GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → Cisco-Talos → osquery_queries

Cisco-Talos / osquery_queries

Licence: Unknown, GPL-2.0 licenses found Licenses found Unknown LICENSE.md GPL-2.0 LICENSE-GPL-2.0
Cisco Orbital - Osquery queries by Talos

Cisco Talos Osquery queries

These queries are distributed in the hope that they will be useful, but WITHOUT ANY WARRANTY.

NOTE: This repository is still under construction.

About this Repository

This repository contains Osquery packs used to query for malware and threat related IoCs.

This project's goal is to provide Osquery packs that reflect the current threat landscape.

Repository Layout

All packs will reside under the packs directory. Each pack will be an appropriately named .conf file indicating its platform and type of queries contained.

Current packs available:

  • win_malware.conf

Using This Repository

It is recommended to run these queries/configurations in an isolated or lab environment before deploying.

Each query defaults to being run every 24 hours (86400). This value can be modified by changing the "interval" value under each query.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].