Awesome Osquery
Curated List of osquery resources.
Downloads
Blogs and Articles
Official Documentation
Starter Guide
- How to monitor your System Security with osquery - Digitalocean - link
- Server Endpoint Security with osquery - Alibaba Cloud - link
- Osquery For Security Part 1 - link
- Osquery For Security Part 2 - link
- Osquery across the enterprise - link
- Install/Setup Doorman + Osquery on Windows, MAC OSX and Linux Deployment. - link
ELK
Remote Forensics & Threat Hunting
- Using osquery for remote forensics - TrailofBits- link
- Introduction to osquery for Threat Detection and DFIR - Rapid7 - link
- Threat Hunting with Kolide and osquery - link
Malware Analysis
- Malware Analysis using Osquery | Part 1 - link
- Malware Analysis using Osquery | Part 2 - link
- Malware Analysis using Osquery | Part 2 - link
- MAC Malware Analysis using Osquery - Uptycs - link
- Malware Hunting made easy with osquery and extensions link
- Detecting Malicious downloads with osquery, rsyslog, kafka, python3 and virustotal. - link
MITRE ATT&CK
- ATT&CK+osquery = love
- Hardening defenses with MITRE ATT&CK and osquery: Lessons from Singapore Health Breach
Other
- Manage Santa within osquery - TrailofBits - link
- Anomaly detection using osquery - Facebook - link
- Logging Osquery with rsyslog - link
- Deploying osquery at scale - Uptycs - link
- Building and effective EDR with osquery link
- Adobe's Hubble and Osquery - link
- How are teams currently using osquery -link
- Osquery Cheat Sheet – Process Interrogation & Persistence Techniques - link
Courseware
Repository
- A repository for using osquery for incident detection and response. osquery-configuration
- Python Binding for osquery osquery-python
- Go Binding for osquery osquery-go
- Mapping the MITRE ATT&CK Matrix with Osquery osquery-attck