├── .gitattributes ├── .github └── workflows │ ├── go.yml │ ├── remove-old.yml │ └── windows.yml ├── .gitignore ├── .golangci.yml ├── .wwhrd.yml ├── CLA.md ├── LICENSE ├── Makefile ├── README.md ├── acls ├── acls.go ├── proto │ ├── acl.pb.go │ └── acl.proto ├── roles.go └── utils.go ├── actions ├── events.go ├── events_test.go ├── foreman.go ├── proto │ ├── transport.pb.go │ ├── transport.proto │ ├── vql.pb.go │ └── vql.proto ├── query_log.go ├── test_data │ ├── client.config.yaml │ └── hello.txt ├── vql.go └── vql_test.go ├── api ├── api.go ├── artifacts.go ├── assets.go ├── auth.go ├── authenticators │ ├── auth.go │ ├── azure.go │ ├── basic.go │ ├── github.go │ ├── google.go │ ├── logging.go │ ├── oidc.go │ └── saml.go ├── builder.go ├── clients.go ├── csrf.go ├── csv.go ├── datastore.go ├── datastore_test.go ├── download.go ├── events.go ├── fixtures │ └── TestDatastore.golden ├── handlers.go ├── health.go ├── hunts.go ├── instrument.go ├── mock │ ├── api_mock.go │ └── gen.go ├── notebooks.go ├── proto │ ├── api.pb.go │ ├── api.pb.gw.go │ ├── api.proto │ ├── api_grpc.pb.go │ ├── artifacts.pb.go │ ├── artifacts.proto │ ├── clients.pb.go │ ├── clients.proto │ ├── completions.pb.go │ ├── completions.proto │ ├── csv.pb.go │ ├── csv.proto │ ├── datastore.pb.go │ ├── datastore.proto │ ├── download.pb.go │ ├── download.proto │ ├── flows.pb.go │ ├── flows.proto │ ├── health.pb.go │ ├── health.proto │ ├── hunts.pb.go │ ├── hunts.proto │ ├── notebooks.pb.go │ ├── notebooks.proto │ ├── objects.pb.go │ ├── objects.proto │ ├── server_state.pb.go │ ├── server_state.proto │ ├── users.pb.go │ ├── users.proto │ ├── vfs_api.pb.go │ └── vfs_api.proto ├── proxy.go ├── query.go ├── reflect.go ├── replication.go ├── reports.go ├── server_monitoring.go ├── tools.go ├── upload.go ├── users.go ├── vfs.go └── vql.go ├── artifacts ├── assets │ ├── .gitignore │ └── docs.go ├── b0x.yaml ├── definitions │ ├── Admin │ │ ├── Client │ │ │ ├── Remove.yaml │ │ │ ├── Uninstall.yaml │ │ │ └── Upgrade.yaml │ │ ├── Events │ │ │ └── PostProcessUploads.yaml │ │ └── System │ │ │ └── CompressUploads.yaml │ ├── Demo │ │ └── Plugins │ │ │ ├── Fifo.yaml │ │ │ └── GUI.yaml │ ├── Elastic │ │ ├── Events │ │ │ └── Clients.yaml │ │ └── Flows │ │ │ └── Upload.yaml │ ├── Generic │ │ ├── Applications │ │ │ └── Office │ │ │ │ └── Keywords.yaml │ │ ├── Client │ │ │ ├── DiskSpace.yaml │ │ │ ├── Info.yaml │ │ │ ├── Profile.yaml │ │ │ ├── Stats.yaml │ │ │ └── VQL.yaml │ │ ├── Collectors │ │ │ └── File.yaml │ │ ├── Detection │ │ │ └── Yara │ │ │ │ └── Glob.yaml │ │ ├── Forensic │ │ │ ├── Carving │ │ │ │ └── URLs.yaml │ │ │ ├── HashLookup.yaml │ │ │ ├── LocalHashes │ │ │ │ ├── Glob.yaml │ │ │ │ ├── Init.yaml │ │ │ │ └── Query.yaml │ │ │ └── Timeline.yaml │ │ ├── System │ │ │ └── Pstree.yaml │ │ └── Utils │ │ │ └── FetchBinary.yaml │ ├── Linux │ │ ├── Applications │ │ │ ├── Chrome │ │ │ │ ├── Extensions.yaml │ │ │ │ └── Extensions │ │ │ │ │ └── Upload.yaml │ │ │ └── Docker │ │ │ │ ├── Info.yaml │ │ │ │ └── Version.yaml │ │ ├── Debian │ │ │ ├── AptSources.yaml │ │ │ └── Packages.yaml │ │ ├── Detection │ │ │ ├── ImuutableFiles.yaml │ │ │ └── Yara │ │ │ │ └── Process.yaml │ │ ├── Events │ │ │ ├── ProcessExecutions.yaml │ │ │ ├── SSHBruteforce.yaml │ │ │ └── SSHLogin.yaml │ │ ├── KapeFiles │ │ │ └── CollectFromDirectory.yaml │ │ ├── Mounts.yaml │ │ ├── Network │ │ │ ├── Netstat.yaml │ │ │ └── PacketCapture.yaml │ │ ├── OSQuery │ │ │ └── Generic.yaml │ │ ├── Proc │ │ │ ├── Arp.yaml │ │ │ └── Modules.yaml │ │ ├── Search │ │ │ └── FileFinder.yaml │ │ ├── Ssh │ │ │ ├── AuthorizedKeys.yaml │ │ │ ├── KnownHosts.yaml │ │ │ └── PrivateKeys.yaml │ │ ├── Sys │ │ │ ├── ACPITables.yaml │ │ │ ├── BashHistory.yaml │ │ │ ├── BashShell.yaml │ │ │ ├── CPUTime.yaml │ │ │ ├── Crontab.yaml │ │ │ ├── LastUserLogin.yaml │ │ │ ├── Maps.yaml │ │ │ ├── Pslist.yaml │ │ │ ├── SUID.yaml │ │ │ └── Users.yaml │ │ ├── Syslog │ │ │ └── SSHLogin.yaml │ │ └── Triage │ │ │ └── ProcessMemory.yaml │ ├── MacOS │ │ ├── Applications │ │ │ ├── Chrome │ │ │ │ └── History.yaml │ │ │ └── MRU.yaml │ │ ├── Detection │ │ │ ├── Autoruns.yaml │ │ │ └── InstallHistory.yaml │ │ ├── Forensics │ │ │ └── AppleDoubleZip.yaml │ │ ├── Network │ │ │ └── PacketCapture.yaml │ │ ├── OSQuery │ │ │ └── Generic.yaml │ │ ├── Search │ │ │ └── FileFinder.yaml │ │ └── System │ │ │ ├── Dock.yaml │ │ │ ├── Plist.yaml │ │ │ ├── QuarantineEvents.yaml │ │ │ ├── TCC.yaml │ │ │ ├── TimeMachine.yaml │ │ │ ├── Users.yaml │ │ │ └── Wifi.yaml │ ├── Network │ │ └── ExternalIpAddress.yaml │ ├── Reporting │ │ ├── Default.yaml │ │ └── Hunts │ │ │ └── Details.yaml │ ├── Server │ │ ├── Alerts │ │ │ ├── PsExec.yaml │ │ │ ├── TheHive │ │ │ │ ├── Alert.yaml │ │ │ │ └── Case.yaml │ │ │ ├── Trackaccount.yaml │ │ │ └── WinPmem.yaml │ │ ├── Enrichment │ │ │ ├── CortexAnalyzer.yaml │ │ │ ├── Elasticsearch,yaml │ │ │ ├── GeoIP.yaml │ │ │ ├── GeoIPISP.yaml │ │ │ ├── GreyNoise.yaml │ │ │ ├── HybridAnalysis.yaml │ │ │ └── Virustotal.yaml │ │ ├── Hunts │ │ │ ├── AddFlow.yaml │ │ │ ├── CancelAndDelete.yaml │ │ │ ├── List.yaml │ │ │ └── Results.yaml │ │ ├── Import │ │ │ └── ArtifactExchange.yaml │ │ ├── Information │ │ │ ├── Clients.yaml │ │ │ └── Users.yaml │ │ ├── Internal │ │ │ ├── ArtifactDescription.yaml │ │ │ ├── ArtifactModification.yaml │ │ │ ├── ClientDelete.yaml │ │ │ ├── ClientPing.yaml │ │ │ ├── ClientTasks.yaml │ │ │ ├── Enrollment.yaml │ │ │ ├── FrontendMetrics.yaml │ │ │ ├── HuntModification.yaml │ │ │ ├── HuntUpdate.yaml │ │ │ ├── Interrogate.yaml │ │ │ ├── Interrogation.yaml │ │ │ ├── Inventory.yaml │ │ │ ├── Label.yaml │ │ │ ├── MasterRegistrations.yaml │ │ │ ├── Notifications.yaml │ │ │ ├── Ping.yaml │ │ │ ├── Pong.yaml │ │ │ └── Welcome.yaml │ │ ├── Monitor │ │ │ ├── Health.yaml │ │ │ ├── Profile.yaml │ │ │ ├── Shell.yaml │ │ │ └── VeloMetrics.yaml │ │ ├── Monitoring │ │ │ ├── ClientCount.yaml │ │ │ └── ScheduleHunt.yaml │ │ ├── Powershell │ │ │ └── EncodedCommand.yaml │ │ ├── Slack │ │ │ └── Clients │ │ │ │ └── Online.yaml │ │ └── Utils │ │ │ ├── AddTimeline.yaml │ │ │ ├── BackupDirectory.yaml │ │ │ ├── BackupGCS.yaml │ │ │ ├── BackupS3.yaml │ │ │ ├── CancelHunt.yaml │ │ │ ├── CreateCollector.yaml │ │ │ ├── DeleteClient.yaml │ │ │ ├── DeleteFavoriteFlow.yaml │ │ │ ├── DeleteFlow.yaml │ │ │ ├── DeleteManyFlows.yaml │ │ │ ├── DeleteMonitoringData.yaml │ │ │ ├── DeleteNotebook.yaml │ │ │ ├── ImportCollection.yaml │ │ │ ├── ReIndex.yaml │ │ │ └── SaveFavoriteFlow.yaml │ ├── Splunk │ │ └── Flows │ │ │ └── Upload.yaml │ ├── System │ │ ├── Flow │ │ │ ├── Archive.yaml │ │ │ └── Completion.yaml │ │ ├── Hunt │ │ │ ├── Archive.yaml │ │ │ ├── Creation.yaml │ │ │ └── Participation.yaml │ │ ├── Upload │ │ │ └── Completion.yaml │ │ └── VFS │ │ │ ├── DownloadFile.yaml │ │ │ └── ListDirectory.yaml │ ├── Triage │ │ └── Collection │ │ │ ├── Upload.yaml │ │ │ └── UploadTable.yaml │ └── Windows │ │ ├── ActiveDirectory │ │ └── BloodHound.yaml │ │ ├── Analysis │ │ ├── EvidenceOfDownload.yaml │ │ └── EvidenceOfExecution.yaml │ │ ├── Application │ │ ├── Firefox │ │ │ └── History.yaml │ │ ├── IISLogs.yaml │ │ └── MegaSync.yaml │ │ ├── Applications │ │ ├── ChocolateyPackages.yaml │ │ ├── Chrome │ │ │ ├── Cookies.yaml │ │ │ ├── Extensions.yaml │ │ │ └── History.yaml │ │ ├── Edge │ │ │ └── History.yaml │ │ ├── NirsoftBrowserViewer.yaml │ │ ├── OfficeMacros.yaml │ │ ├── SBECmd.yaml │ │ └── TeamViewer │ │ │ └── Incoming.yaml │ │ ├── Attack │ │ ├── ParentProcess.yaml │ │ └── Prefetch.yaml │ │ ├── Carving │ │ ├── CobaltStrike.yaml │ │ ├── USN.yaml │ │ └── USNFiles.yaml │ │ ├── Collectors │ │ ├── File.yml │ │ └── VSS.yaml │ │ ├── Detection │ │ ├── Amcache.yaml │ │ ├── BinaryRename.yaml │ │ ├── CryptnetUrlCache.yaml │ │ ├── EnvironmentVariables.yaml │ │ ├── ForwardedImports.yaml │ │ ├── Impersonation.yaml │ │ ├── Mutants.yaml │ │ ├── PsexecService.yaml │ │ ├── PsexecService │ │ │ └── Kill.yaml │ │ ├── Service │ │ │ └── Upload.yaml │ │ ├── TemplateInjection.yaml │ │ ├── Thumbdrives │ │ │ ├── List.yaml │ │ │ ├── OfficeKeywords.yaml │ │ │ └── OfficeMacros.yaml │ │ ├── Usn.yaml │ │ ├── WMIProcessCreation.yaml │ │ └── Yara │ │ │ ├── NTFS.yaml │ │ │ ├── PhysicalMemory.yaml │ │ │ └── Process.yaml │ │ ├── ETW │ │ ├── DNS.yaml │ │ ├── DNSQueriesServer.yaml │ │ ├── ETWSessions.yaml │ │ ├── EdgeURLs.yaml │ │ ├── ViewSessions.yaml │ │ └── WMIProcessCreate.yaml │ │ ├── EventLogs │ │ ├── AlternateLogon.yaml │ │ ├── Cleared.yaml │ │ ├── DHCP.yaml │ │ ├── Evtx.yaml │ │ ├── EvtxHunter.yaml │ │ ├── ExplicitLogon.yaml │ │ ├── Kerbroasting.yaml │ │ ├── Modifications.yaml │ │ ├── PowershellModule.yaml │ │ ├── PowershellScriptblock.yaml │ │ ├── RDPAuth.yaml │ │ ├── ScheduledTasks.yaml │ │ ├── ServiceCreationComspec.yaml │ │ ├── Symantec.yaml │ │ └── Telerik.yaml │ │ ├── Events │ │ ├── DNSQueries.yaml │ │ ├── FailedLogBeforeSuccess.yaml │ │ ├── Kerbroasting.yaml │ │ ├── ProcessCreation.yaml │ │ ├── ServiceCreation.yaml │ │ └── Trackaccount.yaml │ │ ├── Forensics │ │ ├── Bam.yaml │ │ ├── BulkExtractor.yaml │ │ ├── CertUtil.yaml │ │ ├── FilenameSearch.yaml │ │ ├── Lnk.yaml │ │ ├── LocalHashes │ │ │ └── Usn.yaml │ │ ├── Prefetch.yaml │ │ ├── ProcessInfo.yaml │ │ ├── RecentApps.yaml │ │ ├── RecycleBin.yaml │ │ ├── SAM.yaml │ │ ├── SRUM.yaml │ │ ├── Shellbags.yaml │ │ ├── SolarwindsSunburst.yaml │ │ ├── Timeline.yaml │ │ ├── UserAccessLogs.yaml │ │ └── Usn.yaml │ │ ├── KapeFiles │ │ ├── Extract.yaml │ │ └── Targets.yaml │ │ ├── Memory │ │ ├── Acquisition.yaml │ │ └── Intezer.yaml │ │ ├── NTFS │ │ ├── I30.yaml │ │ ├── MFT.yaml │ │ └── Recover.yaml │ │ ├── Network │ │ ├── ArpCache.yaml │ │ ├── InterfaceAddresses.yaml │ │ ├── ListeningPorts.yaml │ │ ├── Netstat.yaml │ │ ├── NetstatEnriched.yaml │ │ └── PacketCapture.yaml │ │ ├── OSQuery │ │ └── Generic.yaml │ │ ├── Packs │ │ ├── LateralMovement.yaml │ │ └── Persistence.yaml │ │ ├── Persistence │ │ ├── Debug.yaml │ │ ├── PermanentWMIEvents.yaml │ │ ├── PowershellRegistry.yaml │ │ └── Wow64cpu.yaml │ │ ├── Registry │ │ ├── AppCompatCache.yaml │ │ ├── EnableUnsafeClientMailRules.yaml │ │ ├── EnabledMacro.yaml │ │ ├── MountPoints2.yaml │ │ ├── NTUser.yaml │ │ ├── NTUser │ │ │ └── Upload.yaml │ │ ├── PortProxy.yaml │ │ ├── RecentDocs.yaml │ │ ├── Sysinternals │ │ │ └── Eulacheck.yaml │ │ ├── UserAssist.yaml │ │ └── WDigest.yaml │ │ ├── Remediation │ │ ├── Quarantine.yaml │ │ ├── QuarantineMonitor.yaml │ │ ├── ScheduledTasks.yaml │ │ └── Sinkhole.yaml │ │ ├── Search │ │ ├── FileFinder.yaml │ │ ├── VSS.yaml │ │ └── Yara.yaml │ │ ├── Sys │ │ ├── AppcompatShims.yaml │ │ ├── CertificateAuthorities.yaml │ │ ├── DiskInfo.yaml │ │ ├── Drivers.yaml │ │ ├── FirewallRules.yaml │ │ ├── Interfaces.yaml │ │ ├── PhysicalMemoryRanges.yaml │ │ ├── Programs.yaml │ │ ├── StartupItems.yaml │ │ └── Users.yaml │ │ ├── Sysinternals │ │ ├── Autoruns.yaml │ │ ├── SysmonInstall.yaml │ │ └── SysmonLogForward.yaml │ │ ├── System │ │ ├── Amcache.yaml │ │ ├── AuditPolicy.yaml │ │ ├── CatFiles.yaml │ │ ├── CmdShell.yaml │ │ ├── CriticalServices.yaml │ │ ├── DLLs.yaml │ │ ├── DNSCache.yaml │ │ ├── Handles.yaml │ │ ├── HostsFile.yaml │ │ ├── LocalAdmins.yaml │ │ ├── PowerShell.yaml │ │ ├── Powershell │ │ │ ├── ModuleAnalysisCache.yaml │ │ │ └── PSReadline.yaml │ │ ├── Pslist.yaml │ │ ├── RootCAStore.yaml │ │ ├── SVCHost.yaml │ │ ├── Services.yaml │ │ ├── Signers.yaml │ │ ├── TaskScheduler.yaml │ │ ├── UntrustedBinaries.yaml │ │ ├── VAD.yaml │ │ └── VBScript.yaml │ │ ├── Timeline │ │ ├── MFT.yaml │ │ ├── Prefetch.yaml │ │ └── Registry │ │ │ └── RunMRU.yaml │ │ └── Triage │ │ ├── ProcessMemory.yaml │ │ └── SDS.yaml ├── obfuscation.go ├── proto │ ├── artifact.pb.go │ └── artifact.proto ├── testdata │ ├── files │ │ ├── 1.lnk │ │ ├── 3DBuilder.ResourceResolver.exe │ │ ├── Amcache.hve │ │ ├── CSDump.bin │ │ ├── CSShellcode.bin │ │ ├── Collection-DESKTOP-BTI2T9T-2021-10-25T19_30_52-07_00.zip │ │ ├── Connection_incoming.txt │ │ ├── EID4103_PowershellModule.evtx │ │ ├── EID4104_PowershellScriptblock.evtx │ │ ├── EID4769_Kerbroasting.evtx │ │ ├── ModuleAnalysisCache │ │ ├── RDPAuth_LocalSessionManager.evtx │ │ ├── RDPAuth_RemoteConnectionManager.evtx │ │ ├── RDPAuth_Security.evtx │ │ ├── RDPAuth_System.evtx │ │ ├── SAM │ │ ├── SecurityTasks.evtx │ │ ├── Security_1_record.evtx │ │ ├── TaskScheduler.evtx │ │ ├── UsrClass.dat │ │ ├── access.log │ │ ├── csv │ │ │ ├── autoruns.csv │ │ │ ├── bad.csv │ │ │ ├── exchange.log │ │ │ └── iis.log │ │ ├── goodbye.bz2 │ │ ├── hello.zip │ │ ├── hi.gz │ │ ├── history.sqlite │ │ ├── hosts │ │ ├── keys │ │ │ ├── EncryptedRSAKeyPair.pem │ │ │ ├── UnencryptedED25519KeyPair.pem │ │ │ ├── UnencryptedRSAKeyPair.pem │ │ │ ├── encrypted.key.pem │ │ │ ├── pkcs8_encryped.pem │ │ │ ├── pkcs8_unencryped.pem │ │ │ └── unencrypted.key.pem │ │ ├── lines.txt │ │ ├── logo.zip │ │ ├── malware.xlsm │ │ ├── nested.zip │ │ ├── notnbt.exe │ │ ├── ntexe.cat │ │ ├── ntuser.dat │ │ ├── password.txt.lnk │ │ ├── root_store_reg.bin │ │ ├── test.docx │ │ ├── test.odt │ │ ├── test.zip │ │ ├── vagrant.plist │ │ ├── winpmem_x64.sys │ │ ├── wkscli.dll │ │ ├── yara_test.txt │ │ └── {03A01CC5-91BB-4936-B685-63697785D39E}.mdb │ ├── manual │ │ ├── Custom.Test.Artifact.Deps.yaml │ │ ├── Custom.Test.Artifact.Types.yaml │ │ └── README │ ├── server │ │ ├── .gitignore │ │ ├── README.txt │ │ ├── client_idx │ │ │ ├── all │ │ │ │ └── c.4 │ │ │ │ │ └── f5e │ │ │ │ │ └── 52a │ │ │ │ │ └── df0 │ │ │ │ │ └── a33 │ │ │ │ │ └── 7a9 │ │ │ │ │ └── C.4f5e52adf0a337a9.db │ │ │ ├── des │ │ │ │ └── kto │ │ │ │ │ └── p-6 │ │ │ │ │ └── cbj │ │ │ │ │ └── 8mj │ │ │ │ │ └── c.4 │ │ │ │ │ └── f5e │ │ │ │ │ └── 52a │ │ │ │ │ └── df0 │ │ │ │ │ └── a33 │ │ │ │ │ └── 7a9 │ │ │ │ │ └── C.4f5e52adf0a337a9.db │ │ │ └── hos │ │ │ │ └── t%3Ad │ │ │ │ └── esk │ │ │ │ └── top │ │ │ │ └── -6c │ │ │ │ └── bj8 │ │ │ │ └── mjc │ │ │ │ └── %2E4f │ │ │ │ └── 5e5 │ │ │ │ └── 2ad │ │ │ │ └── f0a │ │ │ │ └── 337 │ │ │ │ └── a9 │ │ │ │ └── C.4f5e52adf0a337a9.db │ │ ├── clients │ │ │ ├── .gitignore │ │ │ ├── C.4f5e52adf0a337a9.db │ │ │ └── C.4f5e52adf0a337a9 │ │ │ │ ├── artifacts │ │ │ │ ├── Windows.Applications.ChocolateyPackages │ │ │ │ │ ├── F.BN2HP3OSS3LK6.csv │ │ │ │ │ └── F.BN2HP3OSS3LK6.json │ │ │ │ └── Windows.Network.NetstatEnriched │ │ │ │ │ └── F.BSJMEJIPT6P9I │ │ │ │ │ └── Netstat.json │ │ │ │ ├── collections │ │ │ │ ├── F.BN21C7HOQ10VQ.db │ │ │ │ ├── F.BN21C7HOQ10VQ │ │ │ │ │ ├── logs │ │ │ │ │ └── task.db │ │ │ │ ├── F.BN2HJBD1R85EA.db │ │ │ │ ├── F.BN2HJBD1R85EA │ │ │ │ │ ├── logs │ │ │ │ │ └── task.db │ │ │ │ ├── F.BN2HJCPOF5U7U.db │ │ │ │ ├── F.BN2HJCPOF5U7U │ │ │ │ │ ├── logs │ │ │ │ │ ├── task.db │ │ │ │ │ ├── uploads.json │ │ │ │ │ └── uploads │ │ │ │ │ │ └── file │ │ │ │ │ │ └── C%3A │ │ │ │ │ │ └── 1.zip │ │ │ │ ├── F.BN2HP3OSS3LK6.db │ │ │ │ ├── F.BN2HP3OSS3LK6 │ │ │ │ │ ├── logs │ │ │ │ │ └── task.db │ │ │ │ ├── F.BSJMEJIPT6P9I.db │ │ │ │ ├── F.BSJMEJIPT6P9I │ │ │ │ │ ├── logs │ │ │ │ │ └── task.db │ │ │ │ ├── F.Monitoring.db │ │ │ │ └── F.Monitoring │ │ │ │ │ └── logs │ │ │ │ ├── key.db │ │ │ │ ├── monitoring │ │ │ │ └── Windows.Events.ProcessCreation │ │ │ │ │ ├── 2019-10-25.json │ │ │ │ │ └── 2019-10-25.json.tidx │ │ │ │ ├── ping.json.db │ │ │ │ ├── vfs │ │ │ │ ├── file.db │ │ │ │ ├── file │ │ │ │ │ └── C%3A.db │ │ │ │ ├── ntfs.db │ │ │ │ └── ntfs │ │ │ │ │ └── C%3A.db │ │ │ │ └── vfs_files │ │ │ │ └── file │ │ │ │ └── C%3A │ │ │ │ └── 1.zip.db │ │ ├── downloads │ │ │ └── .gitignore │ │ ├── hunt_index │ │ │ └── h.49ba8939 │ │ │ │ └── C.4f5e52adf0a337a9.db │ │ ├── hunts │ │ │ ├── H.19c0c0a2.db │ │ │ ├── H.19c0c0a2 │ │ │ │ ├── notebook │ │ │ │ │ └── N.H.19c0c0a2 │ │ │ │ │ │ └── NC.BUURUOMSSMJ5I │ │ │ │ │ │ ├── query_1.json │ │ │ │ │ │ └── query_1.json.index │ │ │ │ └── stats.db │ │ │ ├── H.49ba8939.db │ │ │ ├── H.49ba8939.json │ │ │ └── H.49ba8939 │ │ │ │ └── stats.db │ │ ├── server_artifacts │ │ │ └── Server.Monitor.Health │ │ │ │ └── Prometheus │ │ │ │ ├── 2020-11-08.json │ │ │ │ └── 2020-11-08.json.index │ │ ├── testcases │ │ │ ├── accessors.in.yaml │ │ │ ├── accessors.out.yaml │ │ │ ├── amcache.in.yaml │ │ │ ├── amcache.out.yaml │ │ │ ├── application.in.yaml │ │ │ ├── application.out.yaml │ │ │ ├── artifacts.in.yaml │ │ │ ├── artifacts.out.yaml │ │ │ ├── atexit.in.yaml │ │ │ ├── atexit.out.yaml │ │ │ ├── binary_blobs.in.yaml │ │ │ ├── binary_blobs.out.yaml │ │ │ ├── binary_parsers.in.yaml │ │ │ ├── binary_parsers.out.yaml │ │ │ ├── clients.in.yaml │ │ │ ├── clients.out.yaml │ │ │ ├── cobalt.in.yaml │ │ │ ├── cobalt.out.yaml │ │ │ ├── common.in.yaml │ │ │ ├── common.out.yaml │ │ │ ├── crypto.in.yaml │ │ │ ├── crypto.out.yaml │ │ │ ├── csv.in.yaml │ │ │ ├── csv.out.yaml │ │ │ ├── doc.in.yaml │ │ │ ├── doc.out.yaml │ │ │ ├── downloads.in.yaml │ │ │ ├── downloads.out.yaml │ │ │ ├── file_finder.in.yaml │ │ │ ├── file_finder.out.yaml │ │ │ ├── filestore.in.yaml │ │ │ ├── filestore.out.yaml │ │ │ ├── functions.in.yaml │ │ │ ├── functions.out.yaml │ │ │ ├── generator.in.yaml │ │ │ ├── generator.out.yaml │ │ │ ├── grok.in.yaml │ │ │ ├── grok.out.yaml │ │ │ ├── hostsfile.in.yaml │ │ │ ├── hostsfile.out.yaml │ │ │ ├── hunts.in.yaml │ │ │ ├── hunts.out.yaml │ │ │ ├── import_collection.in.yaml │ │ │ ├── import_collection.out.yaml │ │ │ ├── json.in.yaml │ │ │ ├── json.out.yaml │ │ │ ├── labels.in.yaml │ │ │ ├── labels.out.yaml │ │ │ ├── magic.in.yaml │ │ │ ├── magic.out.yaml │ │ │ ├── mft.in.yaml │ │ │ ├── mft.out.yaml │ │ │ ├── mock.in.yaml │ │ │ ├── mock.out.yaml │ │ │ ├── mru.in.yaml │ │ │ ├── mru.out.yaml │ │ │ ├── ole.in.yaml │ │ │ ├── ole.out.yaml │ │ │ ├── paths.in.yaml │ │ │ ├── paths.out.yaml │ │ │ ├── pe.in.yaml │ │ │ ├── pe.out.yaml │ │ │ ├── pipe.in.yaml │ │ │ ├── pipe.out.yaml │ │ │ ├── plist.in.yaml │ │ │ ├── plist.out.yaml │ │ │ ├── profile.in.yaml │ │ │ ├── profile.out.yaml │ │ │ ├── raw_registry.in.yaml │ │ │ ├── raw_registry.out.yaml │ │ │ ├── remediation.in.yaml │ │ │ ├── remediation.out.yaml │ │ │ ├── results.in.yaml │ │ │ ├── results.out.yaml │ │ │ ├── sequence.in.yaml │ │ │ ├── sequence.out.yaml │ │ │ ├── sparse.in.yaml │ │ │ ├── sparse.out.yaml │ │ │ ├── sqlite.in.yaml │ │ │ ├── sqlite.out.yaml │ │ │ ├── ssh.in.yaml │ │ │ ├── ssh.out.yaml │ │ │ ├── time.in.yaml │ │ │ ├── time.out.yaml │ │ │ ├── timeline.in.yaml │ │ │ ├── timeline.out.yaml │ │ │ ├── tools.in.yaml │ │ │ ├── tools.out.yaml │ │ │ ├── ual.in.yaml │ │ │ ├── ual.out.yaml │ │ │ ├── users.in.yaml │ │ │ ├── users.out.yaml │ │ │ ├── vfs.in.yaml │ │ │ ├── vfs.out.yaml │ │ │ ├── yara.in.yaml │ │ │ ├── yara.out.yaml │ │ │ ├── yara_detection.in.yaml │ │ │ ├── yara_detection.out.yaml │ │ │ ├── zip.in.yaml │ │ │ └── zip.out.yaml │ │ └── users │ │ │ └── mic.db │ └── windows │ │ ├── artifact_collector.in.yaml │ │ ├── artifact_collector.out.yaml │ │ ├── authenticode.in.yaml │ │ ├── authenticode.out.yaml │ │ ├── autoexec.in.yaml │ │ ├── autoexec.out.yaml │ │ ├── evtx.in.yaml │ │ ├── evtx.out.yaml │ │ ├── file.in.yaml │ │ ├── file.out.yaml │ │ ├── filesystem.in.yaml │ │ ├── filesystem.out.yaml │ │ ├── github_actions.config.yaml │ │ ├── init.reg │ │ ├── localhashes.in.yaml │ │ ├── localhashes.out.yaml │ │ ├── ntfs.in.yaml │ │ ├── ntfs.out.yaml │ │ ├── processes.in.yaml │ │ ├── processes.out.yaml │ │ ├── registry.in.yaml │ │ ├── registry.out.yaml │ │ ├── shell.in.yaml │ │ ├── shell.out.yaml │ │ ├── startup.in.yaml │ │ ├── startup.out.yaml │ │ ├── test.config.yaml │ │ ├── token.in.yaml │ │ ├── token.out.yaml │ │ ├── users.in.yaml │ │ ├── users.out.yaml │ │ ├── vss.in.yaml │ │ ├── vss.out.yaml │ │ ├── wmi.in.yaml │ │ └── wmi.out.yaml └── utils.go ├── bin ├── admin_generic.go ├── admin_windows.go ├── artifacts.go ├── banner.go ├── binary_test.go ├── browser.go ├── client.go ├── collector_test.go ├── config.go ├── config_frontend.go ├── config_interactive.go ├── config_merge.go ├── csv.go ├── debian.go ├── debug.go ├── fixtures │ └── Serialization.golden ├── flags.go ├── frontend.go ├── fs.go ├── golden.go ├── grant.go ├── gui.go ├── index.go ├── installer_darwin.go ├── installer_windows.go ├── logging.go ├── main.go ├── marshal.go ├── marshal_test.go ├── metrics.go ├── minions.go ├── mutant_windows.go ├── panic.go ├── pool.go ├── prompt.go ├── proxy.go ├── query.go ├── repack.go ├── rpm.go ├── server_service_windows.go ├── tools.go ├── unzip.go ├── users.go ├── utils.go ├── vacuum.go ├── version.go └── vql.go ├── config ├── b0x.yaml ├── config.go ├── default.yaml ├── doc.go ├── loader.go ├── migration.go ├── proto │ ├── config.pb.go │ └── config.proto └── validate.go ├── constants └── constants.go ├── crypto ├── b0x.yaml ├── ca-certificates.crt ├── ca.go ├── client │ ├── cipher.go │ ├── client.go │ ├── docs.go │ ├── lru.go │ ├── lru_test.go │ ├── manager.go │ └── resolver.go ├── crypto_test.go ├── doc.go ├── messages.go ├── proto │ ├── jobs.pb.go │ └── jobs.proto ├── root.go ├── server │ ├── docs.go │ └── manager.go ├── simple.go ├── simple_test.go ├── testing │ └── testing_utils.go ├── transport.go └── utils │ └── utils.go ├── datastore ├── datastore.go ├── datastore_test.go ├── filebased.go ├── filebased_benchmark_test.go ├── filebased_test.go ├── fixtures │ └── TestDirectoryOverflow.golden ├── instrument.go ├── memcache.go ├── memcache_data.go ├── memcache_file.go ├── memcache_file_test.go ├── memcache_stats.go ├── memcache_test.go ├── paths.go ├── readonly.go ├── remote.go ├── test_data │ └── mysql.config.yaml └── utils.go ├── debian ├── changelog ├── compat ├── control ├── copyright ├── rules ├── velociraptor.config.yaml ├── velociraptor.init ├── velociraptor.install ├── velociraptor.nanny ├── velociraptor.postinst ├── velociraptor.preinst ├── velociraptor.service ├── velociraptor.substvars └── velociraptor.upstart ├── docs.go ├── docs ├── monitoring │ ├── README.md │ ├── graphana.json │ └── prometheus.yaml ├── references │ └── vql.yaml ├── rsrc_386.syso ├── rsrc_amd64.syso ├── saml │ └── README.md └── wix │ ├── README.md │ ├── buid_x86.bat │ ├── build.bat │ ├── build_custom.bat │ ├── build_x86_custom.bat │ ├── custom.xml │ ├── custom_x86.xml │ └── velociraptor.xml ├── executor ├── doc.go ├── executor.go ├── executor_test.go ├── nanny.go ├── pool.go ├── services.go ├── tempfile.go └── testutils.go ├── file_store ├── accessors │ ├── accessor.go │ └── fs.go ├── api │ ├── adapter.go │ ├── extensions.go │ ├── file_store.go │ ├── instrument.go │ ├── paths.go │ ├── queues.go │ ├── uploader.go │ ├── utils.go │ └── walk.go ├── csv │ ├── doc.go │ ├── reader.go │ ├── reader_test.go │ ├── utils.go │ ├── writer.go │ └── writer_test.go ├── directory │ ├── buffer.go │ ├── csv.go │ ├── directory.go │ ├── directory_test.go │ ├── json.go │ ├── listener.go │ ├── listener_test.go │ ├── queue.go │ ├── queue_test.go │ └── result_sets.go ├── file_store.go ├── memcache │ ├── memcache.go │ └── memcache_test.go ├── memory │ ├── memory.go │ ├── memory_test.go │ ├── queue.go │ └── queue_test.go ├── path_specs │ ├── fs_path_spec.go │ ├── path_specs.go │ └── utils.go ├── queue.go ├── test_utils │ ├── query.go │ ├── server_config.go │ ├── testing.go │ └── testsuite.go └── tests │ └── testsuite.go ├── flows ├── api.go ├── artifacts.go ├── artifacts_test.go ├── docs.go ├── events.go ├── fixtures │ └── compileFileFinderArgs.golden ├── housekeeping.go ├── hunts.go ├── hunts_test.go ├── limits.go ├── monitoring.go ├── proto │ ├── artifact_collector.pb.go │ ├── artifact_collector.proto │ ├── vfs.pb.go │ └── vfs.proto └── utils.go ├── glob ├── accessor_common.go ├── accessor_darwin.go ├── accessor_freebsd.go ├── accessor_linux.go ├── accessor_linux_test.go ├── common.go ├── data.go ├── factory.go ├── fixtures │ └── TestGlobWithContext.golden ├── glob.go ├── glob_test.go ├── json.go └── pathspec.go ├── go.mod ├── go.sum ├── grpc_client └── grpc.go ├── gui ├── assets │ ├── .gitignore │ └── init.go ├── b0x.yaml └── velociraptor │ ├── .env │ ├── .env.production │ ├── .gitattributes │ ├── .gitignore │ ├── Makefile │ ├── README.md │ ├── ab0x_nogui.go │ ├── assets │ └── velo.svg │ ├── b0x.yaml │ ├── build │ └── static │ │ └── .keep │ ├── docs.go │ ├── package-lock.json │ ├── package.json │ ├── public │ ├── favicon.ico │ ├── index.html │ ├── manifest.json │ └── robots.txt │ ├── src │ ├── App.css │ ├── App.js │ ├── App.test.js │ ├── _variables.css │ ├── components │ │ ├── artifacts │ │ │ ├── artifacts-link.js │ │ │ ├── artifacts-upload.js │ │ │ ├── artifacts.css │ │ │ ├── artifacts.js │ │ │ ├── line-charts.css │ │ │ ├── line-charts.js │ │ │ ├── new-artifact.js │ │ │ ├── reporting.css │ │ │ ├── reporting.js │ │ │ └── syntax.js │ │ ├── bootstrap │ │ │ └── pagination │ │ │ │ ├── PageItem.js │ │ │ │ ├── index.js │ │ │ │ ├── readme.md │ │ │ │ └── utils │ │ │ │ ├── getPagination.js │ │ │ │ └── getStyles.js │ │ ├── clients │ │ │ ├── client-link.css │ │ │ ├── client-link.js │ │ │ ├── client-status.css │ │ │ ├── client-status.js │ │ │ ├── client-summary.css │ │ │ ├── client-summary.js │ │ │ ├── client_info.js │ │ │ ├── clients-list.css │ │ │ ├── clients-list.js │ │ │ ├── host-info.css │ │ │ ├── host-info.js │ │ │ ├── img │ │ │ │ ├── any.png │ │ │ │ ├── offline.png │ │ │ │ ├── online-1d.png │ │ │ │ └── online.png │ │ │ ├── label-form.js │ │ │ ├── search.css │ │ │ ├── search.js │ │ │ ├── shell-viewer.css │ │ │ └── shell-viewer.js │ │ ├── core │ │ │ ├── ace-config.js │ │ │ ├── ace.css │ │ │ ├── ace.js │ │ │ ├── api-service.js │ │ │ ├── keyboard-help.css │ │ │ ├── keyboard-help.js │ │ │ ├── mode-markdown.js │ │ │ ├── mode-regex.js │ │ │ ├── mode-vql.js │ │ │ ├── mode-yaml.js │ │ │ ├── mode-yara.js │ │ │ ├── notimplemented.js │ │ │ ├── paged-table.js │ │ │ ├── snackbar.css │ │ │ ├── snackbar.js │ │ │ ├── table.css │ │ │ ├── table.js │ │ │ └── user.js │ │ ├── events │ │ │ ├── event-table.js │ │ │ ├── event-timeline.css │ │ │ ├── events.css │ │ │ ├── events.js │ │ │ ├── timeline-viewer.js │ │ │ └── utils.js │ │ ├── flows │ │ │ ├── client-flows-view.js │ │ │ ├── flow-full-notebook.js │ │ │ ├── flow-link.js │ │ │ ├── flow-logs.js │ │ │ ├── flow-notebook.js │ │ │ ├── flow-overview.js │ │ │ ├── flow-requests.js │ │ │ ├── flow-results.js │ │ │ ├── flow-uploads.js │ │ │ ├── flows-add-to-hunt.js │ │ │ ├── flows-inspector.js │ │ │ ├── flows-list.js │ │ │ ├── flows.css │ │ │ ├── new-collection.css │ │ │ ├── new-collection.js │ │ │ ├── offline-collector.js │ │ │ ├── server-flows-view.js │ │ │ └── utils.js │ │ ├── forms │ │ │ ├── form.js │ │ │ ├── regex.css │ │ │ ├── regex.js │ │ │ ├── upload.js │ │ │ ├── validated.css │ │ │ ├── validated_int.js │ │ │ └── yara.js │ │ ├── hunts │ │ │ ├── estimate.css │ │ │ ├── estimate.js │ │ │ ├── hunt-clients.js │ │ │ ├── hunt-full-notebook.js │ │ │ ├── hunt-inspector.js │ │ │ ├── hunt-list.js │ │ │ ├── hunt-notebook.js │ │ │ ├── hunt-overview.js │ │ │ ├── hunt-request.js │ │ │ ├── hunt.css │ │ │ ├── hunts.js │ │ │ └── new-hunt.js │ │ ├── notebooks │ │ │ ├── add-cell-from-flow.js │ │ │ ├── create-artifact-from-cell.js │ │ │ ├── export-notebook.js │ │ │ ├── full_notebook.js │ │ │ ├── notebook-cell-renderer.css │ │ │ ├── notebook-cell-renderer.js │ │ │ ├── notebook-chart-renderer.js │ │ │ ├── notebook-delete.js │ │ │ ├── notebook-renderer.js │ │ │ ├── notebook-report-renderer.js │ │ │ ├── notebook-table-renderer.js │ │ │ ├── notebook.js │ │ │ ├── notebooks-list.css │ │ │ ├── notebooks-list.js │ │ │ ├── timelines.css │ │ │ └── timelines.js │ │ ├── server │ │ │ └── server-info.js │ │ ├── sidebar │ │ │ ├── hotkeys.js │ │ │ ├── navigator.css │ │ │ ├── navigator.js │ │ │ ├── user-dashboard.css │ │ │ ├── user-dashboard.js │ │ │ └── velo.svg │ │ ├── timeline │ │ │ ├── timeline.css │ │ │ └── timeline.js │ │ ├── tools │ │ │ ├── tool-viewer.css │ │ │ └── tool-viewer.js │ │ ├── users │ │ │ ├── user-label.css │ │ │ └── user-label.js │ │ ├── utils │ │ │ ├── clock.css │ │ │ ├── clock.js │ │ │ ├── csv.js │ │ │ ├── hex.css │ │ │ ├── hex.js │ │ │ ├── labels.js │ │ │ ├── number.css │ │ │ ├── number.js │ │ │ ├── paths.js │ │ │ ├── spinner.css │ │ │ ├── spinner.js │ │ │ ├── time.css │ │ │ ├── time.js │ │ │ ├── url.css │ │ │ ├── url.js │ │ │ ├── users.js │ │ │ └── value.js │ │ ├── vfs │ │ │ ├── browse-vfs.css │ │ │ ├── browse-vfs.js │ │ │ ├── file-details.css │ │ │ ├── file-details.js │ │ │ ├── file-hex-view.css │ │ │ ├── file-hex-view.js │ │ │ ├── file-list.css │ │ │ ├── file-list.js │ │ │ ├── file-stats.css │ │ │ ├── file-stats.js │ │ │ ├── file-text-view.js │ │ │ ├── file-tree.css │ │ │ ├── file-tree.js │ │ │ ├── utils.js │ │ │ └── vfs-setter.js │ │ └── welcome │ │ │ └── welcome.js │ ├── css │ │ └── bootstrap-theme.css │ ├── dark-mode.css │ ├── index.css │ ├── index.js │ ├── light-pink.css │ ├── react-app-env.d.ts │ ├── serviceWorker.js │ ├── setupProxy.js │ └── setupTests.js │ └── yarn.lock ├── http_comms ├── comms.go ├── comms_test.go ├── doc.go ├── e2e_test.go ├── ring_buffer.go ├── ring_buffer_test.go ├── sender.go ├── sender_test.go └── test_data │ ├── client.config.yaml │ └── server.config.yaml ├── json ├── debug.go ├── json.go ├── proto.go ├── protobuf.go ├── registry.go └── wrappers.go ├── logging ├── logging.go ├── logging_generic.go └── logging_windows.go ├── magefile.go ├── make.go ├── make_proto.sh ├── notifications └── notifications.go ├── paths ├── artifacts.go ├── artifacts │ ├── logs.go │ ├── paths.go │ └── paths_test.go ├── artifacts_test.go ├── client.go ├── client_test.go ├── constants.go ├── doc.go ├── flow_metadata.go ├── flow_metadata_test.go ├── forms.go ├── hunt_metadata.go ├── hunt_metadata_test.go ├── index.go ├── index_test.go ├── inventory.go ├── notebooks.go ├── notebooks_test.go ├── ntfs.go ├── ntfs_test.go ├── paths.go ├── paths_test.go ├── server.go ├── timelines.go ├── timelines_test.go ├── users.go ├── users_test.go └── utils.go ├── proto ├── flow_metadata.pb.go ├── flow_metadata.proto ├── semantic.pb.go └── semantic.proto ├── reporting ├── acls.go ├── acls_test.go ├── archive.go ├── cell_test.go ├── cells.go ├── container.go ├── doc.go ├── expand.go ├── fixtures │ └── VQL2MarkdownConversion.golden ├── functions.go ├── gui.go ├── html.go ├── notebooks.go ├── report.go ├── table.go ├── templates │ └── index.html ├── text_expander.go ├── timelines.go └── vql.go ├── responder ├── pool.go ├── responder.go └── testutils.go ├── result_sets ├── api.go ├── registration.go ├── simple │ ├── docs.go │ ├── fixtures │ │ └── TestResultSets.golden │ ├── simple.go │ ├── simple_test.go │ └── sink.go └── timed │ ├── docs.go │ ├── factory.go │ ├── fixtures │ ├── TestTimedResultSetMigration.golden │ └── TestTimedResultSetWriting.golden │ ├── reader.go │ ├── reader_test.go │ ├── writer.go │ └── writer_test.go ├── scripts ├── kape_files.py ├── sync_artifact_paths.py └── templates │ ├── kape_files_nix.yaml.tpl │ └── kape_files_win.yaml.tpl ├── search ├── clients.go ├── fixtures │ └── TestWildCardSearch.golden ├── index.go ├── index_test.go ├── ip.go ├── mru.go ├── search.go ├── search_chan.go ├── search_test.go ├── simple.go └── simple_test.go ├── server ├── comms.go ├── docs.go ├── enroll.go ├── limits.go ├── limits_linux.go ├── loadshed.go ├── metrics.go ├── server.go ├── server_test.go └── startup.go ├── services ├── broadcast.go ├── broadcast │ └── broadcast.go ├── client_info.go ├── client_info │ ├── client_info.go │ ├── client_info_test.go │ ├── tasks.go │ └── tasks_test.go ├── client_monitoring.go ├── client_monitoring │ ├── client_monitoring.go │ ├── client_monitoring_test.go │ └── dummy.go ├── ddclient │ └── ddclient.go ├── doc.go ├── frontend.go ├── frontend │ ├── frontend.go │ ├── paths.go │ └── proto │ │ ├── frontend.pb.go │ │ └── frontend.proto ├── hunt_dispatcher.go ├── hunt_dispatcher │ ├── hunt_dispatcher.go │ └── hunt_dispatcher_test.go ├── hunt_manager │ ├── hunt_manager.go │ └── hunt_manager_test.go ├── indexing.go ├── indexing │ └── indexing.go ├── interrogation │ ├── interrogation.go │ └── interrogation_test.go ├── inventory.go ├── inventory │ ├── dummy.go │ ├── fixtures │ │ ├── TestGihubToolServedLocally.golden │ │ ├── TestGihubTools.golden │ │ └── TestGihubToolsUninitialized.golden │ ├── inventory.go │ └── inventory_test.go ├── journal.go ├── journal │ ├── buffer.go │ ├── journal.go │ ├── journal_test.go │ ├── replication.go │ ├── replication_test.go │ └── utils.go ├── labels.go ├── labels │ ├── labels.go │ └── labels_test.go ├── launcher.go ├── launcher │ ├── acls.go │ ├── artifacts_test.go │ ├── compiler.go │ ├── dummy.go │ ├── fixtures │ │ ├── TestCompilingServerEvents.golden │ │ ├── TestGetDependentArtifactsWithImports.golden │ │ ├── TestParameterTypes.golden │ │ ├── TestParameterTypesDeps.golden │ │ ├── TestParameterTypesDepsQuery.golden │ │ ├── TestPreconditionRecursive.golden │ │ ├── TestPreconditionSourceLevel.golden │ │ └── TestPreconditionTopLevel.golden │ ├── launcher.go │ └── launcher_test.go ├── notifications.go ├── notifications │ └── notifications.go ├── repository.go ├── repository │ ├── files.go │ ├── filestore.go │ ├── manager.go │ ├── manager_test.go │ ├── plugin.go │ ├── plugin_test.go │ ├── repository.go │ ├── repository_test.go │ ├── scope.go │ └── testdata │ │ ├── TestArtifactPlugin.golden │ │ ├── TestArtifactPluginWithPrecondition.golden │ │ ├── TestClientPluginMultipleSources.golden │ │ ├── TestClientPluginMultipleSourcesAndPrecondtions.golden │ │ └── TestClientPluginMultipleSourcesAndPrecondtionsEvents.golden ├── sanity │ ├── fixtures │ │ ├── TestCreateUser.golden │ │ └── TestUpgradeTools.golden │ ├── index_migration.go │ ├── sanity.go │ ├── sanity_test.go │ ├── server_artifacts.go │ └── users.go ├── server_artifacts │ ├── flusher.go │ ├── server_artifacts.go │ ├── server_artifacts_test.go │ └── server_uploader.go ├── server_monitoring.go ├── server_monitoring │ ├── fixtures │ │ └── TestMultipleArtifacts.golden │ ├── logger.go │ ├── server_monitoring.go │ ├── server_monitoring_test.go │ └── tracer.go ├── services.go ├── test_utils.go ├── user_notification.go └── vfs_service │ ├── utils.go │ ├── vfs_service.go │ └── vfs_service_test.go ├── startup └── startup.go ├── staticcheck.conf ├── third_party ├── cache │ ├── lru_cache.go │ └── lru_cache_test.go ├── dlopen │ ├── LICENSE │ ├── NOTICE │ ├── dlopen.go │ ├── dlopen_example.go │ ├── dlopen_linux.go │ └── dlopen_test.go ├── sdjournal │ ├── LICENSE │ ├── NOTICE │ ├── functions_linux.go │ ├── journal_linux.go │ └── no_systemd.go └── zip │ ├── README.txt │ ├── reader.go │ ├── register.go │ ├── struct.go │ └── writer.go ├── timelines ├── proto │ ├── timelines.pb.go │ └── timelines.proto ├── reader.go ├── supertimeline.go ├── timelines.go ├── timelines_test.go └── writer.go ├── tools ├── grpc-gateway.go └── mksyscall_windows.go ├── uploads ├── api.go ├── client_uploader.go ├── client_uploader_test.go ├── file_based.go ├── file_based_nonwindows.go ├── file_based_windows.go ├── fixtures │ ├── ClientUploaderSparse.golden │ ├── ClientUploaderSparseMultiBuffer.golden │ └── TestGetNextRange.golden ├── ranges.go └── ranges_test.go ├── users ├── favorites.go ├── notifications.go └── users.go ├── utils ├── clock.go ├── completer.go ├── compression.go ├── concurrency.go ├── copy.go ├── counter.go ├── debug.go ├── dict.go ├── dir_unix.go ├── endian.go ├── file.go ├── file_unix.go ├── file_windows.go ├── fixtures │ └── TestSanitize.golden ├── json.go ├── nil.go ├── panic.go ├── path.go ├── path_test.go ├── progress.go ├── prometheus.go ├── proxy.go ├── readers.go ├── readers_test.go ├── regexp.go ├── retry.go ├── sanitize.go ├── sanitize_test.go ├── semver.go ├── stub.go ├── throttler.go ├── time.go ├── urls.go ├── utils.go └── writers.go ├── vql ├── acls.go ├── common │ ├── batch.go │ ├── cache.go │ ├── chain.go │ ├── clock.go │ ├── columns.go │ ├── diff.go │ ├── env.go │ ├── fifo.go │ ├── for.go │ ├── items.go │ ├── mail.go │ ├── sampler.go │ ├── sequence.go │ ├── shell.go │ ├── switch.go │ └── yara.go ├── filesystem │ ├── copy.go │ ├── filesystem.go │ ├── filesystems.go │ ├── fixtures │ │ ├── TestReferenceCount.golden │ │ └── TestReferenceCountNested.golden │ ├── grep.go │ ├── gzip.go │ ├── me.go │ ├── pathspec.go │ ├── raw_registry.go │ ├── rm.go │ ├── scope.go │ ├── sparse.go │ ├── tempfile.go │ ├── zip.go │ ├── zip_test.go │ └── zip_windows.go ├── functions │ ├── chattr_linux.go │ ├── commandline.go │ ├── dict.go │ ├── encode.go │ ├── expand.go │ ├── format.go │ ├── functions.go │ ├── hash.go │ ├── humanize.go │ ├── ints.go │ ├── lists.go │ ├── log.go │ ├── networks.go │ ├── patch.go │ ├── paths.go │ ├── pid.go │ ├── rc4.go │ ├── rot13.go │ ├── sleep.go │ ├── strings.go │ ├── time.go │ ├── unhex.go │ ├── url.go │ ├── uuid.go │ └── xor.go ├── golang │ ├── generators.go │ ├── pipe.go │ └── profile.go ├── info.go ├── is_admin.go ├── is_admin_windows.go ├── json.go ├── linux │ ├── audit.go │ ├── connections.go │ └── process_address_space.go ├── networking │ ├── cidrmatch.go │ ├── http_client.go │ ├── netcat.go │ ├── network.go │ └── upload.go ├── parsers │ ├── appcache.go │ ├── authenticode │ │ ├── authenticode.go │ │ ├── cat.go │ │ ├── compat.go │ │ ├── doc.go │ │ └── pefile.go │ ├── binary.go │ ├── crypto │ │ ├── bigint.go │ │ └── pkcs7.go │ ├── csv │ │ ├── csv.go │ │ ├── csv_test.go │ │ ├── fixtures │ │ │ └── TestCSVParser.golden │ │ └── watcher.go │ ├── ese │ │ ├── conversion.spec.yaml │ │ ├── ese.go │ │ ├── profile_gen.go │ │ ├── sid.go │ │ └── vtype_profile.json │ ├── event_logs │ │ ├── evtx.go │ │ └── watcher.go │ ├── fixtures │ │ ├── TestSQLite.golden │ │ └── TestYamlParser.golden │ ├── grok.go │ ├── json.go │ ├── ntfs.go │ ├── ole.go │ ├── parsers_test.go │ ├── pe.go │ ├── plist.go │ ├── prefetch.go │ ├── recyclebin.go │ ├── recyclebin │ │ ├── conversion.spec.yaml │ │ ├── parse_recyclebin.go │ │ ├── profile_gen.go │ │ └── vtype_profile.json │ ├── regexparser.go │ ├── sdjournal │ │ ├── no_systemd.go │ │ ├── scanner_linux.go │ │ └── watcher_linux.go │ ├── splitparser.go │ ├── sql.go │ ├── sqlite.go │ ├── sqlite_test.go │ ├── sqlite_windows.go │ ├── syslog │ │ ├── auditd.go │ │ ├── scanner.go │ │ └── watcher.go │ ├── usn │ │ ├── usn.go │ │ └── watcher.go │ ├── xml.go │ └── yaml.go ├── process.go ├── protocols.go ├── protocols │ └── lazy.go ├── readers │ ├── ntfs.go │ ├── paged.go │ └── paged_reader_test.go ├── scope.go ├── server │ ├── artifacts.go │ ├── clients │ │ ├── clients.go │ │ ├── delete.go │ │ ├── delete_test.go │ │ ├── fixtures │ │ │ └── TestDeleteClient.golden │ │ └── metadata.go │ ├── compress.go │ ├── downloads │ │ ├── downloads.go │ │ └── reporting.go │ ├── elastic.go │ ├── events.go │ ├── favorites │ │ ├── create.go │ │ └── delete.go │ ├── file_store.go │ ├── flows │ │ ├── fixtures │ │ │ ├── TestEnumerateFlow.golden │ │ │ └── TestHuntsSource.golden │ │ ├── flow_test.go │ │ ├── flows.go │ │ ├── monitoring.go │ │ ├── parallel.go │ │ ├── parallel_test.go │ │ ├── results.go │ │ └── uploads.go │ ├── hunts │ │ ├── create.go │ │ ├── delete.go │ │ └── hunts.go │ ├── inventory.go │ ├── kill.go │ ├── labels.go │ ├── monitoring │ │ ├── add_monitoring.go │ │ ├── add_monitoring_test.go │ │ ├── event_monitoring.go │ │ ├── fixtures │ │ │ ├── TestAddClientMonitoring.golden │ │ │ └── TestAddServerMonitoring.golden │ │ └── rm_monitoring.go │ ├── notebooks │ │ └── delete.go │ ├── repository.go │ ├── splunk.go │ ├── stats.go │ ├── timelines │ │ ├── create.go │ │ └── reader.go │ ├── users │ │ ├── create.go │ │ ├── delete.go │ │ └── users.go │ └── whoami.go ├── sorter │ ├── mergesort.go │ ├── mergesort_test.go │ └── testdata │ │ ├── TestMergeSorter.golden │ │ ├── TestMergeSorterDesc.golden │ │ └── newDataFile.golden ├── tools │ ├── artifacts.go │ ├── atexit.go │ ├── collector.go │ ├── collector_test.go │ ├── fixtures │ │ ├── TestCollectionWithArtifacts.golden │ │ ├── TestCollectionWithTypes.golden │ │ ├── TestCollectionWithUpload.golden │ │ ├── TestSimpleCollection.golden │ │ ├── TestStarlark.golden │ │ └── import.zip │ ├── gcs_pubsub_publish.go │ ├── gcs_upload.go │ ├── geoip.go │ ├── import.go │ ├── import_test.go │ ├── js.go │ ├── magic.go │ ├── mocker.go │ ├── query.go │ ├── reporting.go │ ├── reporting_client.go │ ├── s3_upload.go │ ├── sftp_upload.go │ ├── starlark.go │ ├── starlark_test.go │ ├── unzip.go │ └── webdav_upload.go ├── utils.go ├── vql.go └── windows │ ├── aliases.go │ ├── amsi.go │ ├── crypto.c │ ├── crypto.go │ ├── doc.go │ ├── etw │ ├── doc.go │ └── watch.go │ ├── filesystems │ ├── adapter.go │ ├── auto_windows.go │ ├── doc.go │ ├── mft_windows.go │ ├── ntfs_cache.go │ ├── ntfs_lazy_windows.go │ ├── ntfs_windows.go │ ├── os_windows.go │ ├── readers │ │ ├── ntfs.go │ │ └── ntfs_windows.go │ └── registry_windows.go │ ├── gen.go │ ├── network.go │ ├── process │ ├── common.go │ ├── dump.c │ ├── dump.go │ ├── handles.go │ ├── process_address_space.go │ ├── sedebug.go │ ├── token.go │ ├── vad.go │ ├── vad_32.go │ └── winobj.go │ ├── processes.go │ ├── registry │ ├── registry.go │ └── write.go │ ├── status.go │ ├── users.go │ ├── win32_windows.go │ ├── win32_windows_32.go │ ├── wmi │ ├── events.c │ ├── events.go │ ├── parse │ │ ├── fixtures │ │ │ ├── sample.golden │ │ │ └── sample.txt │ │ ├── parse.go │ │ └── parse_test.go │ └── wmi.go │ ├── zwin32_windows_386.go │ └── zwin32_windows_amd64.go ├── vql_plugins ├── plugins.go ├── plugins_linux.go ├── plugins_windows.go ├── result_sets.go └── server.go └── vtesting ├── assert └── wrapper.go ├── config.go ├── file_info.go ├── helpers.go └── metrics.go /.gitattributes: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/.gitattributes -------------------------------------------------------------------------------- /.github/workflows/go.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/.github/workflows/go.yml -------------------------------------------------------------------------------- /.github/workflows/remove-old.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/.github/workflows/remove-old.yml -------------------------------------------------------------------------------- /.github/workflows/windows.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/.github/workflows/windows.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/.gitignore -------------------------------------------------------------------------------- /.golangci.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/.golangci.yml -------------------------------------------------------------------------------- /.wwhrd.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/.wwhrd.yml -------------------------------------------------------------------------------- /CLA.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/CLA.md -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/LICENSE -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/Makefile -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/README.md -------------------------------------------------------------------------------- /acls/acls.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/acls/acls.go -------------------------------------------------------------------------------- /acls/proto/acl.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/acls/proto/acl.pb.go -------------------------------------------------------------------------------- /acls/proto/acl.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/acls/proto/acl.proto -------------------------------------------------------------------------------- /acls/roles.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/acls/roles.go -------------------------------------------------------------------------------- /acls/utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/acls/utils.go -------------------------------------------------------------------------------- /actions/events.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/actions/events.go -------------------------------------------------------------------------------- /actions/events_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/actions/events_test.go -------------------------------------------------------------------------------- /actions/foreman.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/actions/foreman.go -------------------------------------------------------------------------------- /actions/proto/transport.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/actions/proto/transport.pb.go -------------------------------------------------------------------------------- /actions/proto/transport.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/actions/proto/transport.proto -------------------------------------------------------------------------------- /actions/proto/vql.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/actions/proto/vql.pb.go -------------------------------------------------------------------------------- /actions/proto/vql.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/actions/proto/vql.proto -------------------------------------------------------------------------------- /actions/query_log.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/actions/query_log.go -------------------------------------------------------------------------------- /actions/test_data/client.config.yaml: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /actions/test_data/hello.txt: -------------------------------------------------------------------------------- 1 | hello world 2 | -------------------------------------------------------------------------------- /actions/vql.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/actions/vql.go -------------------------------------------------------------------------------- /actions/vql_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/actions/vql_test.go -------------------------------------------------------------------------------- /api/api.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/api.go -------------------------------------------------------------------------------- /api/artifacts.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/artifacts.go -------------------------------------------------------------------------------- /api/assets.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/assets.go -------------------------------------------------------------------------------- /api/auth.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/auth.go -------------------------------------------------------------------------------- /api/authenticators/auth.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/authenticators/auth.go -------------------------------------------------------------------------------- /api/authenticators/azure.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/authenticators/azure.go -------------------------------------------------------------------------------- /api/authenticators/basic.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/authenticators/basic.go -------------------------------------------------------------------------------- /api/authenticators/github.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/authenticators/github.go -------------------------------------------------------------------------------- /api/authenticators/google.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/authenticators/google.go -------------------------------------------------------------------------------- /api/authenticators/logging.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/authenticators/logging.go -------------------------------------------------------------------------------- /api/authenticators/oidc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/authenticators/oidc.go -------------------------------------------------------------------------------- /api/authenticators/saml.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/authenticators/saml.go -------------------------------------------------------------------------------- /api/builder.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/builder.go -------------------------------------------------------------------------------- /api/clients.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/clients.go -------------------------------------------------------------------------------- /api/csrf.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/csrf.go -------------------------------------------------------------------------------- /api/csv.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/csv.go -------------------------------------------------------------------------------- /api/datastore.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/datastore.go -------------------------------------------------------------------------------- /api/datastore_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/datastore_test.go -------------------------------------------------------------------------------- /api/download.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/download.go -------------------------------------------------------------------------------- /api/events.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/events.go -------------------------------------------------------------------------------- /api/fixtures/TestDatastore.golden: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/fixtures/TestDatastore.golden -------------------------------------------------------------------------------- /api/handlers.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/handlers.go -------------------------------------------------------------------------------- /api/health.