osquery/osquery

how to add vulscan or passitiveDetect for osquery

Opened this issue 6 months ago · 0 comments

xx-zhang commented 6 months ago

Feature request

What new feature do you want?

we can detect port:80 log4j attack(CVE-2021-44228) [socket attack]
we can detect port:80 service fingerprint is nginx-1.12.0 / tomcat8 [passitive detect]

How is this new feature useful?

we can know more info about the security of my host.

How can this be implemented?

how can i impove this idea with osqeury-ext and which way is recomended ?