mirror of
https://github.com/falcosecurity/falco.git
synced 2025-07-16 07:47:00 +00:00
rule(list network_tool_binaries): add zmap to the list
Signed-off-by: kaizhe <derek0405@gmail.com>
This commit is contained in:
kaizhe
poiana
parent
c5ba95deff
commit
e29a4c8560
@ -2342,7 +2342,7 @@
|
|||||||
tags: [network, k8s, container, mitre_port_knocking]
|
tags: [network, k8s, container, mitre_port_knocking]
|
||||||
|
|
||||||
- list: network_tool_binaries
|
- list: network_tool_binaries
|
||||||
items: [nc, ncat, nmap, dig, tcpdump, tshark, ngrep, telnet, mitmproxy, socat]
|
items: [nc, ncat, nmap, dig, tcpdump, tshark, ngrep, telnet, mitmproxy, socat, zmap]
|
||||||
|
|
||||||
- macro: network_tool_procs
|
- macro: network_tool_procs
|
||||||
condition: (proc.name in (network_tool_binaries))
|
condition: (proc.name in (network_tool_binaries))
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user