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/health.go -------------------------------------------------------------------------------- /api/hunts.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/hunts.go -------------------------------------------------------------------------------- /api/instrument.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/instrument.go -------------------------------------------------------------------------------- /api/mock/api_mock.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/mock/api_mock.go -------------------------------------------------------------------------------- /api/mock/gen.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/mock/gen.go -------------------------------------------------------------------------------- /api/notebooks.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/notebooks.go -------------------------------------------------------------------------------- /api/proto/api.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/api.pb.go -------------------------------------------------------------------------------- /api/proto/api.pb.gw.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/api.pb.gw.go -------------------------------------------------------------------------------- /api/proto/api.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/api.proto -------------------------------------------------------------------------------- /api/proto/api_grpc.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/api_grpc.pb.go -------------------------------------------------------------------------------- /api/proto/artifacts.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/artifacts.pb.go -------------------------------------------------------------------------------- /api/proto/artifacts.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/artifacts.proto -------------------------------------------------------------------------------- /api/proto/clients.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/clients.pb.go -------------------------------------------------------------------------------- /api/proto/clients.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/clients.proto -------------------------------------------------------------------------------- /api/proto/completions.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/completions.pb.go -------------------------------------------------------------------------------- /api/proto/completions.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/completions.proto -------------------------------------------------------------------------------- /api/proto/csv.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/csv.pb.go -------------------------------------------------------------------------------- /api/proto/csv.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/csv.proto -------------------------------------------------------------------------------- /api/proto/datastore.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/datastore.pb.go -------------------------------------------------------------------------------- /api/proto/datastore.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/datastore.proto -------------------------------------------------------------------------------- /api/proto/download.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/download.pb.go -------------------------------------------------------------------------------- /api/proto/download.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/download.proto -------------------------------------------------------------------------------- /api/proto/flows.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/flows.pb.go -------------------------------------------------------------------------------- /api/proto/flows.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/flows.proto -------------------------------------------------------------------------------- /api/proto/health.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/health.pb.go -------------------------------------------------------------------------------- /api/proto/health.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/health.proto -------------------------------------------------------------------------------- /api/proto/hunts.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/hunts.pb.go -------------------------------------------------------------------------------- /api/proto/hunts.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/hunts.proto -------------------------------------------------------------------------------- /api/proto/notebooks.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/notebooks.pb.go -------------------------------------------------------------------------------- /api/proto/notebooks.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/notebooks.proto -------------------------------------------------------------------------------- /api/proto/objects.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/objects.pb.go -------------------------------------------------------------------------------- /api/proto/objects.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/objects.proto -------------------------------------------------------------------------------- /api/proto/server_state.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/server_state.pb.go -------------------------------------------------------------------------------- /api/proto/server_state.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/server_state.proto -------------------------------------------------------------------------------- /api/proto/users.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/users.pb.go -------------------------------------------------------------------------------- /api/proto/users.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/users.proto -------------------------------------------------------------------------------- /api/proto/vfs_api.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/vfs_api.pb.go -------------------------------------------------------------------------------- /api/proto/vfs_api.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proto/vfs_api.proto -------------------------------------------------------------------------------- /api/proxy.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/proxy.go -------------------------------------------------------------------------------- /api/query.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/query.go -------------------------------------------------------------------------------- /api/reflect.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/reflect.go -------------------------------------------------------------------------------- /api/replication.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/replication.go -------------------------------------------------------------------------------- /api/reports.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/reports.go -------------------------------------------------------------------------------- /api/server_monitoring.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/server_monitoring.go -------------------------------------------------------------------------------- /api/tools.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/tools.go -------------------------------------------------------------------------------- /api/upload.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/upload.go -------------------------------------------------------------------------------- /api/users.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/users.go -------------------------------------------------------------------------------- /api/vfs.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/vfs.go -------------------------------------------------------------------------------- /api/vql.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/api/vql.go -------------------------------------------------------------------------------- /artifacts/assets/.gitignore: -------------------------------------------------------------------------------- 1 | * -------------------------------------------------------------------------------- /artifacts/assets/docs.go: -------------------------------------------------------------------------------- 1 | package assets 2 | -------------------------------------------------------------------------------- /artifacts/b0x.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/b0x.yaml -------------------------------------------------------------------------------- /artifacts/definitions/Linux/Mounts.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/definitions/Linux/Mounts.yaml -------------------------------------------------------------------------------- /artifacts/obfuscation.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/obfuscation.go -------------------------------------------------------------------------------- /artifacts/proto/artifact.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/proto/artifact.pb.go -------------------------------------------------------------------------------- /artifacts/proto/artifact.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/proto/artifact.proto -------------------------------------------------------------------------------- /artifacts/testdata/files/1.lnk: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/1.lnk -------------------------------------------------------------------------------- /artifacts/testdata/files/Amcache.hve: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/Amcache.hve -------------------------------------------------------------------------------- /artifacts/testdata/files/CSDump.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/CSDump.bin -------------------------------------------------------------------------------- /artifacts/testdata/files/CSShellcode.bin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/CSShellcode.bin -------------------------------------------------------------------------------- /artifacts/testdata/files/SAM: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/SAM -------------------------------------------------------------------------------- /artifacts/testdata/files/UsrClass.dat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/UsrClass.dat -------------------------------------------------------------------------------- /artifacts/testdata/files/access.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/access.log -------------------------------------------------------------------------------- /artifacts/testdata/files/csv/bad.csv: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/csv/bad.csv -------------------------------------------------------------------------------- /artifacts/testdata/files/csv/iis.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/csv/iis.log -------------------------------------------------------------------------------- /artifacts/testdata/files/goodbye.bz2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/goodbye.bz2 -------------------------------------------------------------------------------- /artifacts/testdata/files/hello.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/hello.zip -------------------------------------------------------------------------------- /artifacts/testdata/files/hi.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/hi.gz -------------------------------------------------------------------------------- /artifacts/testdata/files/history.sqlite: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/history.sqlite -------------------------------------------------------------------------------- /artifacts/testdata/files/hosts: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/hosts -------------------------------------------------------------------------------- /artifacts/testdata/files/lines.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/lines.txt -------------------------------------------------------------------------------- /artifacts/testdata/files/logo.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/logo.zip -------------------------------------------------------------------------------- /artifacts/testdata/files/malware.xlsm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/malware.xlsm -------------------------------------------------------------------------------- /artifacts/testdata/files/nested.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/nested.zip -------------------------------------------------------------------------------- /artifacts/testdata/files/notnbt.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/notnbt.exe -------------------------------------------------------------------------------- /artifacts/testdata/files/ntexe.cat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/ntexe.cat -------------------------------------------------------------------------------- /artifacts/testdata/files/ntuser.dat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/ntuser.dat -------------------------------------------------------------------------------- /artifacts/testdata/files/test.docx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/test.docx -------------------------------------------------------------------------------- /artifacts/testdata/files/test.odt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/test.odt -------------------------------------------------------------------------------- /artifacts/testdata/files/test.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/test.zip -------------------------------------------------------------------------------- /artifacts/testdata/files/vagrant.plist: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/vagrant.plist -------------------------------------------------------------------------------- /artifacts/testdata/files/winpmem_x64.sys: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/winpmem_x64.sys -------------------------------------------------------------------------------- /artifacts/testdata/files/wkscli.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/wkscli.dll -------------------------------------------------------------------------------- /artifacts/testdata/files/yara_test.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/files/yara_test.txt -------------------------------------------------------------------------------- /artifacts/testdata/manual/README: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/manual/README -------------------------------------------------------------------------------- /artifacts/testdata/server/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/server/.gitignore -------------------------------------------------------------------------------- /artifacts/testdata/server/README.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/server/README.txt -------------------------------------------------------------------------------- /artifacts/testdata/server/client_idx/all/c.4/f5e/52a/df0/a33/7a9/C.4f5e52adf0a337a9.db: -------------------------------------------------------------------------------- 1 | 2 | C.4f5e52adf0a337a9all -------------------------------------------------------------------------------- /artifacts/testdata/server/client_idx/des/kto/p-6/cbj/8mj/c.4/f5e/52a/df0/a33/7a9/C.4f5e52adf0a337a9.db: -------------------------------------------------------------------------------- 1 | 2 | C.4f5e52adf0a337a9desktop-6cbj8mj -------------------------------------------------------------------------------- /artifacts/testdata/server/downloads/.gitignore: -------------------------------------------------------------------------------- 1 | *.zip -------------------------------------------------------------------------------- /artifacts/testdata/server/hunt_index/h.49ba8939/C.4f5e52adf0a337a9.db: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /artifacts/testdata/server/hunts/H.19c0c0a2/stats.db: -------------------------------------------------------------------------------- 1 | Hp -------------------------------------------------------------------------------- /artifacts/testdata/server/hunts/H.49ba8939/stats.db: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /artifacts/testdata/server/users/mic.db: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/server/users/mic.db -------------------------------------------------------------------------------- /artifacts/testdata/windows/evtx.in.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/windows/evtx.in.yaml -------------------------------------------------------------------------------- /artifacts/testdata/windows/evtx.out.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/windows/evtx.out.yaml -------------------------------------------------------------------------------- /artifacts/testdata/windows/file.in.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/windows/file.in.yaml -------------------------------------------------------------------------------- /artifacts/testdata/windows/file.out.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/windows/file.out.yaml -------------------------------------------------------------------------------- /artifacts/testdata/windows/init.reg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/windows/init.reg -------------------------------------------------------------------------------- /artifacts/testdata/windows/ntfs.in.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/windows/ntfs.in.yaml -------------------------------------------------------------------------------- /artifacts/testdata/windows/ntfs.out.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/windows/ntfs.out.yaml -------------------------------------------------------------------------------- /artifacts/testdata/windows/shell.in.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/windows/shell.in.yaml -------------------------------------------------------------------------------- /artifacts/testdata/windows/token.in.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/windows/token.in.yaml -------------------------------------------------------------------------------- /artifacts/testdata/windows/users.in.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/windows/users.in.yaml -------------------------------------------------------------------------------- /artifacts/testdata/windows/vss.in.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/windows/vss.in.yaml -------------------------------------------------------------------------------- /artifacts/testdata/windows/vss.out.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/windows/vss.out.yaml -------------------------------------------------------------------------------- /artifacts/testdata/windows/wmi.in.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/windows/wmi.in.yaml -------------------------------------------------------------------------------- /artifacts/testdata/windows/wmi.out.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/testdata/windows/wmi.out.yaml -------------------------------------------------------------------------------- /artifacts/utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/artifacts/utils.go -------------------------------------------------------------------------------- /bin/admin_generic.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/admin_generic.go -------------------------------------------------------------------------------- /bin/admin_windows.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/admin_windows.go -------------------------------------------------------------------------------- /bin/artifacts.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/artifacts.go -------------------------------------------------------------------------------- /bin/banner.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/banner.go -------------------------------------------------------------------------------- /bin/binary_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/binary_test.go -------------------------------------------------------------------------------- /bin/browser.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/browser.go -------------------------------------------------------------------------------- /bin/client.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/client.go -------------------------------------------------------------------------------- /bin/collector_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/collector_test.go -------------------------------------------------------------------------------- /bin/config.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/config.go -------------------------------------------------------------------------------- /bin/config_frontend.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/config_frontend.go -------------------------------------------------------------------------------- /bin/config_interactive.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/config_interactive.go -------------------------------------------------------------------------------- /bin/config_merge.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/config_merge.go -------------------------------------------------------------------------------- /bin/csv.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/csv.go -------------------------------------------------------------------------------- /bin/debian.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/debian.go -------------------------------------------------------------------------------- /bin/debug.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/debug.go -------------------------------------------------------------------------------- /bin/fixtures/Serialization.golden: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/fixtures/Serialization.golden -------------------------------------------------------------------------------- /bin/flags.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/flags.go -------------------------------------------------------------------------------- /bin/frontend.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/frontend.go -------------------------------------------------------------------------------- /bin/fs.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/fs.go -------------------------------------------------------------------------------- /bin/golden.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/golden.go -------------------------------------------------------------------------------- /bin/grant.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/grant.go -------------------------------------------------------------------------------- /bin/gui.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/gui.go -------------------------------------------------------------------------------- /bin/index.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/index.go -------------------------------------------------------------------------------- /bin/installer_darwin.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/installer_darwin.go -------------------------------------------------------------------------------- /bin/installer_windows.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/installer_windows.go -------------------------------------------------------------------------------- /bin/logging.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/logging.go -------------------------------------------------------------------------------- /bin/main.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/main.go -------------------------------------------------------------------------------- /bin/marshal.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/marshal.go -------------------------------------------------------------------------------- /bin/marshal_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/marshal_test.go -------------------------------------------------------------------------------- /bin/metrics.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/metrics.go -------------------------------------------------------------------------------- /bin/minions.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/minions.go -------------------------------------------------------------------------------- /bin/mutant_windows.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/mutant_windows.go -------------------------------------------------------------------------------- /bin/panic.