Skip to content
/ GeoSnitch Public

Linux and Windows laptop geolocation in osquery

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lbonanomi/GeoSnitch

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
geocode.go
geocode.go
 
 
geolocate.go
geolocate.go
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
snitch.go
snitch.go
 
 

Repository files navigation

GeoSnitch

A proof of concept osquery extension to determine a user's current physical location by municipality, based-on the device's wifi site survey and calculated by Google.

This system was designed to determine if a user accessing a FedRamp environment was disrespecting the geography-based firewall rule by employing a VPN.

Tested successfully on Windows 10 and Pop!OS.
MacOS is not supported due to Apple sterilizing location information.

Running this thing

Start osquery as osqueryi --extensions_socket=~/.osquery/shell.em
THEN start daemon as ./GeoSnitch --socket ~/.osquery/shell.em

About

Linux and Windows laptop geolocation in osquery

Topics

osquery kolide osquery-extension

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages