is doorman still supported? it doesnt look like a...
# doormanz
Zach Zeid
04/21/2020, 4:43 PMis doorman still supported? it doesnt look like any significant changes have been made in the last 4 yearrs?
s
Seán O'Halloran
04/22/2020, 3:20 PMNot really, no. The original creator has moved on and the other solutions have out-paced Doorman. I’d recommend Kolide Fleet, which is also free & open-source but has a whole company supporting it.
z
Zach Zeid
04/22/2020, 3:21 PMThat's what I thought, it's the same with SGT as well.
j
javuto
04/28/2020, 10:44 PMosctrl is another option, fully open-source and it supports file carving, which Fleet unfortunately does not
javuto
04/28/2020, 10:45 PMFull disclosure, I wrote osctrl
z
Zach Zeid
04/28/2020, 10:46 PMI haven't delved too much into file carving, so I don't know what that gives me
j
javuto
04/28/2020, 10:47 PMExtraction of files/directories from machines that are running osquery
z
Zach Zeid
04/28/2020, 10:50 PMfor fim?
j
javuto
04/28/2020, 10:55 PMthat is different, you can enable that via configuration though, this is actually extracting the contents of files/directories
z
Zach Zeid
04/28/2020, 10:56 PMfor what purposes though?
j
javuto
04/28/2020, 10:58 PMinvestigations, checking logs or configuration files
46 Views