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/panic.go -------------------------------------------------------------------------------- /bin/pool.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/pool.go -------------------------------------------------------------------------------- /bin/prompt.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/prompt.go -------------------------------------------------------------------------------- /bin/proxy.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/proxy.go -------------------------------------------------------------------------------- /bin/query.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/query.go -------------------------------------------------------------------------------- /bin/repack.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/repack.go -------------------------------------------------------------------------------- /bin/rpm.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/rpm.go -------------------------------------------------------------------------------- /bin/server_service_windows.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/server_service_windows.go -------------------------------------------------------------------------------- /bin/tools.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/tools.go -------------------------------------------------------------------------------- /bin/unzip.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/unzip.go -------------------------------------------------------------------------------- /bin/users.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/users.go -------------------------------------------------------------------------------- /bin/utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/utils.go -------------------------------------------------------------------------------- /bin/vacuum.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/vacuum.go -------------------------------------------------------------------------------- /bin/version.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/version.go -------------------------------------------------------------------------------- /bin/vql.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/bin/vql.go -------------------------------------------------------------------------------- /config/b0x.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/config/b0x.yaml -------------------------------------------------------------------------------- /config/config.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/config/config.go -------------------------------------------------------------------------------- /config/default.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/config/default.yaml -------------------------------------------------------------------------------- /config/doc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/config/doc.go -------------------------------------------------------------------------------- /config/loader.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/config/loader.go -------------------------------------------------------------------------------- /config/migration.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/config/migration.go -------------------------------------------------------------------------------- /config/proto/config.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/config/proto/config.pb.go -------------------------------------------------------------------------------- /config/proto/config.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/config/proto/config.proto -------------------------------------------------------------------------------- /config/validate.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/config/validate.go -------------------------------------------------------------------------------- /constants/constants.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/constants/constants.go -------------------------------------------------------------------------------- /crypto/b0x.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/b0x.yaml -------------------------------------------------------------------------------- /crypto/ca-certificates.crt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/ca-certificates.crt -------------------------------------------------------------------------------- /crypto/ca.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/ca.go -------------------------------------------------------------------------------- /crypto/client/cipher.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/client/cipher.go -------------------------------------------------------------------------------- /crypto/client/client.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/client/client.go -------------------------------------------------------------------------------- /crypto/client/docs.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/client/docs.go -------------------------------------------------------------------------------- /crypto/client/lru.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/client/lru.go -------------------------------------------------------------------------------- /crypto/client/lru_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/client/lru_test.go -------------------------------------------------------------------------------- /crypto/client/manager.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/client/manager.go -------------------------------------------------------------------------------- /crypto/client/resolver.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/client/resolver.go -------------------------------------------------------------------------------- /crypto/crypto_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/crypto_test.go -------------------------------------------------------------------------------- /crypto/doc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/doc.go -------------------------------------------------------------------------------- /crypto/messages.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/messages.go -------------------------------------------------------------------------------- /crypto/proto/jobs.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/proto/jobs.pb.go -------------------------------------------------------------------------------- /crypto/proto/jobs.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/proto/jobs.proto -------------------------------------------------------------------------------- /crypto/root.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/root.go -------------------------------------------------------------------------------- /crypto/server/docs.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/server/docs.go -------------------------------------------------------------------------------- /crypto/server/manager.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/server/manager.go -------------------------------------------------------------------------------- /crypto/simple.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/simple.go -------------------------------------------------------------------------------- /crypto/simple_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/simple_test.go -------------------------------------------------------------------------------- /crypto/testing/testing_utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/testing/testing_utils.go -------------------------------------------------------------------------------- /crypto/transport.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/transport.go -------------------------------------------------------------------------------- /crypto/utils/utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/crypto/utils/utils.go -------------------------------------------------------------------------------- /datastore/datastore.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/datastore/datastore.go -------------------------------------------------------------------------------- /datastore/datastore_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/datastore/datastore_test.go -------------------------------------------------------------------------------- /datastore/filebased.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/datastore/filebased.go -------------------------------------------------------------------------------- /datastore/filebased_benchmark_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/datastore/filebased_benchmark_test.go -------------------------------------------------------------------------------- /datastore/filebased_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/datastore/filebased_test.go -------------------------------------------------------------------------------- /datastore/instrument.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/datastore/instrument.go -------------------------------------------------------------------------------- /datastore/memcache.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/datastore/memcache.go -------------------------------------------------------------------------------- /datastore/memcache_data.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/datastore/memcache_data.go -------------------------------------------------------------------------------- /datastore/memcache_file.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/datastore/memcache_file.go -------------------------------------------------------------------------------- /datastore/memcache_file_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/datastore/memcache_file_test.go -------------------------------------------------------------------------------- /datastore/memcache_stats.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/datastore/memcache_stats.go -------------------------------------------------------------------------------- /datastore/memcache_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/datastore/memcache_test.go -------------------------------------------------------------------------------- /datastore/paths.go: -------------------------------------------------------------------------------- 1 | package datastore 2 | -------------------------------------------------------------------------------- /datastore/readonly.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/datastore/readonly.go -------------------------------------------------------------------------------- /datastore/remote.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/datastore/remote.go -------------------------------------------------------------------------------- /datastore/test_data/mysql.config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/datastore/test_data/mysql.config.yaml -------------------------------------------------------------------------------- /datastore/utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/datastore/utils.go -------------------------------------------------------------------------------- /debian/changelog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/debian/changelog -------------------------------------------------------------------------------- /debian/compat: -------------------------------------------------------------------------------- 1 | 7 2 | -------------------------------------------------------------------------------- /debian/control: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/debian/control -------------------------------------------------------------------------------- /debian/copyright: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/debian/copyright -------------------------------------------------------------------------------- /debian/rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/debian/rules -------------------------------------------------------------------------------- /debian/velociraptor.config.yaml: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /debian/velociraptor.init: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/debian/velociraptor.init -------------------------------------------------------------------------------- /debian/velociraptor.install: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/debian/velociraptor.install -------------------------------------------------------------------------------- /debian/velociraptor.nanny: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/debian/velociraptor.nanny -------------------------------------------------------------------------------- /debian/velociraptor.postinst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/debian/velociraptor.postinst -------------------------------------------------------------------------------- /debian/velociraptor.preinst: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/debian/velociraptor.preinst -------------------------------------------------------------------------------- /debian/velociraptor.service: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/debian/velociraptor.service -------------------------------------------------------------------------------- /debian/velociraptor.substvars: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/debian/velociraptor.substvars -------------------------------------------------------------------------------- /debian/velociraptor.upstart: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/debian/velociraptor.upstart -------------------------------------------------------------------------------- /docs.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/docs.go -------------------------------------------------------------------------------- /docs/monitoring/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/docs/monitoring/README.md -------------------------------------------------------------------------------- /docs/monitoring/graphana.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/docs/monitoring/graphana.json -------------------------------------------------------------------------------- /docs/monitoring/prometheus.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/docs/monitoring/prometheus.yaml -------------------------------------------------------------------------------- /docs/references/vql.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/docs/references/vql.yaml -------------------------------------------------------------------------------- /docs/rsrc_386.syso: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/docs/rsrc_386.syso -------------------------------------------------------------------------------- /docs/rsrc_amd64.syso: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/docs/rsrc_amd64.syso -------------------------------------------------------------------------------- /docs/saml/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/docs/saml/README.md -------------------------------------------------------------------------------- /docs/wix/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/docs/wix/README.md -------------------------------------------------------------------------------- /docs/wix/buid_x86.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/docs/wix/buid_x86.bat -------------------------------------------------------------------------------- /docs/wix/build.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/docs/wix/build.bat -------------------------------------------------------------------------------- /docs/wix/build_custom.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/docs/wix/build_custom.bat -------------------------------------------------------------------------------- /docs/wix/build_x86_custom.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/docs/wix/build_x86_custom.bat -------------------------------------------------------------------------------- /docs/wix/custom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/docs/wix/custom.xml -------------------------------------------------------------------------------- /docs/wix/custom_x86.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/docs/wix/custom_x86.xml -------------------------------------------------------------------------------- /docs/wix/velociraptor.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/docs/wix/velociraptor.xml -------------------------------------------------------------------------------- /executor/doc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/executor/doc.go -------------------------------------------------------------------------------- /executor/executor.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/executor/executor.go -------------------------------------------------------------------------------- /executor/executor_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/executor/executor_test.go -------------------------------------------------------------------------------- /executor/nanny.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/executor/nanny.go -------------------------------------------------------------------------------- /executor/pool.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/executor/pool.go -------------------------------------------------------------------------------- /executor/services.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/executor/services.go -------------------------------------------------------------------------------- /executor/tempfile.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/executor/tempfile.go -------------------------------------------------------------------------------- /executor/testutils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/executor/testutils.go -------------------------------------------------------------------------------- /file_store/accessors/accessor.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/accessors/accessor.go -------------------------------------------------------------------------------- /file_store/accessors/fs.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/accessors/fs.go -------------------------------------------------------------------------------- /file_store/api/adapter.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/api/adapter.go -------------------------------------------------------------------------------- /file_store/api/extensions.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/api/extensions.go -------------------------------------------------------------------------------- /file_store/api/file_store.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/api/file_store.go -------------------------------------------------------------------------------- /file_store/api/instrument.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/api/instrument.go -------------------------------------------------------------------------------- /file_store/api/paths.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/api/paths.go -------------------------------------------------------------------------------- /file_store/api/queues.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/api/queues.go -------------------------------------------------------------------------------- /file_store/api/uploader.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/api/uploader.go -------------------------------------------------------------------------------- /file_store/api/utils.go: -------------------------------------------------------------------------------- 1 | package api 2 | -------------------------------------------------------------------------------- /file_store/api/walk.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/api/walk.go -------------------------------------------------------------------------------- /file_store/csv/doc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/csv/doc.go -------------------------------------------------------------------------------- /file_store/csv/reader.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/csv/reader.go -------------------------------------------------------------------------------- /file_store/csv/reader_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/csv/reader_test.go -------------------------------------------------------------------------------- /file_store/csv/utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/csv/utils.go -------------------------------------------------------------------------------- /file_store/csv/writer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/csv/writer.go -------------------------------------------------------------------------------- /file_store/csv/writer_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/csv/writer_test.go -------------------------------------------------------------------------------- /file_store/directory/buffer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/directory/buffer.go -------------------------------------------------------------------------------- /file_store/directory/csv.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/directory/csv.go -------------------------------------------------------------------------------- /file_store/directory/directory.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/directory/directory.go -------------------------------------------------------------------------------- /file_store/directory/directory_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/directory/directory_test.go -------------------------------------------------------------------------------- /file_store/directory/json.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/directory/json.go -------------------------------------------------------------------------------- /file_store/directory/listener.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/directory/listener.go -------------------------------------------------------------------------------- /file_store/directory/listener_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/directory/listener_test.go -------------------------------------------------------------------------------- /file_store/directory/queue.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/directory/queue.go -------------------------------------------------------------------------------- /file_store/directory/queue_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/directory/queue_test.go -------------------------------------------------------------------------------- /file_store/directory/result_sets.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/directory/result_sets.go -------------------------------------------------------------------------------- /file_store/file_store.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/file_store.go -------------------------------------------------------------------------------- /file_store/memcache/memcache.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/memcache/memcache.go -------------------------------------------------------------------------------- /file_store/memcache/memcache_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/memcache/memcache_test.go -------------------------------------------------------------------------------- /file_store/memory/memory.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/memory/memory.go -------------------------------------------------------------------------------- /file_store/memory/memory_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/memory/memory_test.go -------------------------------------------------------------------------------- /file_store/memory/queue.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/memory/queue.go -------------------------------------------------------------------------------- /file_store/memory/queue_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/memory/queue_test.go -------------------------------------------------------------------------------- /file_store/path_specs/fs_path_spec.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/path_specs/fs_path_spec.go -------------------------------------------------------------------------------- /file_store/path_specs/path_specs.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/path_specs/path_specs.go -------------------------------------------------------------------------------- /file_store/path_specs/utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/path_specs/utils.go -------------------------------------------------------------------------------- /file_store/queue.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/queue.go -------------------------------------------------------------------------------- /file_store/test_utils/query.