Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → jmpsec → Osctrl

jmpsec / Osctrl

Licence: mit

Fast and efficient osquery management

Programming Languages

31211 projects - #10 most used programming language

Labels

security incident-response osquery

Projects that are alternatives of or similar to Osctrl

Siac

SIAC is an enterprise SIEM built on open-source technology.

Stars: ✭ 100 (-45.36%)

Mutual labels: incident-response, osquery

rhq

Recon Hunt Queries

Stars: ✭ 66 (-63.93%)

Mutual labels: incident-response, osquery

Osquery Configuration

A repository for using osquery for incident detection and response

Stars: ✭ 618 (+237.7%)

Mutual labels: incident-response, osquery

Patrowldocs

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Stars: ✭ 105 (-42.62%)

Mutual labels: incident-response

Information Security Tasks

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Stars: ✭ 108 (-40.98%)

Mutual labels: incident-response

Sleuthkit

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

Stars: ✭ 1,948 (+964.48%)

Mutual labels: incident-response

Weffles

Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI

Stars: ✭ 176 (-3.83%)

Mutual labels: incident-response

Exposq

Go app that dispatches osquery to multi-machines

Stars: ✭ 89 (-51.37%)

Mutual labels: osquery

Misp Taxonomies

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

Stars: ✭ 168 (-8.2%)

Mutual labels: incident-response

Thehive4py

Python API Client for TheHive

Stars: ✭ 143 (-21.86%)

Mutual labels: incident-response

Osq Ext Bin

Extension to osquery windows that enhances it with real-time telemetry, log monitoring and other endpoint data collection

Stars: ✭ 142 (-22.4%)

Mutual labels: osquery

Invoke Liveresponse

Invoke-LiveResponse

Stars: ✭ 115 (-37.16%)

Mutual labels: incident-response

Oriana

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

Stars: ✭ 152 (-16.94%)

Mutual labels: incident-response

Aurora Incident Response

Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders

Stars: ✭ 171 (-6.56%)

Mutual labels: incident-response

Thehive

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Stars: ✭ 2,300 (+1156.83%)

Mutual labels: incident-response

Edr Testing Script

Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

Stars: ✭ 136 (-25.68%)

Mutual labels: incident-response

Threathunt

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

Stars: ✭ 92 (-49.73%)

Mutual labels: incident-response

Mthc

All-in-one bundle of MISP, TheHive and Cortex

Stars: ✭ 134 (-26.78%)

Mutual labels: incident-response

Intelowl

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Stars: ✭ 2,114 (+1055.19%)

Mutual labels: incident-response

Osquery Extensions

osquery extensions by Trail of Bits

Stars: ✭ 180 (-1.64%)

Mutual labels: osquery

View All Similar Projects ➔

osctrl

Fast and efficient osquery management.

What is osctrl?

osctrl is a fast and efficient osquery management solution, implementing its remote API as TLS endpoint.

With osctrl you can monitor all your systems running osquery, distribute its configuration fast, collect all the status and result logs and allow you to run on-demand queries.

Running osctrl with docker

You can use docker to run osctrl and each component has a separate Dockerfile to run independently. Also there is a docker-compose.yml that ties all the components together, to serve a functional deployment.

Inside of the docker folder, execute the command ./dockerize.sh -u to build and run all containers necessary for osctrl.

Ultimately you can just execute make docker_all and it will automagically build and run osctrl locally in docker.

Running osctrl with vagrant

Vagrant machines can be used for osctrl local development. Execute vagrant up to create a local virtual machine running Ubuntu 18.04. Once it has finished deploying, osctrl will be ready to be used and you can access it following the instructions in the terminal.

Documentation

You can find the documentation of the project in https://osctrl.net

Slack

Find us in the #osctrl channel in the official osquery Slack community (Request an auto-invite!)

License

osctrl is licensed under the MIT License.

Donate

If you like osctrl you can send BTC or ETH donations to the following wallets:


_{bitcoin:bc1qvjep6r6j7a00xyhcgp4g2ea2f4pupaprcvllj5}	_{ethereum:0x99e211251fca06286596498823Fd0a48785B64eB}

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 183

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (25) 🔗