-
Notifications
You must be signed in to change notification settings - Fork 393
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #657 from aquasecurity/docs-small-fixes
Small fixes for documentation
- Loading branch information
Showing
17 changed files
with
27 additions
and
24 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,3 @@ | ||
# Configuration Options | ||
|
||
Rules are discovered from the local `rules` directory (unless changed by the `--rules-dir` flag). By default, all discovered rules will be loaded unless specific rules are selected using the `--rules` flag. | ||
By default, rules are discovered from the `rules` directory next to the `tracee-rules` executable binary (you can specify a different location with the `--rules-dir` flag). By default, all discovered rules will be loaded unless specific rules are selected using the `--rules` flag. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,13 +1,15 @@ | ||
# Available Rules | ||
|
||
To view the list of available rules, run Tracee with the `--list` flag. | ||
|
||
We are currently working on creating a library of behavioral signature detections. Currently, the following are available: | ||
|
||
Name | Description | Tags | ||
--- | --- | --- | | ||
| Name | Description | Tags | ||
| --- | --- | --- | | ||
Standard Input/Output Over Socket | Redirection of process's standard input/output to socket | "linux", "container" | ||
Anti-Debugging | Process uses anti-debugging technique to block debugger | "linux", "container" | ||
Code injection | Possible code injection into another process | "linux", "container" | ||
Dynamic Code Loading | Writing to executable allocated memory region | "linux", "container" | ||
Fileless Execution | Executing a precess from memory, without a file in the disk | "linux", "container" | ||
Fileless Execution | Executing a process from memory, without a file in the disk | "linux", "container" | ||
kernel module loading | Attempt to load a kernel module detection | "linux", "container" | ||
LD_PRELOAD | Usage of LD_PRELOAD to allow hooks on process | "linux", "container" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters