v1.11.0
What's Changed
- New detectors based on JokerSpy research by @tstromberg in #286
- New detectors: excessive Google Drive exports by @tstromberg in #269
- Improve detection for bpfdoor and similar backdoors. by @tstromberg in #262
- Query tuning for Geacon detection and reduced CPU usage by @tstromberg in #264
- incident_response: Improve macOS coverage by @tstromberg in #258
- Collect recent file events by @tstromberg in #259
- hidden home config: Add ~/.config/.* to search criteria by @tstromberg in #273
- minimal socket client: speed query up by @tstromberg in #276
- The usual mess of false-positive reductions.
Full Changelog: v1.10.0...v1.11.0
Contributors
tstromberg