Projects in Awesome Lists tagged with osquery
A curated list of projects in awesome lists tagged with osquery .
https://github.com/fleetdm/fleet
Open-source platform for IT, security, and infrastructure teams. (Linux, macOS, Chrome, Windows, cloud, data center)
device-management employee-experience endpoint-ops endpoint-security gitops mdm-api open-source osquery security-analytics vulnerability-management
Last synced: 01 Apr 2026
https://github.com/clong/detectionlab
Automate the creation of a lab environment complete with security tooling and logging best practices
ansible detection detectionlab dfir dfir-automation information-security lab-environment osquery packer powershell sysmon terraform vagrant vagrantfile
Last synced: 14 May 2025
https://github.com/clong/DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
ansible detection detectionlab dfir dfir-automation information-security lab-environment osquery packer powershell sysmon terraform vagrant vagrantfile
Last synced: 24 Mar 2025
https://github.com/kolide/fleet
A flexible control server for osquery fleets
hacktoberfest host-instrumentation infosec macadmin osquery security
Last synced: 28 Sep 2025
https://github.com/palantir/osquery-configuration
A repository for using osquery for incident detection and response
detection incident-response information-security octo-correct-managed osquery
Last synced: 27 Jan 2026
https://github.com/zentralopensource/zentral
Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes tracking & reporting compliance much less manual.
apple-mdm elasticsearch endpoint-management endpoint-security events gitops inventory jamf macos mdm munki osquery santa splunk sumologic terraform unified-view
Last synced: 24 Jan 2026
https://github.com/chainguard-dev/osquery-defense-kit
Production-ready detection & response queries for osquery
defense osquery security threat-hunting
Last synced: 25 Jan 2026
https://github.com/cyberdefenders/detectionlabelk
DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
detectionlab dfir elk osquery packer threat-hunting vagrant
Last synced: 05 Apr 2025
https://github.com/cyberdefenders/DetectionLabELK
DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
detectionlab dfir elk osquery packer threat-hunting vagrant
Last synced: 11 Jul 2025
https://github.com/kolide/launcher
Osquery launcher, autoupdater, and packager
devops go-kit golang grpc hacktoberfest host-instrumentation osquery sysadmin
Last synced: 25 Feb 2026
https://github.com/jmpsec/osctrl
Fast and efficient osquery management
detection-infrastructure endpoint-security host-instrumentation incident-response infrastructure-management osquery security
Last synced: 02 Apr 2026
https://github.com/hubblestack/hubble
Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting.
audit hubble nebula nova osquery pulsar quasar saltstack security
Last synced: 04 Apr 2025
https://github.com/trailofbits/osquery-extensions
osquery extensions by Trail of Bits
intrusion-detection monitoring osquery security sql
Last synced: 27 Oct 2025
https://github.com/aquasecurity/kube-query
[EXPERIMENTAL] Extend osquery to report on Kubernetes
Last synced: 06 Mar 2026
https://github.com/CityBaseInc/SIAC
SIAC is an enterprise SIEM built on open-source technology.
aws compliance elk fim incident-response intrusion-detection osquery pci-dss secdevops security siem wazuh
Last synced: 30 Mar 2025
https://github.com/bgenev/impulse-xdr
Fully automated host & network intrusion detection platform. Detects malware from behavioural patterns rather than signatures and enables deeper visibility than legacy tools.
cloud cybersecurity devops monitoring osquery security security-tools server-security siem suricata visibility vpc vpc-endpoints vps xdr
Last synced: 22 Jul 2025
https://github.com/emirozer/exposq
Go app that dispatches osquery to multi-machines
Last synced: 14 Oct 2025
https://github.com/zercurity/zercurity
Manage, monitor and improve your cyber security posture.
cis-benchmark compliance linux macos osquery siem soar steampipe windows
Last synced: 06 Apr 2025
https://github.com/ReconInfoSec/rhq
Recon Hunt Queries
dfir incident-response mitre-attack osquery threat-hunting
Last synced: 11 Jul 2025
https://github.com/arubdesu/eas
Scripts to return inventory information for use in the JamfPro, heavily leveraging osquery
Last synced: 13 Apr 2025
https://github.com/computablefacts/towerify
Cybersecurity for the mortals.
cybersecurity osquery ossec vulnerability-scanner
Last synced: 21 Jan 2026
https://github.com/gsa/laptop-management
ALPHA/WIP for OSquery configuration for Mac and Linux Operating Systems
alpha fleet hids management osquery
Last synced: 15 May 2025
https://github.com/secureworks/atomic-harness
A tool to run and validate telemetry for Atomic Red Team tests
atomic-red-team automation edr mitre-attack osquery
Last synced: 16 Jan 2026
https://github.com/leonjza/golert
π¨an osquery powered, almost cross platform HIDS
hids monitoring osquery security
Last synced: 26 Jul 2025
https://github.com/codexlynx/osquery-graphene
OSQuery GraphQL web service.
blue-team graphql incident-response osquery security
Last synced: 22 Apr 2025
https://github.com/ketsapiwiq/siem-infra
Vulnerability detection, OSquery, fully-fledged Wazuh ELK stack with Linux and Windows Wazuh + osquery enrollment via Ansible.
ansible elasticsearch kibana osquery security siem vulnerability-detection wazuh
Last synced: 23 Apr 2025
https://github.com/puffycid/osquery-packs
Small collection of osquery packs
Last synced: 03 Jan 2026
https://github.com/puffycid/lief-osquery
A PE and MACHO parser for osquery!
