Cisco-Talos/osquery_queries external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Cisco-Talos/osquery_queries

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Cisco-Talos/osquery_queries)

Close

Cisco-Talos / osquery_queriesView on GitHubMore

• External links
• Readme badge

Cisco Orbital - Osquery queries by Talos

☆137Aug 23, 2024Updated last year

Alternatives and similar repositories for osquery_queries

Users that are interested in osquery_queries are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• SophosRapidResponse / OSQuery

  View on GitHub
  ☆88Mar 7, 2025Updated last year
• CyberSift / OSQUERY-PACKS

  View on GitHub
  Osquery Packs we use for customer security hardening
  ☆12Jun 30, 2025Updated 8 months ago
• teoseller / osquery-attck

  View on GitHub
  Mapping the MITRE ATT&CK Matrix with Osquery
  ☆808May 11, 2023Updated 2 years ago
• Kirtar22 / ThreatHunting_with_Osquery

  View on GitHub
  Threat Hunting & Incident Investigation with Osquery
  ☆216Mar 30, 2022Updated 3 years ago
• chainguard-sandbox / osqtool

  View on GitHub
  Automated testing, generation & manipulation of #osquery packs
  ☆74Oct 16, 2024Updated last year
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• sttor / awesome-osquery

  View on GitHub
  Osquery Resources
  ☆63Aug 23, 2019Updated 6 years ago
• palantir / osquery-configuration

  View on GitHub
  A repository for using osquery for incident detection and response
  ☆884Sep 8, 2025Updated 6 months ago
• CiscoSE / SnortBlocklistImporter

  View on GitHub
  This is a script to import Cisco Talos's IP Blacklist into a Tag (Host Group) within Stealthwatch. This will also optionally create a Cu…
  ☆11May 22, 2023Updated 2 years ago
• chainguard-dev / osquery-defense-kit

  View on GitHub
  Production-ready detection & response queries for osquery
  ☆602Aug 13, 2025Updated 7 months ago
• BatteryCandy / osquery-splunk-dashboards

  View on GitHub
  Collection of operational focused osquery dashboards.
  ☆11Jan 20, 2021Updated 5 years ago
• LeoCodes21 / alpha_decoder

  View on GitHub
  A Rust command-line tool for decoding Alpha2-based shellcode.
  ☆11Dec 16, 2020Updated 5 years ago
• macadmins / osquery-extension

  View on GitHub
  An osquery extension for endpoint engineers
  ☆121Mar 16, 2026Updated last week
• jonny-jhnson / Automated-Detection-Pipeline

  View on GitHub
  ☆15Dec 16, 2020Updated 5 years ago
• Jrotenberger / Powershell-IR-Scripts

  View on GitHub
  ☆39Jun 28, 2019Updated 6 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• google / dfiq

  View on GitHub
  DFIQ is a collection of investigative questions and the approaches for answering them
  ☆301Mar 10, 2026Updated 2 weeks ago
• anelshaer / Remote-Linux-Triage-Collection-using-OSquery

  View on GitHub
  Remotely collect linux live forensics artifacts.
  ☆14Jul 8, 2022Updated 3 years ago
• GSA / laptop-management

  View on GitHub
  ALPHA/WIP for OSquery configuration for Mac and Linux Operating Systems
  ☆16Jan 9, 2018Updated 8 years ago
• jmpsec / osctrl

  View on GitHub
  Fast and efficient osquery management
  ☆494Mar 18, 2026Updated last week
• freeload101 / SCRIPTS

  View on GitHub
  ☆172Mar 16, 2026Updated last week
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,729Mar 20, 2024Updated 2 years ago
• jandre / brosquery

  View on GitHub
  module for osquery to load Bro logs into tables
  ☆28Apr 28, 2015Updated 10 years ago
• Claudio-C / awesome-data-sanitization

  View on GitHub
  Awesome Data Sanitization
  ☆12Jun 6, 2021Updated 4 years ago
• Velocidex / cloudvelo

  View on GitHub
  An experimental Velociraptor implementation using cloud infrastructure
  ☆26Dec 2, 2025Updated 3 months ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,526Jan 24, 2023Updated 3 years ago
• trailofbits / osquery-extensions

  View on GitHub
  osquery extensions by Trail of Bits
  ☆269Apr 12, 2023Updated 2 years ago
• sroberts / responding-at-scale-with-osquery

  View on GitHub
  Using osquery for Mass Incident Detection & Response
  ☆19Jun 25, 2016Updated 9 years ago
• Cisco-Talos / CASC

  View on GitHub
  ☆44Sep 12, 2018Updated 7 years ago
• osquery / foundation

  View on GitHub
  osquery Foundation Charter, Legal, and Process Documents
  ☆13Jun 10, 2022Updated 3 years ago
• fmanco / osquery-packs

  View on GitHub
  osquery query packs
  ☆14Aug 31, 2018Updated 7 years ago
• ThreatHuntingProject / ThreatHunting

  View on GitHub
  An informational repo about hunting for adversaries in your IT environment.
  ☆1,859Nov 17, 2021Updated 4 years ago
• mgreen27 / DetectRaptor

  View on GitHub
  A repository to share publicly available Velociraptor detection content
  ☆196Mar 15, 2026Updated last week
• sttor / osquery-wazuh-response

  View on GitHub
  Active Response plugin. Osquery to execute wazuh/ossec active response plugins. You can write your own plugins, easy to plug
  ☆11Jun 20, 2020Updated 5 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• Shuffle / shuffle-docs

  View on GitHub
  Documentation used for Shuffle
  ☆21Updated this week
• reversinglabs / reversinglabs-yara-rules

  View on GitHub
  ReversingLabs YARA Rules
  ☆900Nov 3, 2025Updated 4 months ago
• ReconInfoSec / rhq

  View on GitHub
  Recon Hunt Queries
  ☆79May 16, 2021Updated 4 years ago
• scudette / rekall-agent-server

  View on GitHub
  Rekall is an endpoint security solution.
  ☆38Feb 12, 2018Updated 8 years ago
• kolide / launcher

  View on GitHub
  Osquery launcher, autoupdater, and packager
  ☆539Updated this week
• eset / malware-ioc

  View on GitHub
  Indicators of Compromises (IOC) of our various investigations
  ☆1,934Updated this week
• wagga40 / Zircolite

  View on GitHub
  A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
  ☆791Mar 14, 2026Updated last week