Skip to content

emirozer/exposq

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

47 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Screenshot

This is a tiny app i made, that you would run locally on your workstation and it will dispatch osquery queries to the machines under your command. The commands are listed in the main root route of the app so you don't need to dig deep. And i really like osquery project, if you have never checked it out, you should probably take a look.

Requirement

The only requirement is that your target machines should have osquery installed on them, thats it..

Install

Standart Procedure

go get github.com/emirozer/exposq

Lets assume you are going to run exposq from your home directory(/home/user/). After running the command above, you need to create a file called targets.json in your /home/user/

Example formatting of targets.json file:

Screenshot

Important Notes : It expects a private key and you can give a key file specific to a target like the following json structure

{
    targets: [
        {
            "user": user,
            "ip": ip,
            "key": "key file",
        },
        {
            "user": user,
            "ip": ip
        }
    ],
    "key": "global key file"
}

Usage

After that just run:

$>exposq

Open up your browser and go

localhost:3000

And the main route will show you which queries you can dispatch :

Screenshot

Examples:


Check if any of your machines are being used as a relay: Screenshot

Check if any of your machines are a victim of mitm: Screenshot

Check the uptime of your machines:

Screenshot

About

Go app that dispatches osquery to multi-machines

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages