Releases: chainguard-dev/malcontent
Releases · chainguard-dev/malcontent
v0.4.1
Contributors
tstromberg
Assets 2
v0.4.0
What's Changed
- Rule description improvements for consistency by @tstromberg in #29
- Increase /dev/shm suspicion, more proclist rules by @tstromberg in #30
- Improve fake process name detection by @tstromberg in #31
- Improve identification of shell scripts by @tstromberg in #32
- Stream table rendering, widen values column by @tstromberg in #33
- Tune query results against Wolfi by @tstromberg in #34
- Improve rules from FreeDownloadManager analysis by @tstromberg in #35
- Improve rules from Godzilla webshell analysis by @tstromberg in #36
- Colorize risk levels in table output by @tstromberg in #37
- Show rule name for base64/xor content by @tstromberg in #38
- table output: separate matching values with newlines by @tstromberg in #39
- Improve rules from Platypus/Termite inspection by @tstromberg in #40
- Improve rules from Stealthworker inspection by @tstromberg in #41
- Improve PHP/Python/NodeJS rules through BSKC analysis by @tstromberg in #42
Full Changelog: v0.3.0...v0.4.0
Contributors
tstromberg
Assets 2
v0.3.0
What's Changed
- Improve SSH worm detection by @tstromberg in #17
- Add rules for tools within D3m0n1z3dShell by @tstromberg in #18
- Improve detection for Hugging AI backdoor & ChinaZ_Managers by @tstromberg in #19
- Rename --only-programs to include-data-files by @tstromberg in #20
- Improve rule description output for samples by @tstromberg in #21
- Improve table presentation, add generic rules by @tstromberg in #22
- Update out-of-date README.md by @tstromberg in #23
- Add RuleLicense to JSON output by @tstromberg in #24
- Upgrade Yara FORGE data to 20240303 by @tstromberg in #25
- Omit empty fields from JSON/YAML output by @tstromberg in #26
Full Changelog: v0.2.0...v0.3.0
Contributors
tstromberg
Assets 2
v0.2.0
What's Changed
- Port remaining rules from yara-defense-kit by @tstromberg in #3
- Return an error for nonexistent scan paths by @tstromberg in #4
- Make all combo/ rules a minimum of notable by @tstromberg in #5
- Use rule name for descriptions, limit key length by @tstromberg in #6
- Add --omit-empty flag, force-wrap output strings by @tstromberg in #7
- Simplify existing rules by @tstromberg in #8
- rules: Tune down false positives by @tstromberg in #9
- Add --only-programs flag by @tstromberg in #10
- Add hostinfo_collector rule by @tstromberg in #11
New Contributors
- @tstromberg made their first contribution in #3
Full Changelog: v0.1.0...v0.2.0
Contributors
tstromberg
Assets 2
v0.1.0
Oh hey, it's the first release! Recent enhancements:
- Recursive directory walking
- YARA Forge support
Full Changelog: https://github.com/chainguard-dev/bincapz/commits/v0.1.0