valitydev/osquery-1
14
0
Fork 0
mirror of https://github.com/valitydev/osquery-1.git synced 2024-11-07 18:08:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
aaa94770b0
osquery-1/packs
History
divious1 f5645b95b5 detects when a proc is tapping keyboard event (#5345) 
Summary:
added osx-attack query that detects when a proc is tapping keyboard event, see details at:
https://twitter.com/d1vious/status/1083447632188579841
 inspiration:
https://t.co/8SEd2dgP5Y

not sure if a test is needed
Pull Request resolved: https://github.com/facebook/osquery/pull/5345

Differential Revision: D13669678

Pulled By: fmanco

fbshipit-source-id: 57fae7389a4579a817b827e58de94e0aacb581a5
2019-01-15 06:43:32 -08:00
..
hardware-monitoring.conf Remove duplicate mode column in device_nodes query (#4107) 2018-02-07 10:40:17 -08:00
incident-response.conf packs: adding platform tag incident-response pack (#4155) 2018-02-26 21:06:44 -08:00
it-compliance.conf Updated to scope all users by default (#3736) 2017-09-27 20:00:44 -07:00
osquery-monitoring.conf config: Allow scheduled queries to set blacklist=false (#4005) 2017-12-18 08:42:00 -08:00
ossec-rootkit.conf Querypack equivalent of ossec rootkit db (#3377) 2017-06-05 12:28:32 -07:00
osx-attacks.conf detects when a proc is tapping keyboard event (#5345) 2019-01-15 06:43:32 -08:00
unwanted-chrome-extensions.conf packs: Update unwanted-chrome-extensions.conf (#4332) 2018-05-01 16:47:05 -07:00
vuln-management.conf packs: fixing backdoored python pack (#3707) 2017-09-16 11:29:26 -07:00
windows-attacks.conf packs: remove escape - Error parsing the "windows-attacks" pack JSON (#4154) 2018-03-09 08:48:36 -08:00
windows-hardening.conf Fix typos in packs/windows-hardening.conf (#4282) 2018-04-13 11:36:49 -07:00