Report from <#C01DXJL16D8|fleet> since I think tha...
# generala
arod
02/04/2021, 7:49 PMReport from #fleet since I think that's being used for git...
Anyone mind dropping some community packs/queries?
Here are some links I have found that have syntax (good or bad lol):
https://github.com/osquery/osquery/tree/master/packs
https://resources.infosecinstitute.com/topic/threat-hunting-with-kolide-and-osquery/
https://github.com/palantir/osquery-configuration
https://engineering.fb.com/2014/10/29/security/introducing-osquery/
https://www.alibabacloud.com/blog/server-endpoint-security-with-osquery_594950?spm=a2c41.13076147.0.0
https://github.com/teoseller/osquery-attck
s
SK
02/05/2021, 4:07 PM@arod Also just found this repo:
https://github.com/Kirtar22/ThreatHunting_with_Osquery
🙌 1
a
arod
02/05/2021, 4:11 PMNice. Thanks @SK
4 Views