https://tahadraidia.com/tags/osquery/Recent content in osquery on Taha DraidiaHugo -- gohugo.ioen-usSat, 29 Jul 2023 00:00:00 +0000https://tahadraidia.com/posts/think-offensive-leverage-osquery-for-discovery-and-enumeration/Sat, 29 Jul 2023 00:00:00 +0000https://tahadraidia.com/posts/think-offensive-leverage-osquery-for-discovery-and-enumeration/This post has been ported from Darkwaves InfoSec blog. TL;DR The purpose of this post is to explain how to leverage Osquery to perform enumeration and discovery of a system without relying on Living Off the Land Binaries (LOLBins) such as net, sc, and schtasks. These tools are commonly monitored in enforced environments and used for enumerating users, services, and tasks on Windows machines. While the post will focus on Windows machines, as they are still the mainstream in the industry, the methods described in this post can be easily translated to other platforms.