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/test_utils/query.go -------------------------------------------------------------------------------- /file_store/test_utils/server_config.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/test_utils/server_config.go -------------------------------------------------------------------------------- /file_store/test_utils/testing.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/test_utils/testing.go -------------------------------------------------------------------------------- /file_store/test_utils/testsuite.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/test_utils/testsuite.go -------------------------------------------------------------------------------- /file_store/tests/testsuite.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/file_store/tests/testsuite.go -------------------------------------------------------------------------------- /flows/api.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/flows/api.go -------------------------------------------------------------------------------- /flows/artifacts.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/flows/artifacts.go -------------------------------------------------------------------------------- /flows/artifacts_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/flows/artifacts_test.go -------------------------------------------------------------------------------- /flows/docs.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/flows/docs.go -------------------------------------------------------------------------------- /flows/events.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/flows/events.go -------------------------------------------------------------------------------- /flows/housekeeping.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/flows/housekeeping.go -------------------------------------------------------------------------------- /flows/hunts.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/flows/hunts.go -------------------------------------------------------------------------------- /flows/hunts_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/flows/hunts_test.go -------------------------------------------------------------------------------- /flows/limits.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/flows/limits.go -------------------------------------------------------------------------------- /flows/monitoring.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/flows/monitoring.go -------------------------------------------------------------------------------- /flows/proto/artifact_collector.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/flows/proto/artifact_collector.pb.go -------------------------------------------------------------------------------- /flows/proto/artifact_collector.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/flows/proto/artifact_collector.proto -------------------------------------------------------------------------------- /flows/proto/vfs.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/flows/proto/vfs.pb.go -------------------------------------------------------------------------------- /flows/proto/vfs.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/flows/proto/vfs.proto -------------------------------------------------------------------------------- /flows/utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/flows/utils.go -------------------------------------------------------------------------------- /glob/accessor_common.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/glob/accessor_common.go -------------------------------------------------------------------------------- /glob/accessor_darwin.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/glob/accessor_darwin.go -------------------------------------------------------------------------------- /glob/accessor_freebsd.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/glob/accessor_freebsd.go -------------------------------------------------------------------------------- /glob/accessor_linux.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/glob/accessor_linux.go -------------------------------------------------------------------------------- /glob/accessor_linux_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/glob/accessor_linux_test.go -------------------------------------------------------------------------------- /glob/common.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/glob/common.go -------------------------------------------------------------------------------- /glob/data.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/glob/data.go -------------------------------------------------------------------------------- /glob/factory.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/glob/factory.go -------------------------------------------------------------------------------- /glob/fixtures/TestGlobWithContext.golden: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/glob/fixtures/TestGlobWithContext.golden -------------------------------------------------------------------------------- /glob/glob.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/glob/glob.go -------------------------------------------------------------------------------- /glob/glob_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/glob/glob_test.go -------------------------------------------------------------------------------- /glob/json.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/glob/json.go -------------------------------------------------------------------------------- /glob/pathspec.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/glob/pathspec.go -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/go.mod -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/go.sum -------------------------------------------------------------------------------- /grpc_client/grpc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/grpc_client/grpc.go -------------------------------------------------------------------------------- /gui/assets/.gitignore: -------------------------------------------------------------------------------- 1 | ab0x.go -------------------------------------------------------------------------------- /gui/assets/init.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/assets/init.go -------------------------------------------------------------------------------- /gui/b0x.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/b0x.yaml -------------------------------------------------------------------------------- /gui/velociraptor/.env: -------------------------------------------------------------------------------- 1 | GENERATE_SOURCEMAP=false -------------------------------------------------------------------------------- /gui/velociraptor/.env.production: -------------------------------------------------------------------------------- 1 | GENERATE_SOURCEMAP=false -------------------------------------------------------------------------------- /gui/velociraptor/.gitattributes: -------------------------------------------------------------------------------- 1 | *.json text -------------------------------------------------------------------------------- /gui/velociraptor/.gitignore: -------------------------------------------------------------------------------- 1 | build/ 2 | node-modules/ 3 | -------------------------------------------------------------------------------- /gui/velociraptor/Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/Makefile -------------------------------------------------------------------------------- /gui/velociraptor/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/README.md -------------------------------------------------------------------------------- /gui/velociraptor/ab0x_nogui.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/ab0x_nogui.go -------------------------------------------------------------------------------- /gui/velociraptor/assets/velo.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/assets/velo.svg -------------------------------------------------------------------------------- /gui/velociraptor/b0x.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/b0x.yaml -------------------------------------------------------------------------------- /gui/velociraptor/build/static/.keep: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /gui/velociraptor/docs.go: -------------------------------------------------------------------------------- 1 | package velociraptor 2 | -------------------------------------------------------------------------------- /gui/velociraptor/package-lock.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/package-lock.json -------------------------------------------------------------------------------- /gui/velociraptor/package.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/package.json -------------------------------------------------------------------------------- /gui/velociraptor/public/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/public/favicon.ico -------------------------------------------------------------------------------- /gui/velociraptor/public/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/public/index.html -------------------------------------------------------------------------------- /gui/velociraptor/public/manifest.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/public/manifest.json -------------------------------------------------------------------------------- /gui/velociraptor/public/robots.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/public/robots.txt -------------------------------------------------------------------------------- /gui/velociraptor/src/App.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/src/App.css -------------------------------------------------------------------------------- /gui/velociraptor/src/App.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/src/App.js -------------------------------------------------------------------------------- /gui/velociraptor/src/App.test.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/src/App.test.js -------------------------------------------------------------------------------- /gui/velociraptor/src/_variables.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/src/_variables.css -------------------------------------------------------------------------------- /gui/velociraptor/src/components/clients/label-form.js: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /gui/velociraptor/src/components/notebooks/notebook-cell-renderer.css: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /gui/velociraptor/src/components/utils/clock.css: -------------------------------------------------------------------------------- 1 | .clock { 2 | 3 | } 4 | -------------------------------------------------------------------------------- /gui/velociraptor/src/components/utils/number.css: -------------------------------------------------------------------------------- 1 | .numeric { 2 | text-align: right; 3 | } 4 | -------------------------------------------------------------------------------- /gui/velociraptor/src/dark-mode.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/src/dark-mode.css -------------------------------------------------------------------------------- /gui/velociraptor/src/index.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/src/index.css -------------------------------------------------------------------------------- /gui/velociraptor/src/index.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/src/index.js -------------------------------------------------------------------------------- /gui/velociraptor/src/light-pink.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/src/light-pink.css -------------------------------------------------------------------------------- /gui/velociraptor/src/react-app-env.d.ts: -------------------------------------------------------------------------------- 1 | /// 2 | -------------------------------------------------------------------------------- /gui/velociraptor/src/serviceWorker.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/src/serviceWorker.js -------------------------------------------------------------------------------- /gui/velociraptor/src/setupProxy.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/src/setupProxy.js -------------------------------------------------------------------------------- /gui/velociraptor/src/setupTests.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/src/setupTests.js -------------------------------------------------------------------------------- /gui/velociraptor/yarn.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/gui/velociraptor/yarn.lock -------------------------------------------------------------------------------- /http_comms/comms.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/http_comms/comms.go -------------------------------------------------------------------------------- /http_comms/comms_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/http_comms/comms_test.go -------------------------------------------------------------------------------- /http_comms/doc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/http_comms/doc.go -------------------------------------------------------------------------------- /http_comms/e2e_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/http_comms/e2e_test.go -------------------------------------------------------------------------------- /http_comms/ring_buffer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/http_comms/ring_buffer.go -------------------------------------------------------------------------------- /http_comms/ring_buffer_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/http_comms/ring_buffer_test.go -------------------------------------------------------------------------------- /http_comms/sender.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/http_comms/sender.go -------------------------------------------------------------------------------- /http_comms/sender_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/http_comms/sender_test.go -------------------------------------------------------------------------------- /http_comms/test_data/client.config.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/http_comms/test_data/client.config.yaml -------------------------------------------------------------------------------- /json/debug.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/json/debug.go -------------------------------------------------------------------------------- /json/json.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/json/json.go -------------------------------------------------------------------------------- /json/proto.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/json/proto.go -------------------------------------------------------------------------------- /json/protobuf.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/json/protobuf.go -------------------------------------------------------------------------------- /json/registry.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/json/registry.go -------------------------------------------------------------------------------- /json/wrappers.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/json/wrappers.go -------------------------------------------------------------------------------- /logging/logging.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/logging/logging.go -------------------------------------------------------------------------------- /logging/logging_generic.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/logging/logging_generic.go -------------------------------------------------------------------------------- /logging/logging_windows.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/logging/logging_windows.go -------------------------------------------------------------------------------- /magefile.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/magefile.go -------------------------------------------------------------------------------- /make.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/make.go -------------------------------------------------------------------------------- /make_proto.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/make_proto.sh -------------------------------------------------------------------------------- /notifications/notifications.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/notifications/notifications.go -------------------------------------------------------------------------------- /paths/artifacts.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/artifacts.go -------------------------------------------------------------------------------- /paths/artifacts/logs.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/artifacts/logs.go -------------------------------------------------------------------------------- /paths/artifacts/paths.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/artifacts/paths.go -------------------------------------------------------------------------------- /paths/artifacts/paths_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/artifacts/paths_test.go -------------------------------------------------------------------------------- /paths/artifacts_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/artifacts_test.go -------------------------------------------------------------------------------- /paths/client.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/client.go -------------------------------------------------------------------------------- /paths/client_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/client_test.go -------------------------------------------------------------------------------- /paths/constants.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/constants.go -------------------------------------------------------------------------------- /paths/doc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/doc.go -------------------------------------------------------------------------------- /paths/flow_metadata.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/flow_metadata.go -------------------------------------------------------------------------------- /paths/flow_metadata_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/flow_metadata_test.go -------------------------------------------------------------------------------- /paths/forms.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/forms.go -------------------------------------------------------------------------------- /paths/hunt_metadata.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/hunt_metadata.go -------------------------------------------------------------------------------- /paths/hunt_metadata_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/hunt_metadata_test.go -------------------------------------------------------------------------------- /paths/index.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/index.go -------------------------------------------------------------------------------- /paths/index_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/index_test.go -------------------------------------------------------------------------------- /paths/inventory.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/inventory.go -------------------------------------------------------------------------------- /paths/notebooks.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/notebooks.go -------------------------------------------------------------------------------- /paths/notebooks_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/notebooks_test.go -------------------------------------------------------------------------------- /paths/ntfs.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/ntfs.go -------------------------------------------------------------------------------- /paths/ntfs_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/ntfs_test.go -------------------------------------------------------------------------------- /paths/paths.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/paths.go -------------------------------------------------------------------------------- /paths/paths_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/paths_test.go -------------------------------------------------------------------------------- /paths/server.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/server.go -------------------------------------------------------------------------------- /paths/timelines.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/timelines.go -------------------------------------------------------------------------------- /paths/timelines_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/timelines_test.go -------------------------------------------------------------------------------- /paths/users.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/users.go -------------------------------------------------------------------------------- /paths/users_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/users_test.go -------------------------------------------------------------------------------- /paths/utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/paths/utils.go -------------------------------------------------------------------------------- /proto/flow_metadata.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/proto/flow_metadata.pb.go -------------------------------------------------------------------------------- /proto/flow_metadata.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/proto/flow_metadata.proto -------------------------------------------------------------------------------- /proto/semantic.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/proto/semantic.pb.go -------------------------------------------------------------------------------- /proto/semantic.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/proto/semantic.proto -------------------------------------------------------------------------------- /reporting/acls.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/reporting/acls.go -------------------------------------------------------------------------------- /reporting/acls_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/reporting/acls_test.go -------------------------------------------------------------------------------- /reporting/archive.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/reporting/archive.go -------------------------------------------------------------------------------- /reporting/cell_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/reporting/cell_test.go -------------------------------------------------------------------------------- /reporting/cells.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/reporting/cells.go -------------------------------------------------------------------------------- /reporting/container.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/reporting/container.go -------------------------------------------------------------------------------- /reporting/doc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/reporting/doc.go -------------------------------------------------------------------------------- /reporting/expand.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/reporting/expand.go -------------------------------------------------------------------------------- /reporting/functions.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/reporting/functions.go -------------------------------------------------------------------------------- /reporting/gui.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/reporting/gui.go -------------------------------------------------------------------------------- /reporting/html.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/reporting/html.go -------------------------------------------------------------------------------- /reporting/notebooks.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/reporting/notebooks.go -------------------------------------------------------------------------------- /reporting/report.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/reporting/report.go -------------------------------------------------------------------------------- /reporting/table.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/reporting/table.go -------------------------------------------------------------------------------- /reporting/templates/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/reporting/templates/index.html -------------------------------------------------------------------------------- /reporting/text_expander.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/reporting/text_expander.go -------------------------------------------------------------------------------- /reporting/timelines.go: -------------------------------------------------------------------------------- 1 | package reporting 2 | -------------------------------------------------------------------------------- /reporting/vql.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/reporting/vql.go -------------------------------------------------------------------------------- /responder/pool.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/responder/pool.go -------------------------------------------------------------------------------- /responder/responder.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/responder/responder.go -------------------------------------------------------------------------------- /responder/testutils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/responder/testutils.go -------------------------------------------------------------------------------- /result_sets/api.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/result_sets/api.go -------------------------------------------------------------------------------- /result_sets/registration.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/result_sets/registration.go -------------------------------------------------------------------------------- /result_sets/simple/docs.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/result_sets/simple/docs.go -------------------------------------------------------------------------------- /result_sets/simple/simple.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/result_sets/simple/simple.go -------------------------------------------------------------------------------- /result_sets/simple/simple_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/result_sets/simple/simple_test.go -------------------------------------------------------------------------------- /result_sets/simple/sink.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/result_sets/simple/sink.go -------------------------------------------------------------------------------- /result_sets/timed/docs.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/result_sets/timed/docs.go -------------------------------------------------------------------------------- /result_sets/timed/factory.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/result_sets/timed/factory.go -------------------------------------------------------------------------------- /result_sets/timed/reader.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/result_sets/timed/reader.go -------------------------------------------------------------------------------- /result_sets/timed/reader_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/result_sets/timed/reader_test.go -------------------------------------------------------------------------------- /result_sets/timed/writer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/result_sets/timed/writer.go -------------------------------------------------------------------------------- /result_sets/timed/writer_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/result_sets/timed/writer_test.go -------------------------------------------------------------------------------- /scripts/kape_files.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/scripts/kape_files.py -------------------------------------------------------------------------------- /scripts/sync_artifact_paths.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/scripts/sync_artifact_paths.py -------------------------------------------------------------------------------- /search/clients.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/search/clients.go -------------------------------------------------------------------------------- /search/index.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/search/index.go -------------------------------------------------------------------------------- /search/index_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/search/index_test.go -------------------------------------------------------------------------------- /search/ip.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/search/ip.go -------------------------------------------------------------------------------- /search/mru.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/search/mru.go -------------------------------------------------------------------------------- /search/search.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/search/search.go -------------------------------------------------------------------------------- /search/search_chan.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/search/search_chan.go -------------------------------------------------------------------------------- /search/search_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/search/search_test.go -------------------------------------------------------------------------------- /search/simple.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/search/simple.go -------------------------------------------------------------------------------- /search/simple_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/search/simple_test.go -------------------------------------------------------------------------------- /server/comms.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/server/comms.go -------------------------------------------------------------------------------- /server/docs.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/server/docs.go -------------------------------------------------------------------------------- /server/enroll.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/server/enroll.go -------------------------------------------------------------------------------- /server/limits.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/server/limits.go -------------------------------------------------------------------------------- /server/limits_linux.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/server/limits_linux.go -------------------------------------------------------------------------------- /server/loadshed.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/server/loadshed.go -------------------------------------------------------------------------------- /server/metrics.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/server/metrics.go -------------------------------------------------------------------------------- /server/server.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/server/server.go -------------------------------------------------------------------------------- /server/server_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/server/server_test.go -------------------------------------------------------------------------------- /server/startup.go: -------------------------------------------------------------------------------- 1 | package server 2 | -------------------------------------------------------------------------------- /services/broadcast.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/broadcast.go -------------------------------------------------------------------------------- /services/broadcast/broadcast.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/broadcast/broadcast.go -------------------------------------------------------------------------------- /services/client_info.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/client_info.go -------------------------------------------------------------------------------- /services/client_info/client_info.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/client_info/client_info.go -------------------------------------------------------------------------------- /services/client_info/tasks.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/client_info/tasks.go -------------------------------------------------------------------------------- /services/client_info/tasks_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/client_info/tasks_test.go -------------------------------------------------------------------------------- /services/client_monitoring.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/client_monitoring.go -------------------------------------------------------------------------------- /services/client_monitoring/dummy.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/client_monitoring/dummy.go -------------------------------------------------------------------------------- /services/ddclient/ddclient.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/ddclient/ddclient.go -------------------------------------------------------------------------------- /services/doc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/doc.go -------------------------------------------------------------------------------- /services/frontend.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/frontend.go -------------------------------------------------------------------------------- /services/frontend/frontend.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/frontend/frontend.go -------------------------------------------------------------------------------- /services/frontend/paths.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/frontend/paths.go -------------------------------------------------------------------------------- /services/frontend/proto/frontend.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/frontend/proto/frontend.pb.go -------------------------------------------------------------------------------- /services/frontend/proto/frontend.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/frontend/proto/frontend.proto -------------------------------------------------------------------------------- /services/hunt_dispatcher.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/hunt_dispatcher.go -------------------------------------------------------------------------------- /services/hunt_manager/hunt_manager.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/hunt_manager/hunt_manager.go -------------------------------------------------------------------------------- /services/indexing.go: -------------------------------------------------------------------------------- 1 | package services 2 | -------------------------------------------------------------------------------- /services/indexing/indexing.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/indexing/indexing.go -------------------------------------------------------------------------------- /services/inventory.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/inventory.go -------------------------------------------------------------------------------- /services/inventory/dummy.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/inventory/dummy.go -------------------------------------------------------------------------------- /services/inventory/inventory.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/inventory/inventory.go -------------------------------------------------------------------------------- /services/inventory/inventory_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/inventory/inventory_test.go -------------------------------------------------------------------------------- /services/journal.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/journal.go -------------------------------------------------------------------------------- /services/journal/buffer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/journal/buffer.go -------------------------------------------------------------------------------- /services/journal/journal.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/journal/journal.go -------------------------------------------------------------------------------- /services/journal/journal_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/journal/journal_test.go -------------------------------------------------------------------------------- /services/journal/replication.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/journal/replication.go -------------------------------------------------------------------------------- /services/journal/replication_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/journal/replication_test.go -------------------------------------------------------------------------------- /services/journal/utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/journal/utils.go -------------------------------------------------------------------------------- /services/labels.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/labels.go -------------------------------------------------------------------------------- /services/labels/labels.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/labels/labels.go -------------------------------------------------------------------------------- /services/labels/labels_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/labels/labels_test.go -------------------------------------------------------------------------------- /services/launcher.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/launcher.go -------------------------------------------------------------------------------- /services/launcher/acls.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/launcher/acls.go -------------------------------------------------------------------------------- /services/launcher/artifacts_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/launcher/artifacts_test.go -------------------------------------------------------------------------------- /services/launcher/compiler.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/launcher/compiler.go -------------------------------------------------------------------------------- /services/launcher/dummy.go: -------------------------------------------------------------------------------- 1 | package launcher 2 | -------------------------------------------------------------------------------- /services/launcher/launcher.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/launcher/launcher.go -------------------------------------------------------------------------------- /services/launcher/launcher_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/launcher/launcher_test.go -------------------------------------------------------------------------------- /services/notifications.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/notifications.go -------------------------------------------------------------------------------- /services/repository.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/repository.go -------------------------------------------------------------------------------- /services/repository/files.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/repository/files.go -------------------------------------------------------------------------------- /services/repository/filestore.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/repository/filestore.go -------------------------------------------------------------------------------- /services/repository/manager.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/repository/manager.go -------------------------------------------------------------------------------- /services/repository/manager_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/repository/manager_test.go -------------------------------------------------------------------------------- /services/repository/plugin.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/repository/plugin.go -------------------------------------------------------------------------------- /services/repository/plugin_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/repository/plugin_test.go -------------------------------------------------------------------------------- /services/repository/repository.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/repository/repository.go -------------------------------------------------------------------------------- /services/repository/repository_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/repository/repository_test.go -------------------------------------------------------------------------------- /services/repository/scope.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/repository/scope.go -------------------------------------------------------------------------------- /services/sanity/index_migration.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/sanity/index_migration.go -------------------------------------------------------------------------------- /services/sanity/sanity.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/sanity/sanity.go -------------------------------------------------------------------------------- /services/sanity/sanity_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/sanity/sanity_test.go -------------------------------------------------------------------------------- /services/sanity/server_artifacts.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/sanity/server_artifacts.go -------------------------------------------------------------------------------- /services/sanity/users.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/sanity/users.go -------------------------------------------------------------------------------- /services/server_artifacts/flusher.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/server_artifacts/flusher.go -------------------------------------------------------------------------------- /services/server_monitoring.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/server_monitoring.go -------------------------------------------------------------------------------- /services/server_monitoring/logger.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/server_monitoring/logger.go -------------------------------------------------------------------------------- /services/server_monitoring/tracer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/server_monitoring/tracer.go -------------------------------------------------------------------------------- /services/services.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/services.go -------------------------------------------------------------------------------- /services/test_utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/test_utils.go -------------------------------------------------------------------------------- /services/user_notification.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/user_notification.go -------------------------------------------------------------------------------- /services/vfs_service/utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/vfs_service/utils.go -------------------------------------------------------------------------------- /services/vfs_service/vfs_service.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/services/vfs_service/vfs_service.go -------------------------------------------------------------------------------- /startup/startup.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/startup/startup.go -------------------------------------------------------------------------------- /staticcheck.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/staticcheck.conf -------------------------------------------------------------------------------- /third_party/cache/lru_cache.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/third_party/cache/lru_cache.go -------------------------------------------------------------------------------- /third_party/cache/lru_cache_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/third_party/cache/lru_cache_test.go -------------------------------------------------------------------------------- /third_party/dlopen/LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/third_party/dlopen/LICENSE -------------------------------------------------------------------------------- /third_party/dlopen/NOTICE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/third_party/dlopen/NOTICE -------------------------------------------------------------------------------- /third_party/dlopen/dlopen.go: -------------------------------------------------------------------------------- 1 | package dlopen 2 | -------------------------------------------------------------------------------- /third_party/dlopen/dlopen_example.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/third_party/dlopen/dlopen_example.go -------------------------------------------------------------------------------- /third_party/dlopen/dlopen_linux.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/third_party/dlopen/dlopen_linux.go -------------------------------------------------------------------------------- /third_party/dlopen/dlopen_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/third_party/dlopen/dlopen_test.go -------------------------------------------------------------------------------- /third_party/sdjournal/LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/third_party/sdjournal/LICENSE -------------------------------------------------------------------------------- /third_party/sdjournal/NOTICE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/third_party/sdjournal/NOTICE -------------------------------------------------------------------------------- /third_party/sdjournal/journal_linux.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/third_party/sdjournal/journal_linux.go -------------------------------------------------------------------------------- /third_party/sdjournal/no_systemd.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/third_party/sdjournal/no_systemd.go -------------------------------------------------------------------------------- /third_party/zip/README.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/third_party/zip/README.txt -------------------------------------------------------------------------------- /third_party/zip/reader.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/third_party/zip/reader.go -------------------------------------------------------------------------------- /third_party/zip/register.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/third_party/zip/register.go -------------------------------------------------------------------------------- /third_party/zip/struct.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/third_party/zip/struct.go -------------------------------------------------------------------------------- /third_party/zip/writer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/third_party/zip/writer.go -------------------------------------------------------------------------------- /timelines/proto/timelines.pb.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/timelines/proto/timelines.pb.go -------------------------------------------------------------------------------- /timelines/proto/timelines.proto: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/timelines/proto/timelines.proto -------------------------------------------------------------------------------- /timelines/reader.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/timelines/reader.go -------------------------------------------------------------------------------- /timelines/supertimeline.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/timelines/supertimeline.go -------------------------------------------------------------------------------- /timelines/timelines.go: -------------------------------------------------------------------------------- 1 | package timelines 2 | -------------------------------------------------------------------------------- /timelines/timelines_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/timelines/timelines_test.go -------------------------------------------------------------------------------- /timelines/writer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/timelines/writer.go -------------------------------------------------------------------------------- /tools/grpc-gateway.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/tools/grpc-gateway.go -------------------------------------------------------------------------------- /tools/mksyscall_windows.