Last synced: 14 Jun 2025
https://github.com/githubfoam/osquery-sandbox
osquery CTI, DFIR
centos cyber-threat-intelligence debian digital-forensics-incident-response fedora freebsd githubactions osquery pipeline santa
Last synced: 12 Apr 2025
https://github.com/igor-suhorukov/postgres_osquery
Running "osquery" queries from PostgreSQL
monitoring osquery performance-metrics postgresql siem
Last synced: 08 Oct 2025
https://github.com/i2z1/airfleet
FleetDM API wrapper for threat hunting with R
Last synced: 19 Jan 2026
https://github.com/uptycslabs/uptycs-client-go
hacktoberfest hacktoberfest-accepted osquery
Last synced: 12 Feb 2026
https://github.com/cyb3r-jak3/fleet-osquery
Scripts that install and configure osquery and fleet
Last synced: 01 Jun 2026
https://github.com/hejcman/go-flows-osquery
A plugin for go-flows using OSQuery.
Last synced: 12 Jan 2026
https://github.com/davidecavestro/asdf-osqueryi
osquery interactive shell plugin for the asdf version manager
asdf-vm instrumentation monitoring osquery
Last synced: 29 Mar 2025
https://github.com/turbot/guardrails-agent-kubernetes
Docker container for Guardrails Kubernetes agent
dockerfile kubernetes osquery turbot-guardrails
Last synced: 17 Jul 2025
https://github.com/nachorpaez/osquery-extensions
An Osquery extension with tables useful for IR investigations.
Last synced: 12 Mar 2026
https://github.com/githubfoam/win-circleci
windows osquery
chocolatey circleci osquery scoop windows
Last synced: 06 Jul 2025
https://github.com/githubfoam/multi-arch-os-osquery-travisci
multi arch os osquery travisci pipeline python virtuenv
cyber-threat-intelligence digital-forensics-incident-response endpoint-detection-response file-integrity-monitoring multi-arch multi-os osquery pipeline
Last synced: 03 Jul 2025
https://github.com/jtaylorcpp/secql
Integrating security tooling with GraphQL
aws-ec2 golang graphql osquery securit security security-tools
Last synced: 17 Jan 2026
https://github.com/yandex-cloud-examples/yc-mk8s-osquery-kubequery
Deploy Osquery and Kubequery in Managed Service for Kubernetes (MK8S) in Yandex Cloud.
kubernetes kuberquery mk8s osquery yandex-cloud yandexcloud
Last synced: 01 Sep 2025
https://github.com/burdzwastaken/osquery-operator
A Kubernetes operator for managing osquery deployments as native CRDs
crd golang kubernetes kubernetes-operator osquery
Last synced: 13 Jan 2026
https://github.com/ananya-5420/osquery-ossec-audit
Linux system auditing using osquery file integrity, and detect rootkits.
audit file-integrity host-monitoring linux osquery process-auditing
Last synced: 23 Jan 2026
https://github.com/lbonanomi/geosnitch
Expose Linux and Windows laptop geolocation in osquery
kolide osquery osquery-extension
Last synced: 07 May 2026
https://github.com/agardnerit/osquery-queries
Repository of sample queries for osquery. Submissions welcomed!
Last synced: 11 Jan 2026
https://github.com/khulnasoft/osinsight
π Production-ready detection & response queries for osquery π‘οΈ Boost endpoint monitoring, detect threats π¨, and streamline incident response β‘
cybersecurity detection-queries endpoint-monitoring incident-response osquery real-time-monitoring response-automation security-auditing system-security threat-detection
Last synced: 26 Mar 2025
https://github.com/githubfoam/win-githubactions
windows data center osquery
dfir osquery windows2016 windows2019 windows2022
Last synced: 30 Mar 2025
https://github.com/javuto/javuto
My :octocat: README
automation fbctf osctrl osquery security security-tools
Last synced: 19 Mar 2026
https://github.com/linux-china/osquery-spring-boot-starter
Spring Boot Starter for osquery
duckdb osquery spring-boot spring-boot-starter
Last synced: 20 Apr 2026
https://github.com/scrymastic/goosquery
goosquery
golang networking osquery system
Last synced: 09 Apr 2025
