issues
search
chainguard-dev
/
bincapz
detect malicious program behaviors
Apache License 2.0
378
stars
24
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Add Florian Roth's rules
#304
egibs
opened
1 day ago
1
Tweak password_finder_mimipenguin rule
#303
egibs
opened
1 day ago
2
Dynamically set dev_shm_hidden severity for byobu edge case
#302
egibs
opened
1 day ago
0
Resolve eval false-positive for gawk
#301
egibs
opened
1 day ago
0
Resolve datadog-agent kworker false positives
#300
egibs
opened
1 day ago
0
Resolve datadog-agent DDOS false positive
#299
egibs
opened
2 days ago
0
Turn off MALPEDIA_Win_Unidentified_107_Auto rule
#298
egibs
opened
2 days ago
0
Remove remaining false negatives
#297
egibs
opened
2 days ago
0
Update known matching malware hashes
#296
tstromberg
closed
5 days ago
0
Rule hash update
#295
tstromberg
closed
6 days ago
0
Remove false negative hashes from rules
#294
tstromberg
closed
6 days ago
0
Remove Kiteshield false negatives
#293
egibs
closed
6 days ago
1
Remove non-matching checksums from rules
#292
tstromberg
opened
6 days ago
2
probable false: combo/backdoor/py_setuptools & combo/backdoor/remote_eval in google-cloud-sdk-469
#291
tstromberg
opened
1 week ago
0
probable-false: techniques/code_eval in gawk-5.3 ($at_eval)
#290
tstromberg
opened
1 week ago
0
probable false: net/ddos in datadog-agent-oci-compat-7.54 (synflood)
#289
tstromberg
opened
1 week ago
1
probable false: evasion/fake/process/name in datadog-agent-7.54
#288
tstromberg
opened
1 week ago
0
probable false: combo/backdoor/php and evasion/script/obfuscation in composer-2.7
#287
tstromberg
opened
1 week ago
1
probable false: evasion/base64/php_functions in cassandra-reaper-3.6, dotty-3.4
#286
tstromberg
opened
1 week ago
1
ref/path/dev/shm critical for byobu-6.12/usr/bin/vigpg: /dev/shm/.vigpg-XXXXXXXXXXXX
#285
tstromberg
opened
1 week ago
0
probable false: 3P/malpedia/win/unidentified/107 with jlinenative.dll in multiple packages
#284
tstromberg
opened
1 week ago
0
Rename project?
#283
tstromberg
opened
1 week ago
0
Bump github.com/chainguard-dev/clog from 1.3.1 to 1.4.0
#282
dependabot[bot]
closed
1 week ago
0
Bump reviewdog/action-misspell from 1.19.0 to 1.21.0 in the all group
#281
dependabot[bot]
closed
1 week ago
0
Consolidate version update steps
#280
egibs
closed
1 week ago
0
Fix version check in verson.yaml Workflow
#279
egibs
closed
1 week ago
0
Remove rot13_str_replace, lower criticality of base64_str_replace
#278
tstromberg
closed
1 week ago
0
Reduce false-positives in "rename_os" Python rule
#277
tstromberg
closed
1 week ago
0
Reduce CRITICAL Python false positives, particularly setuptools based rules
#276
tstromberg
closed
1 week ago
0
Remove tag verification; add manual verification docs
#275
egibs
closed
1 week ago
0
probable false: combo/backdoor/py_setuptools in katib-earlystopping
#274
tstromberg
closed
1 week ago
0
probable false: combo/stealer/password in coredns
#273
tstromberg
opened
1 week ago
0
Bump version to v0.13.1
#272
tstromberg
closed
1 week ago
0
Update YARAForge to 20240616
#271
tstromberg
closed
1 week ago
0
Split up rule warning/error handling to avoid SEGFAULT
#270
tstromberg
closed
1 week ago
0
Bump actions/checkout from 4.1.6 to 4.1.7 in the all group
#269
dependabot[bot]
closed
1 week ago
0
Bump github.com/google/go-containerregistry from 0.19.1 to 0.19.2 in the all group
#268
dependabot[bot]
closed
1 week ago
0
awesome-yara Rules
#267
egibs
opened
2 weeks ago
0
Add rule for CVE-2024-4577
#266
egibs
closed
2 weeks ago
0
Add --err-first-(hit|miss) flags
#265
tstromberg
closed
2 weeks ago
0
Add more validations to version/release Workflows
#264
egibs
closed
3 weeks ago
0
GitHub Actions are not allowed to create PRs
#263
egibs
closed
1 week ago
1
Add pull-requests: write to version bump Workflow
#262
egibs
closed
3 weeks ago
0
refresh-testdata: fix extension stripping
#261
tstromberg
closed
3 weeks ago
0
Create release instead of Tag; other fixes
#260
egibs
closed
3 weeks ago
0
Bump the all group with 2 updates
#259
dependabot[bot]
closed
3 weeks ago
0
Annotate tag and add message
#258
egibs
closed
3 weeks ago
0
Integrate the best ideas from php-malware-finder
#257
tstromberg
closed
2 weeks ago
0
Release/Tag Workflow followup fixes
#256
egibs
closed
3 weeks ago
0
Integrate bartblaze YARA rules
#255
tstromberg
closed
3 weeks ago
1
Next