Cisco-Talos / osquery_queriesLinks
Cisco Orbital - Osquery queries by Talos
☆135Updated last year
Alternatives and similar repositories for osquery_queries
Users that are interested in osquery_queries are comparing it to the libraries listed below
Sorting:
- Threat Hunting & Incident Investigation with Osquery☆216Updated 3 years ago
- Automatically create YARA rules from malicious documents.☆212Updated 3 years ago
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 3 years ago
- Recon Hunt Queries☆78Updated 4 years ago
- Osquery Resources☆62Updated 6 years ago
- A community event for security researchers to share their favorite notebooks☆108Updated last year
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.☆238Updated 6 months ago
- OSSEM Common Data Model☆56Updated 3 years ago
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆85Updated last year
- ☆36Updated 4 years ago
- Sigma Detection Rule Repository☆90Updated 5 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆156Updated 7 months ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆264Updated 2 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆110Updated 5 years ago
- MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats☆56Updated last week
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆107Updated 5 months ago
- A CALDERA plugin☆79Updated last week
- ☆175Updated last year
- Resources for SANS CTI Summit 2021 presentation☆103Updated last year
- Python library for threat intelligence☆89Updated 9 months ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆79Updated last week
- An ELK environment containing interesting security datasets.☆137Updated 5 years ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆132Updated 3 years ago
- Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…☆91Updated last month
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆189Updated 4 years ago
- A collection of tips for using MISP.☆74Updated 10 months ago
- Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…☆125Updated 2 years ago
- Detection Ideas & Rules repository.☆179Updated 4 years ago
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated last month