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/tools/mksyscall_windows.go -------------------------------------------------------------------------------- /uploads/api.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/uploads/api.go -------------------------------------------------------------------------------- /uploads/client_uploader.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/uploads/client_uploader.go -------------------------------------------------------------------------------- /uploads/client_uploader_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/uploads/client_uploader_test.go -------------------------------------------------------------------------------- /uploads/file_based.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/uploads/file_based.go -------------------------------------------------------------------------------- /uploads/file_based_nonwindows.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/uploads/file_based_nonwindows.go -------------------------------------------------------------------------------- /uploads/file_based_windows.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/uploads/file_based_windows.go -------------------------------------------------------------------------------- /uploads/ranges.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/uploads/ranges.go -------------------------------------------------------------------------------- /uploads/ranges_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/uploads/ranges_test.go -------------------------------------------------------------------------------- /users/favorites.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/users/favorites.go -------------------------------------------------------------------------------- /users/notifications.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/users/notifications.go -------------------------------------------------------------------------------- /users/users.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/users/users.go -------------------------------------------------------------------------------- /utils/clock.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/clock.go -------------------------------------------------------------------------------- /utils/completer.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/completer.go -------------------------------------------------------------------------------- /utils/compression.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/compression.go -------------------------------------------------------------------------------- /utils/concurrency.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/concurrency.go -------------------------------------------------------------------------------- /utils/copy.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/copy.go -------------------------------------------------------------------------------- /utils/counter.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/counter.go -------------------------------------------------------------------------------- /utils/debug.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/debug.go -------------------------------------------------------------------------------- /utils/dict.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/dict.go -------------------------------------------------------------------------------- /utils/dir_unix.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/dir_unix.go -------------------------------------------------------------------------------- /utils/endian.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/endian.go -------------------------------------------------------------------------------- /utils/file.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/file.go -------------------------------------------------------------------------------- /utils/file_unix.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/file_unix.go -------------------------------------------------------------------------------- /utils/file_windows.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/file_windows.go -------------------------------------------------------------------------------- /utils/fixtures/TestSanitize.golden: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/fixtures/TestSanitize.golden -------------------------------------------------------------------------------- /utils/json.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/json.go -------------------------------------------------------------------------------- /utils/nil.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/nil.go -------------------------------------------------------------------------------- /utils/panic.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/panic.go -------------------------------------------------------------------------------- /utils/path.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/path.go -------------------------------------------------------------------------------- /utils/path_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/path_test.go -------------------------------------------------------------------------------- /utils/progress.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/progress.go -------------------------------------------------------------------------------- /utils/prometheus.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/prometheus.go -------------------------------------------------------------------------------- /utils/proxy.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/proxy.go -------------------------------------------------------------------------------- /utils/readers.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/readers.go -------------------------------------------------------------------------------- /utils/readers_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/readers_test.go -------------------------------------------------------------------------------- /utils/regexp.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/regexp.go -------------------------------------------------------------------------------- /utils/retry.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/retry.go -------------------------------------------------------------------------------- /utils/sanitize.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/sanitize.go -------------------------------------------------------------------------------- /utils/sanitize_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/sanitize_test.go -------------------------------------------------------------------------------- /utils/semver.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/semver.go -------------------------------------------------------------------------------- /utils/stub.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/stub.go -------------------------------------------------------------------------------- /utils/throttler.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/throttler.go -------------------------------------------------------------------------------- /utils/time.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/time.go -------------------------------------------------------------------------------- /utils/urls.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/urls.go -------------------------------------------------------------------------------- /utils/utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/utils.go -------------------------------------------------------------------------------- /utils/writers.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/utils/writers.go -------------------------------------------------------------------------------- /vql/acls.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/acls.go -------------------------------------------------------------------------------- /vql/common/batch.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/common/batch.go -------------------------------------------------------------------------------- /vql/common/cache.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/common/cache.go -------------------------------------------------------------------------------- /vql/common/chain.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/common/chain.go -------------------------------------------------------------------------------- /vql/common/clock.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/common/clock.go -------------------------------------------------------------------------------- /vql/common/columns.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/common/columns.go -------------------------------------------------------------------------------- /vql/common/diff.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/common/diff.go -------------------------------------------------------------------------------- /vql/common/env.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/common/env.go -------------------------------------------------------------------------------- /vql/common/fifo.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/common/fifo.go -------------------------------------------------------------------------------- /vql/common/for.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/common/for.go -------------------------------------------------------------------------------- /vql/common/items.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/common/items.go -------------------------------------------------------------------------------- /vql/common/mail.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/common/mail.go -------------------------------------------------------------------------------- /vql/common/sampler.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/common/sampler.go -------------------------------------------------------------------------------- /vql/common/sequence.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/common/sequence.go -------------------------------------------------------------------------------- /vql/common/shell.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/common/shell.go -------------------------------------------------------------------------------- /vql/common/switch.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/common/switch.go -------------------------------------------------------------------------------- /vql/common/yara.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/common/yara.go -------------------------------------------------------------------------------- /vql/filesystem/copy.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/filesystem/copy.go -------------------------------------------------------------------------------- /vql/filesystem/filesystem.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/filesystem/filesystem.go -------------------------------------------------------------------------------- /vql/filesystem/filesystems.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/filesystem/filesystems.go -------------------------------------------------------------------------------- /vql/filesystem/grep.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/filesystem/grep.go -------------------------------------------------------------------------------- /vql/filesystem/gzip.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/filesystem/gzip.go -------------------------------------------------------------------------------- /vql/filesystem/me.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/filesystem/me.go -------------------------------------------------------------------------------- /vql/filesystem/pathspec.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/filesystem/pathspec.go -------------------------------------------------------------------------------- /vql/filesystem/raw_registry.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/filesystem/raw_registry.go -------------------------------------------------------------------------------- /vql/filesystem/rm.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/filesystem/rm.go -------------------------------------------------------------------------------- /vql/filesystem/scope.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/filesystem/scope.go -------------------------------------------------------------------------------- /vql/filesystem/sparse.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/filesystem/sparse.go -------------------------------------------------------------------------------- /vql/filesystem/tempfile.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/filesystem/tempfile.go -------------------------------------------------------------------------------- /vql/filesystem/zip.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/filesystem/zip.go -------------------------------------------------------------------------------- /vql/filesystem/zip_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/filesystem/zip_test.go -------------------------------------------------------------------------------- /vql/filesystem/zip_windows.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/filesystem/zip_windows.go -------------------------------------------------------------------------------- /vql/functions/chattr_linux.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/chattr_linux.go -------------------------------------------------------------------------------- /vql/functions/commandline.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/commandline.go -------------------------------------------------------------------------------- /vql/functions/dict.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/dict.go -------------------------------------------------------------------------------- /vql/functions/encode.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/encode.go -------------------------------------------------------------------------------- /vql/functions/expand.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/expand.go -------------------------------------------------------------------------------- /vql/functions/format.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/format.go -------------------------------------------------------------------------------- /vql/functions/functions.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/functions.go -------------------------------------------------------------------------------- /vql/functions/hash.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/hash.go -------------------------------------------------------------------------------- /vql/functions/humanize.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/humanize.go -------------------------------------------------------------------------------- /vql/functions/ints.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/ints.go -------------------------------------------------------------------------------- /vql/functions/lists.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/lists.go -------------------------------------------------------------------------------- /vql/functions/log.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/log.go -------------------------------------------------------------------------------- /vql/functions/networks.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/networks.go -------------------------------------------------------------------------------- /vql/functions/patch.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/patch.go -------------------------------------------------------------------------------- /vql/functions/paths.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/paths.go -------------------------------------------------------------------------------- /vql/functions/pid.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/pid.go -------------------------------------------------------------------------------- /vql/functions/rc4.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/rc4.go -------------------------------------------------------------------------------- /vql/functions/rot13.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/rot13.go -------------------------------------------------------------------------------- /vql/functions/sleep.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/sleep.go -------------------------------------------------------------------------------- /vql/functions/strings.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/strings.go -------------------------------------------------------------------------------- /vql/functions/time.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/time.go -------------------------------------------------------------------------------- /vql/functions/unhex.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/unhex.go -------------------------------------------------------------------------------- /vql/functions/url.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/url.go -------------------------------------------------------------------------------- /vql/functions/uuid.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/uuid.go -------------------------------------------------------------------------------- /vql/functions/xor.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/functions/xor.go -------------------------------------------------------------------------------- /vql/golang/generators.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/golang/generators.go -------------------------------------------------------------------------------- /vql/golang/pipe.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/golang/pipe.go -------------------------------------------------------------------------------- /vql/golang/profile.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/golang/profile.go -------------------------------------------------------------------------------- /vql/info.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/info.go -------------------------------------------------------------------------------- /vql/is_admin.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/is_admin.go -------------------------------------------------------------------------------- /vql/is_admin_windows.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/is_admin_windows.go -------------------------------------------------------------------------------- /vql/json.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/json.go -------------------------------------------------------------------------------- /vql/linux/audit.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/linux/audit.go -------------------------------------------------------------------------------- /vql/linux/connections.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/linux/connections.go -------------------------------------------------------------------------------- /vql/linux/process_address_space.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/linux/process_address_space.go -------------------------------------------------------------------------------- /vql/networking/cidrmatch.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/networking/cidrmatch.go -------------------------------------------------------------------------------- /vql/networking/http_client.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/networking/http_client.go -------------------------------------------------------------------------------- /vql/networking/netcat.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/networking/netcat.go -------------------------------------------------------------------------------- /vql/networking/network.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/networking/network.go -------------------------------------------------------------------------------- /vql/networking/upload.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/networking/upload.go -------------------------------------------------------------------------------- /vql/parsers/appcache.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/appcache.go -------------------------------------------------------------------------------- /vql/parsers/authenticode/cat.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/authenticode/cat.go -------------------------------------------------------------------------------- /vql/parsers/authenticode/compat.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/authenticode/compat.go -------------------------------------------------------------------------------- /vql/parsers/authenticode/doc.go: -------------------------------------------------------------------------------- 1 | package authenticode 2 | -------------------------------------------------------------------------------- /vql/parsers/authenticode/pefile.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/authenticode/pefile.go -------------------------------------------------------------------------------- /vql/parsers/binary.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/binary.go -------------------------------------------------------------------------------- /vql/parsers/crypto/bigint.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/crypto/bigint.go -------------------------------------------------------------------------------- /vql/parsers/crypto/pkcs7.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/crypto/pkcs7.go -------------------------------------------------------------------------------- /vql/parsers/csv/csv.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/csv/csv.go -------------------------------------------------------------------------------- /vql/parsers/csv/csv_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/csv/csv_test.go -------------------------------------------------------------------------------- /vql/parsers/csv/watcher.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/csv/watcher.go -------------------------------------------------------------------------------- /vql/parsers/ese/conversion.spec.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/ese/conversion.spec.yaml -------------------------------------------------------------------------------- /vql/parsers/ese/ese.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/ese/ese.go -------------------------------------------------------------------------------- /vql/parsers/ese/profile_gen.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/ese/profile_gen.go -------------------------------------------------------------------------------- /vql/parsers/ese/sid.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/ese/sid.go -------------------------------------------------------------------------------- /vql/parsers/ese/vtype_profile.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/ese/vtype_profile.json -------------------------------------------------------------------------------- /vql/parsers/event_logs/evtx.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/event_logs/evtx.go -------------------------------------------------------------------------------- /vql/parsers/event_logs/watcher.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/event_logs/watcher.go -------------------------------------------------------------------------------- /vql/parsers/fixtures/TestSQLite.golden: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/fixtures/TestSQLite.golden -------------------------------------------------------------------------------- /vql/parsers/grok.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/grok.go -------------------------------------------------------------------------------- /vql/parsers/json.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/json.go -------------------------------------------------------------------------------- /vql/parsers/ntfs.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/ntfs.go -------------------------------------------------------------------------------- /vql/parsers/ole.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/ole.go -------------------------------------------------------------------------------- /vql/parsers/parsers_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/parsers_test.go -------------------------------------------------------------------------------- /vql/parsers/pe.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/pe.go -------------------------------------------------------------------------------- /vql/parsers/plist.