osquery
@osquery
osquery lets you ask questions about your Linux, Mac, and Windows infrastructure. Intrusion detection, infrastructure reliability, compliance, and more.
قد يعجبك
Great to see osquery detections provided in a malware analysis report like this!
Here's my blog on #Qakbot malware with threat detections using #osquery Qakbot seen in below campaigns: ⛔️OneNote Campaign ⛔️WSF Campaign ⛔️HTML Smuggling Campaign Blog: research.loginsoft.com/threat-researc… #threatintelligence #malware #threathunting #DFIR
Here's a little one-liner I like to use with @osquery to figure out what process is listening on a network port when I can't bind my dev server: osqueryi 'select * from processes join listening_ports using (pid) where port = 8080'
Team @docker, what's the plan for OSS organizations that use the free team tier with your new pricing announcement (sunsetting the free teams tier)? Are projects like @osquery no longer welcome on the platform?
🎉 Announcing Osquery 5.3.0! 🎉 Table improvements and bugfixes. Downloads available from osquery.io/downloads/offi…
Anyone know of a tool like @snyksec that supports C++ and can generate *public* reports of dependency vulnerabilities and fixes? Snyk seems to have a nice workflow but doesn't support the public reporting use case. Looking to address this issue for @osquery.
🎉 Announcing osquery 5.2.2 with native macOS M1 support! 🎉 Downloads available in our package repos and at osquery.io/downloads/offi…. Huge effort from @trailofbits, @Smjert, @alessandrogario, @sharvilshah and more.
Osquery is not vulnerable to the Log4J CVE-2021-44228, as there are no Java components. The osquery.io website is statically hosted on GitHub pages.
Announcing, osquery 5.0! 🎉 This is a tremendously exciting release. New code signatures, new paths, new packaging, new functionality! Check it out at github.com/osquery/osquer…
github.com
Release 5.0.1 · osquery/osquery
osquery 5.0 is a tremendously exciting release! We now install into /opt/osquery on macOS and Linux for better portability. Our default and recommended installation for macOS uses an application b...
cloudquery looks great! A wonderful complimentary tool to osquery, query your endpoints and your cloud! What’s next? github.com/cloudquery/clo…
Very cool to see the initial talks and speakers added to the agenda, should be a fun and insightful event!
While CFPs continue to roll in, we’re excited to share the latest confirmed speaker/session: @atlassian Site Reliability Engineer, Brendan Shaklovitz (@nyanshak). To register, visit eventbrite.com/e/osqueryscale… #osqueryatscale
Keep them coming!
The importance of APIs in Security products is often ignored. A good API makes your product even better and us Security Engineering teams love them! javuto.medium.com/introducing-os… #CyberSecurity #DFIR #osquery #detection #infrastructure
This makes bpf events very accessible: select * from bpf_process_events. You’ll have to build from tip right now, but expect these features in the next stable release (eta 1 month). Next up, EndpointSecurity process events!
My PR implementing #bpf support in #osquery has been merged! Huge thanks to @trailofbits for being awesome and @teddyreedv for being the best maintainer ever! github.com/osquery/osquer…
github.com
Initial implementations for BPF-based socket and process events tables by alessandrogario · Pull...
This PR implements two new tables: bpf_process_events, bpf_socket_events using the ebpfpub library from https://github.com/trailofbits/ebpfpub. BPF support requires a kernel >= 4.18! VMware ...
Here is a great end to end setup for using osquery to carve/acquire files remotely. Thanks for the in-depth description and walkthrough Ben!
New post: Setup my GoLang Osquery-file-carving server with Kolide holdmybeersecurity.com/2020/09/24/set…
That is a lot of SQL! Congrats to the winners and to everyone who helped organize!
We are thrilled to announce the winning teams of OpenSOC.io #DEFCONSafeMode finals. 8M @graylog2 queries 91K+ scoreboard submissions 800+ participants 500+ challenges 350+ teams 260GB+ PCAPs 150GB+ endpoint telemetry 10K+ @osquery queries 20+ hours of content
I'm very excited to release Fleet 3.0.0! We've managed to scale Fleet to over 150k hosts with the new changes, and also introduced some nice new features like Manual Labels. Check it out! #osquery github.com/kolide/fleet/r…
Enjoyed my first virtual talk at @jupyterthon and also my first blog, hope there will be more! 😉 Thanks again @Cyb3rWard0g & @Cyb3rPandaH for this opportunity. Here is the link to my talk: youtube.com/watch?v=QCVd4S… And also the link to my blog: medium.com/@sevickson/unt… #osquery
Great work from the ToB folks! I blogged an example configuration and results from the ntfs_events table at dactiv.llc/blog/new-in-os…
Did you know #osquery can dump process trees on macOS, Linux, and Windows? With a little SQL magic we can do that and more! dactiv.llc/blog/process-t…
United States الاتجاهات
- 1. Chris Paul 10.1K posts
- 2. Clippers 18.2K posts
- 3. FELIX LV VISIONARY SEOUL 15.8K posts
- 4. #FELIXxLouisVuitton 18.6K posts
- 5. Pat Spencer 2,748 posts
- 6. jungkook 241K posts
- 7. rUSD N/A
- 8. Good Wednesday 22K posts
- 9. Kerr 5,780 posts
- 10. Podz 3,366 posts
- 11. Lawrence Frank N/A
- 12. Shai 16.2K posts
- 13. Seth Curry 5,209 posts
- 14. Jimmy Butler 2,683 posts
- 15. Hield 1,616 posts
- 16. TOP CALL 9,660 posts
- 17. Carter Hart 4,220 posts
- 18. Brandy 8,522 posts
- 19. Earl Campbell 1,241 posts
- 20. #SeanCombsTheReckoning 5,685 posts
قد يعجبك
-
Security Onion
@securityonion -
Nextron Systems
@nextronsystems -
Will Schroeder
@harmj0y -
Roberto Rodriguez 🇵🇪
@Cyb3rWard0g -
Sean Metcalf
@PyroTek3 -
volatility
@volatility -
Suricata IDS/IPS
@Suricata_IDS -
Christopher Glyer
@cglyer -
Corelight
@corelight_inc -
sigma
@sigma_hq -
Interrupt Labs
@InterruptLabs -
Fleet
@fleetctl -
Uptycs - CNAPP for Hybrid Cloud Security
@uptycs -
Wazuh
@wazuh -
Jose Rodriguez 🇵🇪
@Cyb3rPandaH
Something went wrong.
Something went wrong.