osquery

🚀 Bring your favorite shell wherever you go through the ssh. Xonsh shell, fish, zsh, osquery and so on.

Automate the creation of a lab environment complete with security tooling and logging best practices

Open-source platform for IT and security teams with thousands of computers. (Linux, macOS, Windows, ChromeOS, AWS, Google Cloud, Azure, data center, containers, IoT)

A flexible control server for osquery fleets

A repository for using osquery for incident detection and response

Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.

DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.

Osquery launcher, autoupdater, and packager

Production-ready detection & response queries for osquery

Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting. HubbleStack is a free and open source project made possible by Adobe. https://github.com/adobe

Go bindings for osquery

Fast and efficient osquery management

osquery extensions by Trail of Bits

[EXPERIMENTAL] Extend osquery to report on Kubernetes

Extension to osquery windows that enhances it with real-time telemetry, log monitoring and other endpoint data collection

Threat Hunting & Incident Investigation with Osquery

SIAC is an enterprise SIEM built on open-source technology.

Go app that dispatches osquery to multi-machines

Provide a shell like interface by utilizing osquery's distributed API

Recon Hunt Queries