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/plist.go -------------------------------------------------------------------------------- /vql/parsers/prefetch.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/prefetch.go -------------------------------------------------------------------------------- /vql/parsers/recyclebin.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/recyclebin.go -------------------------------------------------------------------------------- /vql/parsers/recyclebin/profile_gen.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/recyclebin/profile_gen.go -------------------------------------------------------------------------------- /vql/parsers/regexparser.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/regexparser.go -------------------------------------------------------------------------------- /vql/parsers/sdjournal/no_systemd.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/sdjournal/no_systemd.go -------------------------------------------------------------------------------- /vql/parsers/sdjournal/scanner_linux.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/sdjournal/scanner_linux.go -------------------------------------------------------------------------------- /vql/parsers/sdjournal/watcher_linux.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/sdjournal/watcher_linux.go -------------------------------------------------------------------------------- /vql/parsers/splitparser.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/splitparser.go -------------------------------------------------------------------------------- /vql/parsers/sql.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/sql.go -------------------------------------------------------------------------------- /vql/parsers/sqlite.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/sqlite.go -------------------------------------------------------------------------------- /vql/parsers/sqlite_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/sqlite_test.go -------------------------------------------------------------------------------- /vql/parsers/sqlite_windows.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/sqlite_windows.go -------------------------------------------------------------------------------- /vql/parsers/syslog/auditd.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/syslog/auditd.go -------------------------------------------------------------------------------- /vql/parsers/syslog/scanner.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/syslog/scanner.go -------------------------------------------------------------------------------- /vql/parsers/syslog/watcher.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/syslog/watcher.go -------------------------------------------------------------------------------- /vql/parsers/usn/usn.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/usn/usn.go -------------------------------------------------------------------------------- /vql/parsers/usn/watcher.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/usn/watcher.go -------------------------------------------------------------------------------- /vql/parsers/xml.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/xml.go -------------------------------------------------------------------------------- /vql/parsers/yaml.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/parsers/yaml.go -------------------------------------------------------------------------------- /vql/process.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/process.go -------------------------------------------------------------------------------- /vql/protocols.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/protocols.go -------------------------------------------------------------------------------- /vql/protocols/lazy.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/protocols/lazy.go -------------------------------------------------------------------------------- /vql/readers/ntfs.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/readers/ntfs.go -------------------------------------------------------------------------------- /vql/readers/paged.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/readers/paged.go -------------------------------------------------------------------------------- /vql/readers/paged_reader_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/readers/paged_reader_test.go -------------------------------------------------------------------------------- /vql/scope.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/scope.go -------------------------------------------------------------------------------- /vql/server/artifacts.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/artifacts.go -------------------------------------------------------------------------------- /vql/server/clients/clients.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/clients/clients.go -------------------------------------------------------------------------------- /vql/server/clients/delete.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/clients/delete.go -------------------------------------------------------------------------------- /vql/server/clients/delete_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/clients/delete_test.go -------------------------------------------------------------------------------- /vql/server/clients/metadata.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/clients/metadata.go -------------------------------------------------------------------------------- /vql/server/compress.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/compress.go -------------------------------------------------------------------------------- /vql/server/downloads/downloads.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/downloads/downloads.go -------------------------------------------------------------------------------- /vql/server/downloads/reporting.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/downloads/reporting.go -------------------------------------------------------------------------------- /vql/server/elastic.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/elastic.go -------------------------------------------------------------------------------- /vql/server/events.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/events.go -------------------------------------------------------------------------------- /vql/server/favorites/create.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/favorites/create.go -------------------------------------------------------------------------------- /vql/server/favorites/delete.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/favorites/delete.go -------------------------------------------------------------------------------- /vql/server/file_store.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/file_store.go -------------------------------------------------------------------------------- /vql/server/flows/flow_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/flows/flow_test.go -------------------------------------------------------------------------------- /vql/server/flows/flows.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/flows/flows.go -------------------------------------------------------------------------------- /vql/server/flows/monitoring.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/flows/monitoring.go -------------------------------------------------------------------------------- /vql/server/flows/parallel.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/flows/parallel.go -------------------------------------------------------------------------------- /vql/server/flows/parallel_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/flows/parallel_test.go -------------------------------------------------------------------------------- /vql/server/flows/results.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/flows/results.go -------------------------------------------------------------------------------- /vql/server/flows/uploads.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/flows/uploads.go -------------------------------------------------------------------------------- /vql/server/hunts/create.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/hunts/create.go -------------------------------------------------------------------------------- /vql/server/hunts/delete.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/hunts/delete.go -------------------------------------------------------------------------------- /vql/server/hunts/hunts.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/hunts/hunts.go -------------------------------------------------------------------------------- /vql/server/inventory.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/inventory.go -------------------------------------------------------------------------------- /vql/server/kill.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/kill.go -------------------------------------------------------------------------------- /vql/server/labels.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/labels.go -------------------------------------------------------------------------------- /vql/server/monitoring/rm_monitoring.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/monitoring/rm_monitoring.go -------------------------------------------------------------------------------- /vql/server/notebooks/delete.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/notebooks/delete.go -------------------------------------------------------------------------------- /vql/server/repository.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/repository.go -------------------------------------------------------------------------------- /vql/server/splunk.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/splunk.go -------------------------------------------------------------------------------- /vql/server/stats.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/stats.go -------------------------------------------------------------------------------- /vql/server/timelines/create.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/timelines/create.go -------------------------------------------------------------------------------- /vql/server/timelines/reader.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/timelines/reader.go -------------------------------------------------------------------------------- /vql/server/users/create.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/users/create.go -------------------------------------------------------------------------------- /vql/server/users/delete.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/users/delete.go -------------------------------------------------------------------------------- /vql/server/users/users.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/users/users.go -------------------------------------------------------------------------------- /vql/server/whoami.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/server/whoami.go -------------------------------------------------------------------------------- /vql/sorter/mergesort.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/sorter/mergesort.go -------------------------------------------------------------------------------- /vql/sorter/mergesort_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/sorter/mergesort_test.go -------------------------------------------------------------------------------- /vql/sorter/testdata/newDataFile.golden: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/sorter/testdata/newDataFile.golden -------------------------------------------------------------------------------- /vql/tools/artifacts.go: -------------------------------------------------------------------------------- 1 | package tools 2 | -------------------------------------------------------------------------------- /vql/tools/atexit.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/atexit.go -------------------------------------------------------------------------------- /vql/tools/collector.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/collector.go -------------------------------------------------------------------------------- /vql/tools/collector_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/collector_test.go -------------------------------------------------------------------------------- /vql/tools/fixtures/TestStarlark.golden: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/fixtures/TestStarlark.golden -------------------------------------------------------------------------------- /vql/tools/fixtures/import.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/fixtures/import.zip -------------------------------------------------------------------------------- /vql/tools/gcs_pubsub_publish.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/gcs_pubsub_publish.go -------------------------------------------------------------------------------- /vql/tools/gcs_upload.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/gcs_upload.go -------------------------------------------------------------------------------- /vql/tools/geoip.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/geoip.go -------------------------------------------------------------------------------- /vql/tools/import.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/import.go -------------------------------------------------------------------------------- /vql/tools/import_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/import_test.go -------------------------------------------------------------------------------- /vql/tools/js.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/js.go -------------------------------------------------------------------------------- /vql/tools/magic.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/magic.go -------------------------------------------------------------------------------- /vql/tools/mocker.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/mocker.go -------------------------------------------------------------------------------- /vql/tools/query.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/query.go -------------------------------------------------------------------------------- /vql/tools/reporting.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/reporting.go -------------------------------------------------------------------------------- /vql/tools/reporting_client.go: -------------------------------------------------------------------------------- 1 | // +build !server_vql 2 | 3 | package tools 4 | -------------------------------------------------------------------------------- /vql/tools/s3_upload.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/s3_upload.go -------------------------------------------------------------------------------- /vql/tools/sftp_upload.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/sftp_upload.go -------------------------------------------------------------------------------- /vql/tools/starlark.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/starlark.go -------------------------------------------------------------------------------- /vql/tools/starlark_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/starlark_test.go -------------------------------------------------------------------------------- /vql/tools/unzip.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/unzip.go -------------------------------------------------------------------------------- /vql/tools/webdav_upload.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/tools/webdav_upload.go -------------------------------------------------------------------------------- /vql/utils.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/utils.go -------------------------------------------------------------------------------- /vql/vql.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/vql.go -------------------------------------------------------------------------------- /vql/windows/aliases.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/aliases.go -------------------------------------------------------------------------------- /vql/windows/amsi.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/amsi.go -------------------------------------------------------------------------------- /vql/windows/crypto.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/crypto.c -------------------------------------------------------------------------------- /vql/windows/crypto.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/crypto.go -------------------------------------------------------------------------------- /vql/windows/doc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/doc.go -------------------------------------------------------------------------------- /vql/windows/etw/doc.go: -------------------------------------------------------------------------------- 1 | package etw 2 | -------------------------------------------------------------------------------- /vql/windows/etw/watch.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/etw/watch.go -------------------------------------------------------------------------------- /vql/windows/filesystems/adapter.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/filesystems/adapter.go -------------------------------------------------------------------------------- /vql/windows/filesystems/doc.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/filesystems/doc.go -------------------------------------------------------------------------------- /vql/windows/filesystems/mft_windows.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/filesystems/mft_windows.go -------------------------------------------------------------------------------- /vql/windows/filesystems/ntfs_cache.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/filesystems/ntfs_cache.go -------------------------------------------------------------------------------- /vql/windows/filesystems/os_windows.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/filesystems/os_windows.go -------------------------------------------------------------------------------- /vql/windows/gen.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/gen.go -------------------------------------------------------------------------------- /vql/windows/network.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/network.go -------------------------------------------------------------------------------- /vql/windows/process/common.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/process/common.go -------------------------------------------------------------------------------- /vql/windows/process/dump.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/process/dump.c -------------------------------------------------------------------------------- /vql/windows/process/dump.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/process/dump.go -------------------------------------------------------------------------------- /vql/windows/process/handles.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/process/handles.go -------------------------------------------------------------------------------- /vql/windows/process/sedebug.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/process/sedebug.go -------------------------------------------------------------------------------- /vql/windows/process/token.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/process/token.go -------------------------------------------------------------------------------- /vql/windows/process/vad.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/process/vad.go -------------------------------------------------------------------------------- /vql/windows/process/vad_32.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/process/vad_32.go -------------------------------------------------------------------------------- /vql/windows/process/winobj.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/process/winobj.go -------------------------------------------------------------------------------- /vql/windows/processes.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/processes.go -------------------------------------------------------------------------------- /vql/windows/registry/registry.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/registry/registry.go -------------------------------------------------------------------------------- /vql/windows/registry/write.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/registry/write.go -------------------------------------------------------------------------------- /vql/windows/status.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/status.go -------------------------------------------------------------------------------- /vql/windows/users.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/users.go -------------------------------------------------------------------------------- /vql/windows/win32_windows.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/win32_windows.go -------------------------------------------------------------------------------- /vql/windows/win32_windows_32.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/win32_windows_32.go -------------------------------------------------------------------------------- /vql/windows/wmi/events.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/wmi/events.c -------------------------------------------------------------------------------- /vql/windows/wmi/events.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/wmi/events.go -------------------------------------------------------------------------------- /vql/windows/wmi/parse/parse.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/wmi/parse/parse.go -------------------------------------------------------------------------------- /vql/windows/wmi/parse/parse_test.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/wmi/parse/parse_test.go -------------------------------------------------------------------------------- /vql/windows/wmi/wmi.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/wmi/wmi.go -------------------------------------------------------------------------------- /vql/windows/zwin32_windows_386.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/zwin32_windows_386.go -------------------------------------------------------------------------------- /vql/windows/zwin32_windows_amd64.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql/windows/zwin32_windows_amd64.go -------------------------------------------------------------------------------- /vql_plugins/plugins.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql_plugins/plugins.go -------------------------------------------------------------------------------- /vql_plugins/plugins_linux.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql_plugins/plugins_linux.go -------------------------------------------------------------------------------- /vql_plugins/plugins_windows.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql_plugins/plugins_windows.go -------------------------------------------------------------------------------- /vql_plugins/result_sets.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql_plugins/result_sets.go -------------------------------------------------------------------------------- /vql_plugins/server.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vql_plugins/server.go -------------------------------------------------------------------------------- /vtesting/assert/wrapper.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vtesting/assert/wrapper.go -------------------------------------------------------------------------------- /vtesting/config.go: -------------------------------------------------------------------------------- 1 | package vtesting 2 | -------------------------------------------------------------------------------- /vtesting/file_info.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vtesting/file_info.go -------------------------------------------------------------------------------- /vtesting/helpers.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vtesting/helpers.go -------------------------------------------------------------------------------- /vtesting/metrics.go: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SUSE/linux-security-sensor/HEAD/vtesting/metrics.go --------------------------------------------------------------------------------