Home

Awesome

Osquery-ATT&CK

Osquery-ATT&CK

The goal of this repository is to try to map the MITRE ATT&CK with the Osquery for enterprise threat hunting.

Each conf file is a Query Pack that can be used enterprise threat hunting wit osquery.

Mapping the MITRE ATT&CK Matrix with Osquery

I try to create Osquery pack that can cover some elements of the ATT&CK

Query Pack Descriprion

Windows

Linux

ATT&CK MAPPING

Windows ATT&CK MAPPING

Linux ATT&CK MAPPING

Notes