Channels
doorman
infrastructure
random
zercurity
community-feeds
fleet-dev
code-review
queryhub
apple-silicon
carving
tls
fim
goquery
zentral
aws
querycon
golang
zeek
file-carving
fuzzing
auditing-warroom
linen-dev
fleetosquery
plugins
jobs
arm-architecture
darkbytes
process-auditing
uptycs
android_tests
selfgroup
vendor-feeds
fleet
eclecticiq-polylogyx-extension
ebpf
website
core
general
macos
kolide
osctrl
extensions
foundation
sql
officehours
linux
windows
Powered by
Title
a
arod
02/04/2021, 7:49 PM
Report from
#fleet
since I think that's being used for git... Anyone mind dropping some community packs/queries? Here are some links I have found that have syntax (good or bad lol):
https://github.com/osquery/osquery/tree/master/packs
https://resources.infosecinstitute.com/topic/threat-hunting-with-kolide-and-osquery/
https://github.com/palantir/osquery-configuration
https://engineering.fb.com/2014/10/29/security/introducing-osquery/
https://www.alibabacloud.com/blog/server-endpoint-security-with-osquery_594950?spm=a2c41.13076147.0.0
https://github.com/teoseller/osquery-attck
s
SK
02/05/2021, 4:07 PM
@arod
Also just found this repo:
https://github.com/Kirtar22/ThreatHunting_with_Osquery
🙌 1
a
arod
02/05/2021, 4:11 PM
Nice. Thanks
@SK
4 Views
#general
Join Slack