fibratus

fibratus copied to clipboard

Bumps [github.com/spf13/viper](https://github.com/spf13/viper) from 1.6.2 to 1.18.2. Release notes Sourced from github.com/spf13/viper's releases. v1.18.2 tl;dr Skip 1.18.0 and 1.18.1 and upgrade to this version instead. This release fixes a regression that...

dependabot[bot]

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.1.0 to 0.17.0. Commits 9d2ee97 ssh: implement strict KEX protocol changes 4e5a261 ssh: close net.Conn on all NewServerConn errors 152cdb1 x509roots/fallback: update bundle fdfe1f8 ssh: defer channel...

dependabot[bot]

Missed UTF-8 codepoints marshalling in writeStringSlowPath?

1

While parsing some fibratus _http output_, I noticed that in the raw UTF-8 there were some unexpected sequences, for example `0x30` followed by a `0x90`. I never used Go, but...

mnznndr97

Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.4.1 to 1.9.3. Release notes Sourced from github.com/sirupsen/logrus's releases. v1.9.3 Fix a potential denial of service vulnerability in logrus.Writer() that could be triggered by logging text longer...

dependabot[bot]

Bumps [github.com/Microsoft/go-winio](https://github.com/Microsoft/go-winio) from 0.4.14 to 0.6.1. Release notes Sourced from github.com/Microsoft/go-winio's releases. v0.6.1 What's Changed Soften linter by @​helsaawy in microsoft/go-winio#264 Bump linter, remove structcheck, ignore unhandled_errors by @​helsaawy in...

dependabot[bot]

Bumps gopkg.in/yaml.v3 from 3.0.0-20210107192922-496545a6307b to 3.0.1. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands...

dependabot[bot]

### Description Token information class supplied to the `GetTokenInformation` API calls permits consulting the process token impersonation details. More specifically, `TokenType` class indicates if the token is the primary/impersonated token....

rabbitstack

Obtain process token integrity level

5

Greetings, thank you for your awesome sensor. can you extend the `Process` event to have the `integrity levels for the `parent and child process`?

dfirence

The installer set incorrectly the location of fibratus.yml

1

I've installed Fibratus in a custom folder (ex "d:\software\fibratus"))but at runtime the configuration file fibratus.yml was searched at "c:\program files\fibratus\config" instead of "d:\software\fibratus\config"

jrcribb

### Description To get the list of privileges held by the process, we can use the `GetTokenInformation` API passing the `TokenPrivileges` token information class. After the list of available privileges...

rabbitstack