osquery

There are 24 repositories under osquery topic.

xxh
xxh / xxh
🚀 Bring your favorite shell wherever you go through the ssh. Xonsh shell, fish, zsh, osquery and so on.
awesome awesome-ssh bash devops fish fisher hacking-tools linux ohmybash ohmyfish ohmyzsh openssh osquery powerlevel10k powerlevel9k shell ssh xonsh xxh zsh
Language:Python 5535
clong / DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
ansible detection detectionlab dfir dfir-automation information-security lab-environment osquery packer powershell sysmon terraform vagrant vagrantfile
Language:HTML 4700
fleet
fleetdm / fleet
Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
device-management employee-experience endpoint-ops endpoint-security gitops mdm-api open-source osquery security-analytics vulnerability-management
Language:Go 3641
kolide / fleet
A flexible control server for osquery fleets
hacktoberfest host-instrumentation infosec macadmin osquery security
1104
palantir / osquery-configuration
A repository for using osquery for incident detection and response
osquery incident-response detection information-security octo-correct-managed
840
zentral
zentralopensource / zentral
Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.
apple-mdm elasticsearch endpoint-management endpoint-security events gitops inventory jamf macos mdm munki osquery santa splunk sumologic terraform unified-view
Language:Python 780
cyberdefenders / DetectionLabELK
DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
detectionlab dfir elk osquery packer threat-hunting vagrant
Language:PowerShell 552
chainguard-dev / osquery-defense-kit
Production-ready detection & response queries for osquery
defense osquery security threat-hunting
Language:Makefile 549
kolide / launcher
Osquery launcher, autoupdater, and packager
devops go-kit golang grpc hacktoberfest host-instrumentation osquery sysadmin
Language:Go 516
osctrl
jmpsec / osctrl
Fast and efficient osquery management
detection-infrastructure endpoint-security host-instrumentation incident-response infrastructure-management osquery security
Language:Go 424
osquery / osquery-go
Go bindings for osquery
osquery golang thrift
Language:Go 396
hubblestack / hubble
Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting.
hubble security audit pulsar nebula nova osquery saltstack quasar
Language:Python 379
trailofbits / osquery-extensions
osquery extensions by Trail of Bits
intrusion-detection monitoring osquery security sql
Language:C 264
aquasecurity / kube-query
[EXPERIMENTAL] Extend osquery to report on Kubernetes
osquery
Language:Go 228
Kirtar22 / ThreatHunting_with_Osquery
Threat Hunting & Incident Investigation with Osquery
threat-hunting osquery incident-response cybersecurity forensics dfir
205
bgenev / impulse-xdr
Fully automated host & network intrusion detection platform. Detects malware from behavioural patterns rather than signatures and enables deeper visibility than legacy tools.
cybersecurity devops security-tools visibility vpc vpc-endpoints vps osquery server-security suricata cloud monitoring security siem xdr
Language:Python 132
CityBaseInc / SIAC
SIAC is an enterprise SIEM built on open-source technology.
aws compliance elk fim incident-response intrusion-detection osquery pci-dss secdevops security siem wazuh
114
emirozer / exposq
Go app that dispatches osquery to multi-machines
golang osquery
Language:Go 92
zercurity / zercurity
Manage, monitor and improve your cyber security posture.
osquery compliance cis-benchmark linux macos siem soar windows steampipe
Language:Shell 89
AbGuthrie / goquery
Provide a shell like interface by utilizing osquery's distributed API
golang osquery remote-shell
Language:Go 81
ReconInfoSec / rhq
Recon Hunt Queries
dfir incident-response mitre-attack osquery threat-hunting
76
huoji120 / DuckSysEye
SysEye是一个window上的基于att&ck现代EDR设计**的威胁响应工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
edr osquery sysmon threat-hunting threat-modeling
64
kolide / kolide-quickstart
[DEPRECATED] A quickstart demo for Kolide tools
kolide macadmin osquery security
Language:Shell 52
knightsc / system_policy
osquery table extension that allows querying of information from the macOS private SystemPolicy.framework
osquery macadmins macos
Language:Objective-C 31
arubdesu / EAs
Scripts to return inventory information for use in the JamfPro, heavily leveraging osquery
osquery jamf mac
Language:Python 30
hrbrmstr / osqueryr
⁇ 'osquery' 'DBI' and 'dbplyr' Interface for R
r rstats osquery dplyr tidyverse dbi r-cyber
Language:R 30
kolide / osquery-starter-kit
A starter-kit for a source-controlled, CLI-based osquery management workflow.
osquery
30
sidorares / osquery-node
node.js client for osquery
osquery
Language:JavaScript 30
Loginsoft-LLC / Linux-Exploit-Detection
Linux based vulnerabilities (CVE) exploit detection through runtime security using Falco/Osquery/Yara/Sigma
ebpf exploit falco linux osquery runtime-security threat-hunting openpolicyagent rego cloudnative cve yara cloudsecurity vulnerability-management threat-intelligence vulnerability-intelligence threat-detection
Language:Open Policy Agent 21
groob / osquery-condition
osquery munki golang macadmins
Language:Go 17
osquery_tables_graph
sevickson / osquery_tables_graph
Repository containing Jupyter Notebooks for working with OSQuery tables and data
osquery jupyter-notebook pyvis graphs
Language:HTML 17
GSA / laptop-management
ALPHA/WIP for OSquery configuration for Mac and Linux Operating Systems
alpha fleet hids management osquery
Language:Shell 16
hubblestack / hubblestack_data
Data files for use with hubble
hubble hubblestack-data security audit pulsar nebula nova quasar osquery saltstack
Language:Mask 16
maxi-w / os-chat
Chat interface for your computer
chat gpt interface llm osquery
Language:Python 15
jacknagz / osquery-cookbook
A Chef Cookbook to install and configure osquery.
osquery chef chef-cookbook osquery-cookbook
Language:Ruby 14
secureworks / atomic-harness
A tool to run and validate telemetry for Atomic Red Team tests
atomic-red-team automation edr mitre-attack osquery
Language:Go 14

osquery

xxh / xxh

clong / DetectionLab

fleetdm / fleet

kolide / fleet

palantir / osquery-configuration

zentralopensource / zentral

cyberdefenders / DetectionLabELK

chainguard-dev / osquery-defense-kit

kolide / launcher

jmpsec / osctrl

osquery / osquery-go

hubblestack / hubble

trailofbits / osquery-extensions

aquasecurity / kube-query

Kirtar22 / ThreatHunting_with_Osquery

bgenev / impulse-xdr

CityBaseInc / SIAC

emirozer / exposq

zercurity / zercurity

AbGuthrie / goquery

ReconInfoSec / rhq

huoji120 / DuckSysEye

kolide / kolide-quickstart

knightsc / system_policy

arubdesu / EAs

hrbrmstr / osqueryr

kolide / osquery-starter-kit

sidorares / osquery-node

Loginsoft-LLC / Linux-Exploit-Detection

groob / osquery-condition

sevickson / osquery_tables_graph

GSA / laptop-management

hubblestack / hubblestack_data

maxi-w / os-chat

jacknagz / osquery-cookbook

secureworks / atomic-harness