-
If you're looking to do some
#ThreatHunting on Linux or Mac environments, here is a nice starting guide https://jordanpotti.com/2018/02/16/elk-osquery-kolide-fleet-love/ …#OSQuery pic.twitter.com/QrZ1TZiR3x
-
Extend osquery to manage host firewalls, macOS application whitelisting and more using
@trailofbits extensions for osquery 3.3.0!#osquery https://github.com/trailofbits/osquery-extensions/releases … -
New blog: "Malware Analysis using Osquery | Part 1" https://www.alienvault.com/blogs/labs-research/malware-analysis-using-osquery-part-1 … Analysis of
#Emotet banking trojan activity.@alienvault#Osquery#Malware#BlueTeam -
New blog: "Malware Analysis using Osquery | Part 2" https://www.alienvault.com/blogs/labs-research/malware-analysis-using-osquery-part-2 … Analysis of common persistence tricks used by malware.
@alienvault#Osquery#Malware#DFIR#BlueTeam -
Build an osquery performance dashboard on the ELK stack (https://www.dactiv.llc/blog/build-osquery-performance-dashboard/ …). This is a great chance to spin up Osquery in a Box and get to experimenting.
#osquery -
This repository is a collection of resources useful for setting up a test environment with osquery, Fleet, and an ELK stack by
@TheZachW#osquery#elkstackhttps://github.com/dactivllc/osquery-in-a-box … -
Announcing the release of Osquery in a Box: A simple collection of docker-compose and other configuration that will bootstrap an osquery, Fleet, ELK stack environment in under 5 mins. Been wanting to try out these technologies? Now's your chance. https://github.com/dactivllc/osquery-in-a-box …
#osquery -
Experienced Director; Security Detection and Response: New York. For further information, contact Jeff.Harrod@techfellow.co.uk
#cybersecurity#MITRE#osquery#Darktrace#CloudWatch#CloudTrail#ChronicleBackstory#BigQuery#GCP#cloud#CloudSecuritypic.twitter.com/BoiNpAqSGR -
Come join us at
@osqueryatscale in January and get ready to learn how powerful@osquery is for detection and monitoring!#osqueryatscale#osquery#security#opensource#detection#infrastructurehttps://twitter.com/osqueryatscale/status/1197519698369351680 …
-
Our new extension to
#osquery lets you query your#Kubernetes cluster as if it were a database https://github.com/aquasecurity/kube-query …pic.twitter.com/IgMnfaA7Js
-
See you all tomorrow
@nullDubai December monthly meet@GBMComms venue at 4:00 PM with best speakers in town@aamer_sha@jaw33sh@c0d3xpl0it#OSquery#Kollide#Facebook#SSRF#BugBountyTips#BugBounty#RDPHijacking#MiTM#infrastructure#NullDubai#Securitypic.twitter.com/XFIK6nQTvc
-
Learn why and how to deploy
#OSquery and hunt hackers on your endpoints, with@cyberGoatPsyOps at@BSidesAugusta. Super concentrated and helpful talk. Slides are up and recording is on the way! http://www.cybergoatpsyops.com/posts/hosthuntingonabudgetupdate/ …pic.twitter.com/mnZuDqM3Pt
-
osctrl: A fast and efficient
#osquery management solution - Medium https://nzzl.us/iyIs863#DFIR#ThreatHunting -
Introducing osctrl: A Fast and efficient
@osquery management solution https://medium.com/@javuto/introducing-osctrl-91583e3fa75d … https://osctrl.net https://github.com/jmpsec/osctrl#security#detection#infrastructure#osquery#OpenSource#cyber -
If you use
#osquery for IR/threat hunting, we made a thing! Recon Hunt Queries is a collection of IR/hunt focused queries for osquery organized by tactic. Fantastic way to leverage a tool like@kolide for intrusion scoping. https://rhq.reconinfosec.com/ -
Very excited about the pre-release of osquery 4.0!!

Thank you to the community and all of those of you behind the scenes doing great work.
#OSQUERY#QueryConhttps://github.com/osquery/osquery/releases/tag/4.0.0 … -
I add just now to my project of mapping
@osquery conf pack with@MITREattack Tactics some Linux query packs. I hope that helps you to detect bad guys. Any suggestions are welcome https://github.com/teoseller/osquery-attck/tree/master/Linux …#osquery#ThreatHunting#IR#linux#mitreattack -
#SecurityOnion#HybridHunter 1.0.6 Tech Preview Available for Testing!
https://blog.securityonion.net/2019/01/security-onion-hybrid-hunter-106-tech.html …
Major highlights of this release:
ability to pivot from Kibana directly to @Kolideco#Fleet
#Osquery rule packs from@PalantirTechpic.twitter.com/7nhIsEmriH
-
I finally wrote up some info on how I reverse engineered the SystemPolicy.framework and created an
#osquery extension for looking up what 32-bit apps are still in use on macOS.#MacAdminshttps://knight.sc/reverse%20engineering/2019/01/23/system-policy.html …
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
Join osquery OG and all around savant, Javier Marcos de Prado(