issues
search
falcosecurity
/
event-generator
Generate a variety of suspect actions that are detected by Falco rulesets
Apache License 2.0
94
stars
40
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Add an event for default stable rule "Detect Release_agent file container escape"
#193
GLVSKiriti
closed
4 months ago
3
adding event on `exfiltrating artifacts via kubernetes control plane`
#192
h4l0gen
closed
3 months ago
5
adding an event on modify container entrypoint
#191
h4l0gen
closed
6 months ago
3
Added an event for default rule "Launch Package Management Process In Container"
#190
GLVSKiriti
closed
7 months ago
2
Added an event for default rule "Container Drift Detected (open+create)"
#189
GLVSKiriti
closed
7 months ago
5
adding an event on `interpreted procs outbound network activity`
#188
h4l0gen
closed
6 months ago
4
WIP: event on `bpf program not profiled`
#187
h4l0gen
closed
2 months ago
5
event on `Modify container entrypoint`
#186
h4l0gen
closed
6 months ago
1
adding event on `Redirect stdout/stdin to network connection in container`
#185
h4l0gen
opened
8 months ago
4
event on `Redirect STDOUT/STDIN to network connection in container`
#184
h4l0gen
closed
3 months ago
5
adding event on netcat rce in container
#183
h4l0gen
closed
7 months ago
3
Added an event for default rule "Container drift detected using chmod"
#182
GLVSKiriti
closed
7 months ago
3
Add an event for default rule "Container Drift Detcted"
#181
GLVSKiriti
closed
7 months ago
1
adding event on `netcat remote code execution in container`
#180
h4l0gen
closed
7 months ago
1
Add an event for default rule "Unexpected Inbound Connection Source"
#179
GLVSKiriti
closed
3 months ago
5
Add an event for default rule "Launch Package Management Process In Container"
#178
GLVSKiriti
closed
7 months ago
1
adding event on launch remote file copy tool in container
#177
h4l0gen
closed
7 months ago
3
Added an event for default rule "Detect outbound connections to common miner pool ports"
#176
GLVSKiriti
opened
8 months ago
8
adding an event on `launch remote file copy tools in container`
#175
h4l0gen
closed
7 months ago
1
Add an event for default rule "Detect outbound connections to common miner pool ports"
#174
GLVSKiriti
closed
3 months ago
5
Added an event for default rule "Detect crypto miners using the Stratum protocol"
#173
GLVSKiriti
closed
7 months ago
4
Add an event for default rule "Detect crypto miners using the Stratum protocol"
#172
GLVSKiriti
closed
7 months ago
1
Added an event for default rule "Unprivileged Delegation of Page Faults Handling to a Userspace Process"
#171
GLVSKiriti
closed
7 months ago
4
Add an event for default rule "Unprivileged Delegation of Page Faults Handling to a Userspace Process"
#170
GLVSKiriti
closed
7 months ago
1
Added an event for default rule "Kubernetes Client Tool Launched in Container"
#169
GLVSKiriti
closed
7 months ago
3
Add an event on default rule "Kubernetes Client Tool Launched in Container"
#168
GLVSKiriti
closed
7 months ago
1
adding an event on `interpreted procs inbound network activity`
#167
h4l0gen
closed
6 months ago
6
adding event on `unexpected k8s nodeport connection`
#166
h4l0gen
closed
3 months ago
5
Added an event for default rule "Launch Ingress Remote File Copy Tools in Container"
#165
GLVSKiriti
closed
8 months ago
3
Add event for the default rule "Launch Ingress Remote File Copy Tools in Container"
#164
GLVSKiriti
closed
8 months ago
1
Added an event for default rule "Set Setuid or Setgid bit"
#163
GLVSKiriti
closed
7 months ago
5
Add an event for default rule "Set Setuid or Setgid bit"
#162
GLVSKiriti
closed
7 months ago
1
WIP: Added an event for default stable rule "Linux Kernel Module Injection Detected"
#161
GLVSKiriti
opened
8 months ago
5
Add an event for default stable rule "Linux Kernel Module Injection Detected"
#160
GLVSKiriti
closed
3 months ago
5
Implementing Lint CI Check for Consistent Coding Practices
#159
GLVSKiriti
opened
8 months ago
7
adding an event for `contact cloud metadata service from container`
#158
h4l0gen
closed
7 months ago
3
Added an event for default rule "Sudo Potential Privilege Escalation"
#157
GLVSKiriti
closed
5 months ago
7
Added an event for defalult rule "Polkit Local Privilege Escalation Vulnerability (CVE-2021-4034)"
#156
GLVSKiriti
closed
4 months ago
5
adding event on `launch network tool on host`
#155
h4l0gen
closed
8 months ago
3
adding event on triggering this rule contact_ec2_instance_metadata_from_container
#154
h4l0gen
closed
6 months ago
4
event on potential local privillege escalation via env var misuse
#153
h4l0gen
closed
8 months ago
8
event on `Interpreted procs outbound network activity`
#152
h4l0gen
closed
6 months ago
1
event on `Interpreted procs inbound network acitivity`
#151
h4l0gen
closed
6 months ago
1
Add an event on default rule "Sudo Potential Privilege Escalation"
#150
GLVSKiriti
closed
5 months ago
2
Add an event on default rule "Polkit Local Privilege Escalation Vulnerability (CVE-2021-4034)"
#149
GLVSKiriti
closed
4 months ago
3
event on `contact cloud metadata service from container `
#148
h4l0gen
closed
7 months ago
1
event on `contact EC2 isntance metadata service from container `
#147
h4l0gen
closed
6 months ago
1
adding event on `potential local privillege escalation via environmental variables misuse`
#146
h4l0gen
closed
8 months ago
1
Add an event for default rule "Basic Interactive Reconnaissance"
#145
GLVSKiriti
closed
1 week ago
9
adding an event for disallowed_ssh_connection_non_standard_port
#144
h4l0gen
closed
7 months ago
9
Previous
Next