Cisco-Talos/osquery_queries external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Cisco-Talos/osquery_queries

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Cisco-Talos/osquery_queries)

Close

Cisco-Talos / osquery_queriesView on GitHubMore

• External links
• Readme badge

Cisco Orbital - Osquery queries by Talos

☆136Aug 23, 2024Updated last year

Alternatives and similar repositories for osquery_queries

Users that are interested in osquery_queries are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• SophosRapidResponse / OSQuery

  View on GitHub
  ☆87Mar 7, 2025Updated last year
• CyberSift / OSQUERY-PACKS

  View on GitHub
  Osquery Packs we use for customer security hardening
  ☆12Jun 30, 2025Updated 11 months ago
• teoseller / osquery-attck

  View on GitHub
  Mapping the MITRE ATT&CK Matrix with Osquery
  ☆810May 11, 2023Updated 3 years ago
• Kirtar22 / ThreatHunting_with_Osquery

  View on GitHub
  Threat Hunting & Incident Investigation with Osquery
  ☆217Mar 30, 2022Updated 4 years ago
• chainguard-sandbox / osqtool

  View on GitHub
  Automated testing, generation & manipulation of #osquery packs
  ☆75May 29, 2026Updated 2 weeks ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• sttor / awesome-osquery

  View on GitHub
  Osquery Resources
  ☆64Aug 23, 2019Updated 6 years ago
• palantir / osquery-configuration

  View on GitHub
  A repository for using osquery for incident detection and response
  ☆895Sep 8, 2025Updated 9 months ago
• CiscoSE / SnortBlocklistImporter

  View on GitHub
  This is a script to import Cisco Talos's IP Blacklist into a Tag (Host Group) within Stealthwatch. This will also optionally create a Cu…
  ☆11May 22, 2023Updated 3 years ago
• chainguard-dev / osquery-defense-kit

  View on GitHub
  Production-ready detection & response queries for osquery
  ☆607Apr 22, 2026Updated last month
• BatteryCandy / osquery-splunk-dashboards

  View on GitHub
  Collection of operational focused osquery dashboards.
  ☆10Jan 20, 2021Updated 5 years ago
• LeoCodes21 / alpha_decoder

  View on GitHub
  A Rust command-line tool for decoding Alpha2-based shellcode.
  ☆11Dec 16, 2020Updated 5 years ago
• jonny-jhnson / Automated-Detection-Pipeline

  View on GitHub
  ☆16Dec 16, 2020Updated 5 years ago
• macadmins / osquery-extension

  View on GitHub
  An osquery extension for endpoint engineers
  ☆129Jun 6, 2026Updated last week
• Jrotenberger / Powershell-IR-Scripts

  View on GitHub
  ☆39Jun 28, 2019Updated 6 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• anelshaer / Remote-Linux-Triage-Collection-using-OSquery

  View on GitHub
  Remotely collect linux live forensics artifacts.
  ☆14Jul 8, 2022Updated 3 years ago
• google / dfiq

  View on GitHub
  DFIQ is a collection of investigative questions and the approaches for answering them
  ☆309Mar 10, 2026Updated 3 months ago
• axon-git / rapid-response

  View on GitHub
  Repository for storage of Axon Rapid Response related queries, scripts and more
  ☆10Jul 22, 2025Updated 10 months ago
• GSA / laptop-management

  View on GitHub
  ALPHA/WIP for OSquery configuration for Mac and Linux Operating Systems
  ☆16Jan 9, 2018Updated 8 years ago
• jmpsec / osctrl

  View on GitHub
  Fast and efficient osquery management
  ☆503Updated this week
• freeload101 / SCRIPTS

  View on GitHub
  ☆180Updated this week
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,771Mar 20, 2024Updated 2 years ago
• Claudio-C / awesome-data-sanitization

  View on GitHub
  Awesome Data Sanitization
  ☆12Jun 6, 2021Updated 5 years ago
• sroberts / responding-at-scale-with-osquery

  View on GitHub
  Using osquery for Mass Incident Detection & Response
  ☆19Jun 25, 2016Updated 9 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• Velocidex / cloudvelo

  View on GitHub
  An experimental Velociraptor implementation using cloud infrastructure
  ☆26Dec 2, 2025Updated 6 months ago
• jandre / brosquery

  View on GitHub
  module for osquery to load Bro logs into tables
  ☆28Apr 28, 2015Updated 11 years ago
• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,574Jan 24, 2023Updated 3 years ago
• trailofbits / osquery-extensions

  View on GitHub
  osquery extensions by Trail of Bits
  ☆272Apr 12, 2023Updated 3 years ago
• Cisco-Talos / CASC

  View on GitHub
  ☆44Sep 12, 2018Updated 7 years ago
• osquery / foundation

  View on GitHub
  osquery Foundation Charter, Legal, and Process Documents
  ☆13Jun 10, 2022Updated 4 years ago
• fmanco / osquery-packs

  View on GitHub
  osquery query packs
  ☆14Aug 31, 2018Updated 7 years ago
• ThreatHuntingProject / ThreatHunting

  View on GitHub
  An informational repo about hunting for adversaries in your IT environment.
  ☆1,875Nov 17, 2021Updated 4 years ago
• mgreen27 / DetectRaptor

  View on GitHub
  A repository to share publicly available Velociraptor detection content
  ☆203Updated this week
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• reversinglabs / reversinglabs-yara-rules

  View on GitHub
  ReversingLabs YARA Rules
  ☆922Nov 3, 2025Updated 7 months ago
• ReconInfoSec / rhq

  View on GitHub
  Recon Hunt Queries
  ☆79May 16, 2021Updated 5 years ago
• scudette / rekall-agent-server

  View on GitHub
  Rekall is an endpoint security solution.
  ☆38Feb 12, 2018Updated 8 years ago
• picatz / flareon

  View on GitHub
  🦊A cloudflare DNS over HTTPs resolver client library.
  ☆12Jan 10, 2023Updated 3 years ago
• sttor / osquery-wazuh-response

  View on GitHub
  Active Response plugin. Osquery to execute wazuh/ossec active response plugins. You can write your own plugins, easy to plug
  ☆12Jun 20, 2020Updated 5 years ago
• kolide / launcher

  View on GitHub
  Osquery launcher, autoupdater, and packager
  ☆542Updated this week
• eset / malware-ioc

  View on GitHub
  Indicators of Compromises (IOC) of our various investigations
  ☆1,955Jun 11, 2026Updated last week