We stand with Ukraine to help keep people safe. Join us
All apps
All apps
Categories
AI
Browsing
Safari Extensions
Business
CRMInventory ManagementProject ManagementSEO
Customization
CursorDashboard WidgetsDesktopKeyboard & Touch BarScreensaversWallpapers
Developer Tools
AppleScriptCompilers & InterpretersComponents & LibrariesDatabaseDebuggingIDE SoftwareManuals & TutorialsProgramming LanguagesSource Code ManagementWeb Development
Education
E-ReadersGeographyLanguage LearningLearningMathMedical EducationMusic EducationReference ManagementScienceStudentTranslation
Finance
AccountingBankingBillingCalculators & ConvertersCryptocurrencyFinancial AnalysisInvestment ManagementPersonal FinanceSpreadsheetTrading
Games
ActionAdventureArcadeBoard GamesCard GamesGaming Tools & UtilitiesPuzzlesRacingShootingSimulationSportsStrategyWarWord Games
Graphic Design
3D ModelingAnimationAuthorship & CopyrightCAD SoftwareDesktop PublishingDiagrams & GraphsFontsIconsIllustrationPDFPhotoshop Plug-ins
Health & Fitness
Meditation & RelaxationNutritionWorkout & Fitness
Internet Utilities
Cloud StorageDownload ManagersEmail ClientsEmail ConvertersEmail ServersFile SharingFTP SoftwareInternet Radio PlayersMessengersNewsreadersOnline TV PlayersRemote ManagementRSSServer SoftwareSocial Network Software
Lifestyle & Hobby
BarcodeCookingFood & DrinkGenealogyKidsReligionShoppingSportsTransportWeather
Medical Software
Music & Audio
Audio ConvertersAudio PlayersAudio Plug-insAudio ProductionAudio RecordingAudio StreamingDJ Mixing SoftwareMusic ManagementRadio
Photography
Album & Collage MakersImage CaptureImage ConvertersPhoto EditorsPhoto ManagementPhoto Viewers
Productivity
CalendarsContact ManagementMind MappingPersonal Information ManagersPresentationsRemindersText EditorsTime ManagementWord Processing
Security
Access ControlAd BlockersAntivirusesEncryption & DecryptionFirewallLocker AppsNetwork SecurityParental ControlPassword GeneratorsPassword ManagersPrivacyVPN
System Utilities
AutomationBackupCleanersClocks & AlarmsCompressionContextual MenusDiagnostic SoftwareDisk UtilitiesEmulationFile ManagementFont ManagersMaintenance & OptimizationNetwork SoftwarePrinter & Scanner DriversRecoverySynchronizationUSB DriversVirtualization
Travel
NavigationTransport PlanningTrip Planners
Video
DVD SoftwareVideo ConvertersVideo EditorsVideo PlayersVideo RecordingVideo Streaming
Articles
Best Apps | MacUpdateBest AppsApp Reviews | MacUpdateReviewsApp Comparisons | MacUpdateComparisonsHow To | MacUpdateHow-To
When you purchase through links on our site, we may earn an affiliate commission
HomeDeveloper ToolsComponents & Librariesosquery

osquery for Mac

Query your devices like a database.

Free
In English
Version 5.19.0
0.0

osquery overview

osquery uses basic SQL commands to leverage a relational data-model to describe a device.

Processes running without a binary on disk

Frequently, attackers will leave a malicious process running but delete the original binary on disk. This query returns any process whose original binary has been deleted, which could be an indicator of a suspicious process.

Three things you should know about osquery
  • It's fast and tested: Our build infrastructure ensures that newly introduced code is benchmarked and tested. We perform continuous testing for memory leaks, thread safety, and binary reproducibility on all supported platforms.
  • It runs everywhere: Windows, macOS, CentOS, FreeBSD, and almost every Linux OS released since 2011 are supported with no dependencies. osquery powers some of the most demanding companies, including Facebook.
  • It's open source: Osquery is released under the Apache License. Ever since we open-sourced it in 2014, organizations and individuals have contributed an ever-growing list of impressive features, useful tools, and helpful documentation.

What’s new in version 5.19.0

Features
  • Add table deb_package_files by @zwass in #8657
  • Add system_profiler table for macOS by @zwass in #8645
  • Add version collate to os_version table's version column by @Micah-Kolide in #8659
  • Add entitlements column to macOS signature table by @zwass in #8666
  • Add support for VSCode forks in vscode_extensions by @zwass in #8664
Bugfixes
  • Fix NSInvalidArgumentException when querying connected_displays by @Synse in #8628
  • Fix inconsistent counter resets due to Config::purge() by @skurpad7 in #8635
  • Update linux block_device and disk_encryption source data to simple sysfs implementation by @Micah-Kolide in #8182
  • Fix ATC for open Firefox databases by @zwass in #8631
Other
  • libs: yara: 4.2.3 -> 4.5.4 by @LeSuisse in #8643
  • Upgrading zlib to 1.3.1 by @ksykulev in #8625
  • Fix build for XCode SDK 16.4 by @lucasmrod in #8640
  • Update build instructions for workaround for XCode SDK > 16.3 by @lucasmrod in #8650
  • Add Cursor AI editor configurations by @zwass in #8656
  • Further improvement to Cursor rules by @zwass in #8662
  • Update Windows build instructions by @zwass in #8661

osquery for Mac

Free
In English
Version 5.19.0
Write a detailed review about osquery

Write your thoughts in our old-fashioned comment

MacUpdate Comment Policy. We strongly recommend leaving comments, however comments with abusive words, bullying, personal attacks of any type will be moderated.
0.0

(1 Reviews of osquery)

  • Comments

  • User Ratings

Just-Fred
Just-Fred
May 3 2023
5.8.2
0.0
May 3 2023
0.0
Version: 5.8.2
I finally found a use for OSQUERY. Or perhaps I should say, found a product that uses it: Vanta. Vanta is a SOC 2 compliance tool that once installed on a workstation, monitors for "un-binaried" processes (processes for which there isn't an app; malware) and other items that may raises suspicions. Vanta is effectively spyware, so I'd only put it on company-provided hardware, and there isn't (to my knowledge) any end-user purpose. Still, OSQUERY is the basis for how Vanta works. There may be some applicability for geeky types who wish to dig into the innards of their macOS.
Help the community
There are no ratings yet, be the first to leave one

How would you rate osquery?