initial commit of processes table 
Tasks #31 and #14
 2014-08-05 17:53:59 -07:00
mike@arpaia.co
0a83a04b40 removing header 2014-08-05 17:42:25 -07:00
mike@arpaia.co
0e33308803 removing generated code 2014-08-05 17:42:24 -07:00
mike@arpaia.co
346b1f6497 unused headers 2014-08-05 17:42:24 -07:00