Excalibur

Excalibur is inspired from Doorman which is an osquery fleet manager that allows administrators to remotely manage the osquery configurations retrieved by nodes.

The aim is simple for now. Harness the power of osquery and perform Malware analysis using third party API (Virus Total etc.)

Technology Stack

1. OsQuery
2. Kafka
3. Mojolicious Web Framwork (Perl)
4. PostgreSQL or any NoSQL - Database
5. Microsoft Teams/ Slack API for notification
6. OpenAPI/ Swagger
7. React.js/Vue.js for UI

Other inspiration

https://www.uptycs.com/blog/deploying-osquery-at-scale-a-comprehensive-list-of-open-source-tools https://holdmybeersecurity.com/2019/04/25/detecting-malicious-downloads-with-osquery-rsyslog-kafka-python3-and-virustotal/