Cisco Orbital - Osquery queries by Talos
☆137Aug 23, 2024Updated last year
Alternatives and similar repositories for osquery_queries
Users that are interested in osquery_queries are comparing it to the libraries listed below
Sorting:
- ☆88Mar 7, 2025Updated 11 months ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆806May 11, 2023Updated 2 years ago
- Threat Hunting & Incident Investigation with Osquery☆216Mar 30, 2022Updated 3 years ago
- Automated testing, generation & manipulation of #osquery packs☆74Oct 16, 2024Updated last year
- Osquery Packs we use for customer security hardening☆12Jun 30, 2025Updated 8 months ago
- A repository for using osquery for incident detection and response☆880Sep 8, 2025Updated 5 months ago
- Production-ready detection & response queries for osquery☆600Aug 13, 2025Updated 6 months ago
- Osquery Resources☆63Aug 23, 2019Updated 6 years ago
- An osquery extension for endpoint engineers☆119Jan 27, 2026Updated last month
- Active Response plugin. Osquery to execute wazuh/ossec active response plugins. You can write your own plugins, easy to plug☆11Jun 20, 2020Updated 5 years ago
- Collection of operational focused osquery dashboards.☆11Jan 20, 2021Updated 5 years ago
- Fast and efficient osquery management☆489Feb 24, 2026Updated last week
- ☆16Updated this week
- DFIQ is a collection of investigative questions and the approaches for answering them☆300Jan 17, 2025Updated last year
- ☆39Jun 28, 2019Updated 6 years ago
- Remotely collect linux live forensics artifacts.☆14Jul 8, 2022Updated 3 years ago
- ☆15Dec 16, 2020Updated 5 years ago
- ☆44Sep 12, 2018Updated 7 years ago
- ☆172Feb 19, 2026Updated last week
- Re-play Security Events☆1,725Mar 20, 2024Updated last year
- Windows Events Attack Samples☆2,515Jan 24, 2023Updated 3 years ago
- osquery extensions by Trail of Bits☆269Apr 12, 2023Updated 2 years ago
- A repository to share publicly available Velociraptor detection content☆196Updated this week
- Zentral is a high-visibility platform for controlling Apple endpoints in enterprises. It brings great observability to IT and makes track…☆844Feb 26, 2026Updated last week
- Convert Sigma rules to LogRhythm searches☆23Feb 27, 2022Updated 4 years ago
- ReversingLabs YARA Rules☆898Nov 3, 2025Updated 4 months ago
- An informational repo about hunting for adversaries in your IT environment.☆1,854Nov 17, 2021Updated 4 years ago
- Osquery launcher, autoupdater, and packager☆537Updated this week
- An experimental Velociraptor implementation using cloud infrastructure☆26Dec 2, 2025Updated 3 months ago
- Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.☆23Oct 31, 2018Updated 7 years ago
- A collection of resources for Threat Hunters☆914Oct 15, 2024Updated last year
- Extract and aggregate threat intelligence.☆906Jan 31, 2024Updated 2 years ago
- This is a script to import Cisco Talos's IP Blacklist into a Tag (Host Group) within Stealthwatch. This will also optionally create a Cu…☆11May 22, 2023Updated 2 years ago
- ☆12Feb 16, 2017Updated 9 years ago
- ☆2,510Updated this week
- Indicators of Compromises (IOC) of our various investigations☆1,922Feb 20, 2026Updated last week
- Open Source Security Events Metadata (OSSEM)☆1,288Feb 27, 2023Updated 3 years ago
- A framework for developing alerting and detection strategies for incident response.☆841Sep 8, 2025Updated 5 months ago
- ☆23Jun 1, 2023Updated 2 years ago