osquery

There are 23 repositories under osquery topic.

xxh
xxh / xxh
🚀 Bring your favorite shell wherever you go through the ssh. Xonsh shell, fish, zsh, osquery and so on.
shell ssh xxh linux zsh fish xonsh bash osquery devops openssh ohmybash ohmyzsh ohmyfish powerlevel9k powerlevel10k awesome awesome-ssh fisher hacking-tools
Language:Python 5001
clong / DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
vagrant vagrantfile packer information-security lab-environment dfir terraform ansible powershell detection detectionlab osquery sysmon dfir-automation
Language:HTML 4511
fleet
fleetdm / fleet
Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
device-management employee-experience endpoint-ops endpoint-security gitops mdm-api open-source osquery security-analytics vulnerability-management
Language:Go 2162
kolide / fleet
A flexible control server for osquery fleets
hacktoberfest host-instrumentation infosec macadmin osquery security
1102
palantir / osquery-configuration
A repository for using osquery for incident detection and response
osquery incident-response detection information-security octo-correct-managed
805
zentral
zentralopensource / zentral
Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.
macos inventory elasticsearch endpoint-management endpoint-security events gitops jamf mdm munki osquery santa splunk sumologic terraform unified-view apple-mdm
Language:Python 721
cyberdefenders / DetectionLabELK
DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
vagrant detectionlab osquery elk packer dfir threat-hunting
Language:PowerShell 533
chainguard-dev / osquery-defense-kit
Production-ready detection & response queries for osquery
defense osquery security threat-hunting
Language:Makefile 496
kolide / launcher
Osquery launcher, autoupdater, and packager
devops go-kit golang grpc hacktoberfest host-instrumentation osquery sysadmin
Language:Go 495
hubblestack / hubble
Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting.
hubble security audit pulsar nebula nova osquery saltstack quasar
Language:Python 380
osquery / osquery-go
Go bindings for osquery
golang osquery thrift
Language:Go 370
osctrl
jmpsec / osctrl
Fast and efficient osquery management
security osquery host-instrumentation infrastructure-management incident-response detection-infrastructure endpoint-security
Language:Go 337
trailofbits / osquery-extensions
osquery extensions by Trail of Bits
security monitoring intrusion-detection sql osquery
Language:C 256
aquasecurity / kube-query
[EXPERIMENTAL] Extend osquery to report on Kubernetes
osquery
Language:Go 220
Kirtar22 / ThreatHunting_with_Osquery
Threat Hunting & Incident Investigation with Osquery
cybersecurity dfir forensics incident-response osquery threat-hunting
191
CityBaseInc / SIAC
SIAC is an enterprise SIEM built on open-source technology.
siem security elk osquery intrusion-detection secdevops pci-dss fim compliance wazuh incident-response aws
114
bgenev / impulse-xdr
Fully automated host & network intrusion detection platform. Detects malware from behavioural patterns rather than signatures and enables deeper visibility than legacy tools.
cybersecurity devops security-tools visibility vpc vpc-endpoints vps osquery server-security suricata cloud monitoring security siem xdr
Language:Python 101
emirozer / exposq
Go app that dispatches osquery to multi-machines
golang osquery
Language:Go 92
AbGuthrie / goquery
Provide a shell like interface by utilizing osquery's distributed API
golang osquery remote-shell
Language:Go 82
zercurity / zercurity
Manage, monitor and improve your cyber security posture.
osquery compliance cis-benchmark linux macos siem soar windows steampipe
Language:Shell 81
ReconInfoSec / rhq
Recon Hunt Queries
dfir incident-response mitre-attack osquery threat-hunting
75
0x4D31 / sqhunter
A simple threat hunting tool based on osquery, Salt Open and Cymon API
saltstack osquery threatintel threat-hunting threat-intelligence security security-tools python
Language:Python 65
huoji120 / DuckSysEye
SysEye是一个window上的基于att&ck现代EDR设计**的威胁响应工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
edr osquery sysmon threat-hunting threat-modeling
63
kolide / kolide-quickstart
[DEPRECATED] A quickstart demo for Kolide tools
osquery kolide macadmin security
Language:Shell 52
sidorares / osquery-node
node.js client for osquery
osquery
Language:JavaScript 31
arubdesu / EAs
Scripts to return inventory information for use in the JamfPro, heavily leveraging osquery
osquery jamf mac
Language:Python 30
knightsc / system_policy
osquery table extension that allows querying of information from the macOS private SystemPolicy.framework
osquery macadmins macos
Language:Objective-C 29
kolide / osquery-starter-kit
A starter-kit for a source-controlled, CLI-based osquery management workflow.
osquery
28
hrbrmstr / osqueryr
⁇ 'osquery' 'DBI' and 'dbplyr' Interface for R
r rstats osquery dplyr tidyverse dbi r-cyber
Language:R 25
groob / osquery-condition
osquery munki golang macadmins
Language:Go 17
Loginsoft-LLC / Linux-Exploit-Detection
Linux based vulnerabilities (CVE) exploit detection through runtime security using Falco/Osquery/Yara/Sigma
ebpf exploit falco linux osquery runtime-security threat-hunting openpolicyagent rego cloudnative cve yara cloudsecurity vulnerability-management threat-intelligence vulnerability-intelligence threat-detection
Language:Open Policy Agent 17
GSA / laptop-management
ALPHA/WIP for OSquery configuration for Mac and Linux Operating Systems
alpha osquery fleet management hids
Language:Shell 16
hubblestack / hubblestack_data
Data files for use with hubble
hubble hubblestack-data security audit pulsar nebula nova quasar osquery saltstack
Language:Mask 16
maxi-w / os-chat
Chat interface for your computer
chat gpt interface llm osquery
Language:Python 16
osquery_tables_graph
sevickson / osquery_tables_graph
Repository containing Jupyter Notebooks for working with OSQuery tables and data
graphs jupyter-notebook osquery pyvis
Language:HTML 16
secureworks / atomic-harness
A tool to run and validate telemetry for Atomic Red Team tests
atomic-red-team automation edr mitre-attack osquery
Language:Go 14

osquery

xxh / xxh

clong / DetectionLab

fleetdm / fleet

kolide / fleet

palantir / osquery-configuration

zentralopensource / zentral

cyberdefenders / DetectionLabELK

chainguard-dev / osquery-defense-kit

kolide / launcher

hubblestack / hubble

osquery / osquery-go

jmpsec / osctrl

trailofbits / osquery-extensions

aquasecurity / kube-query

Kirtar22 / ThreatHunting_with_Osquery

CityBaseInc / SIAC

bgenev / impulse-xdr

emirozer / exposq

AbGuthrie / goquery

zercurity / zercurity

ReconInfoSec / rhq

0x4D31 / sqhunter

huoji120 / DuckSysEye

kolide / kolide-quickstart

sidorares / osquery-node

arubdesu / EAs

knightsc / system_policy

kolide / osquery-starter-kit

hrbrmstr / osqueryr

groob / osquery-condition

Loginsoft-LLC / Linux-Exploit-Detection

GSA / laptop-management

hubblestack / hubblestack_data

maxi-w / os-chat

sevickson / osquery_tables_graph

secureworks / atomic-harness