DetectionlabAutomate the creation of a lab environment complete with security tooling and logging best practices
FleetThe premier osquery fleet manager.
Kube Query[EXPERIMENTAL] Extend osquery to report on Kubernetes
OsctrlFast and efficient osquery management
Osq Ext BinExtension to osquery windows that enhances it with real-time telemetry, log monitoring and other endpoint data collection
Xxh🚀 Bring your favorite shell wherever you go through the ssh.
SiacSIAC is an enterprise SIEM built on open-source technology.
ExposqGo app that dispatches osquery to multi-machines
GoqueryProvide a shell like interface by utilizing osquery's distributed API
Osql ExperimentalA community-oriented fork of osquery with support for cmake, public CI testing, and regular releases
FleetA flexible control server for osquery fleets
ZentralZentral is an open-source solution for infrastructure monitoring and endpoint event stream processing. It provides build-in orchestration of macOS security components (Santa, Osquery, et-al.), event correlation and event management. It consolidates its features with various data store backends (ElasticStack, Azure Log Analytics, Splunk, et-al.).
LauncherOsquery launcher, autoupdater, and packager
HubbleHubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting. HubbleStack is a free and open source project made possible by Adobe. https://github.com/adobe
DetectionlabelkDetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
osquery-starter-kitA starter-kit for a source-controlled, CLI-based osquery management workflow.
sqhunterA simple threat hunting tool based on osquery, Salt Open and Cymon API