manu
@ion-storm you are absolutely correct in pointing out that we don't directly store authenticode signature. The reason being how we receive these events via process and image load callbacks and...
can you pls try with osquery ver 3.2.6 which is the supported version ? https://osquery.io/downloads/official/3.2.6 I noticed this from your logs that you seem to be using 3.3.2 which is...
I was able to resolve this issue and have commited it to my branch and requested for a pull request. In the meantime if someone needs please use this change...
I tried it on Ubuntu 12.10 VM, the bug was more on logical part during the parsing of the directory server listing returned by (URL: http://128.31.0.34:9031/tor/status/all ) , rather than...
First of all apologies for not being able to follow up on this lately. Regarding the BT5R3 and x64 issue. I managed to get it compiled there as well. Here...
The problem still seems to be present with latest 16.10.4. Some header is including chrono which is pulling in dynamic initializer that is incompatible with kernel. ``` Dump of file...
``` 1>Note: including file: J:\dev\hypervisor\hvpp\src\hvpp\hvpp\ia32\arch/**xsave.h** Note: including file: C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.29.30037\include\cinttypes 1>Note: including file: C:\Program Files (x86)\Windows Kits\10\Include\10.0.19041.0\ucrt\inttypes.h 1>Note: including file: C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\VC\Tools\MSVC\14.29.30037\include\numeric 1>Note: including...
> @manurautela you build it success ? No, it fails with the above mentioned LNK4210. But if you disable the linker warning "**4210**" it links properly and generates .sys file....
> 3\. /WX- @ansnapx Instead of **/WX-** using **/IGNORE:warning[,warning]** would be better option. Mentioned in issue #45 . This would disable specific linker warning instead of all. https://docs.microsoft.com/en-us/cpp/build/reference/ignore-ignore-specific-warnings?view=msvc-160 @warchiefmarkus On...