osquery

There are 23 repositories under osquery topic.

xxh
xxh / xxh
🚀 Bring your favorite shell wherever you go through the ssh. Xonsh shell, fish, zsh, osquery and so on.
awesome awesome-ssh bash devops fish fisher hacking-tools linux ohmybash ohmyfish ohmyzsh openssh osquery powerlevel10k powerlevel9k shell ssh xonsh xxh zsh
Language:Python 5438
clong / DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
vagrant vagrantfile packer information-security lab-environment dfir terraform ansible powershell detection detectionlab osquery sysmon dfir-automation
Language:HTML 4675
fleet
fleetdm / fleet
Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
osquery open-source gitops device-management employee-experience endpoint-security mdm-api security-analytics vulnerability-management endpoint-ops
Language:Go 3220
kolide / fleet
A flexible control server for osquery fleets
hacktoberfest host-instrumentation infosec macadmin osquery security
1102
palantir / osquery-configuration
A repository for using osquery for incident detection and response
osquery incident-response detection information-security octo-correct-managed
832
zentral
zentralopensource / zentral
Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.
macos inventory elasticsearch endpoint-management endpoint-security events gitops jamf mdm munki osquery santa splunk sumologic terraform unified-view apple-mdm
Language:Python 758
cyberdefenders / DetectionLabELK
DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
detectionlab dfir elk osquery packer threat-hunting vagrant
Language:PowerShell 542
chainguard-dev / osquery-defense-kit
Production-ready detection & response queries for osquery
defense osquery security threat-hunting
Language:Makefile 534
kolide / launcher
Osquery launcher, autoupdater, and packager
osquery host-instrumentation devops sysadmin grpc go-kit golang hacktoberfest
Language:Go 510
osctrl
jmpsec / osctrl
Fast and efficient osquery management
security osquery host-instrumentation infrastructure-management incident-response detection-infrastructure endpoint-security
Language:Go 402
osquery / osquery-go
Go bindings for osquery
osquery golang thrift
Language:Go 391
hubblestack / hubble
Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting.
hubble security audit pulsar nebula nova osquery saltstack quasar
Language:Python 379
trailofbits / osquery-extensions
osquery extensions by Trail of Bits
security monitoring intrusion-detection sql osquery
Language:C 263
aquasecurity / kube-query
[EXPERIMENTAL] Extend osquery to report on Kubernetes
osquery
Language:Go 227
Kirtar22 / ThreatHunting_with_Osquery
Threat Hunting & Incident Investigation with Osquery
threat-hunting osquery incident-response cybersecurity forensics dfir
204
bgenev / impulse-xdr
Fully automated host & network intrusion detection platform. Detects malware from behavioural patterns rather than signatures and enables deeper visibility than legacy tools.
cybersecurity devops security-tools visibility vpc vpc-endpoints vps osquery server-security suricata cloud monitoring security siem xdr
Language:Python 126
CityBaseInc / SIAC
SIAC is an enterprise SIEM built on open-source technology.
siem security elk osquery intrusion-detection secdevops pci-dss fim compliance wazuh incident-response aws
113
emirozer / exposq
Go app that dispatches osquery to multi-machines
osquery golang
Language:Go 91
zercurity / zercurity
Manage, monitor and improve your cyber security posture.
osquery compliance cis-benchmark linux macos siem soar windows steampipe
Language:Shell 87
AbGuthrie / goquery
Provide a shell like interface by utilizing osquery's distributed API
golang osquery remote-shell
Language:Go 80
ReconInfoSec / rhq
Recon Hunt Queries
osquery dfir threat-hunting mitre-attack incident-response
76
huoji120 / DuckSysEye
SysEye是一个window上的基于att&ck现代EDR设计**的威胁响应工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
edr osquery sysmon threat-hunting threat-modeling
63
kolide / kolide-quickstart
[DEPRECATED] A quickstart demo for Kolide tools
osquery kolide macadmin security
Language:Shell 52
arubdesu / EAs
Scripts to return inventory information for use in the JamfPro, heavily leveraging osquery
osquery jamf mac
Language:Python 30
hrbrmstr / osqueryr
⁇ 'osquery' 'DBI' and 'dbplyr' Interface for R
r rstats osquery dplyr tidyverse dbi r-cyber
Language:R 30
knightsc / system_policy
osquery table extension that allows querying of information from the macOS private SystemPolicy.framework
osquery macadmins macos
Language:Objective-C 30
kolide / osquery-starter-kit
A starter-kit for a source-controlled, CLI-based osquery management workflow.
osquery
30
sidorares / osquery-node
node.js client for osquery
osquery
Language:JavaScript 30
Loginsoft-LLC / Linux-Exploit-Detection
Linux based vulnerabilities (CVE) exploit detection through runtime security using Falco/Osquery/Yara/Sigma
ebpf exploit falco linux osquery runtime-security threat-hunting openpolicyagent rego cloudnative cve yara cloudsecurity vulnerability-management threat-intelligence vulnerability-intelligence threat-detection
Language:Open Policy Agent 21
groob / osquery-condition
osquery munki golang macadmins
Language:Go 17
GSA / laptop-management
ALPHA/WIP for OSquery configuration for Mac and Linux Operating Systems
alpha osquery fleet management hids
Language:Shell 16
hubblestack / hubblestack_data
Data files for use with hubble
hubble hubblestack-data security audit pulsar nebula nova quasar osquery saltstack
Language:Mask 16
osquery_tables_graph
sevickson / osquery_tables_graph
Repository containing Jupyter Notebooks for working with OSQuery tables and data
osquery jupyter-notebook pyvis graphs
Language:HTML 16
maxi-w / os-chat
Chat interface for your computer
chat gpt interface llm osquery
Language:Python 15
jacknagz / osquery-cookbook
A Chef Cookbook to install and configure osquery.
chef chef-cookbook osquery osquery-cookbook
Language:Ruby 14
secureworks / atomic-harness
A tool to run and validate telemetry for Atomic Red Team tests
atomic-red-team automation edr mitre-attack osquery
Language:Go 14

osquery

xxh / xxh

clong / DetectionLab

fleetdm / fleet

kolide / fleet

palantir / osquery-configuration

zentralopensource / zentral

cyberdefenders / DetectionLabELK

chainguard-dev / osquery-defense-kit

kolide / launcher

jmpsec / osctrl

osquery / osquery-go

hubblestack / hubble

trailofbits / osquery-extensions

aquasecurity / kube-query

Kirtar22 / ThreatHunting_with_Osquery

bgenev / impulse-xdr

CityBaseInc / SIAC

emirozer / exposq

zercurity / zercurity

AbGuthrie / goquery

ReconInfoSec / rhq

huoji120 / DuckSysEye

kolide / kolide-quickstart

arubdesu / EAs

hrbrmstr / osqueryr

knightsc / system_policy

kolide / osquery-starter-kit

sidorares / osquery-node

Loginsoft-LLC / Linux-Exploit-Detection

groob / osquery-condition

GSA / laptop-management

hubblestack / hubblestack_data

sevickson / osquery_tables_graph

maxi-w / os-chat

jacknagz / osquery-cookbook

secureworks / atomic-harness