Alternatives and similar repositories for OSQUERY-PACKS:

Users that are interested in OSQUERY-PACKS are comparing it to the libraries listed below

• defensivedepth / osquery-filters
  ☆34Updated last year
• michalpurzynski / suricata-rules
  Example Suricata rules implementing some of my detection tactics
  ☆20Updated 2 years ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆21Updated 2 years ago
• CptOfEvilMinions / ChooseYourSIEMAdventure
  ☆17Updated 3 years ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆30Updated last year
• KaanSK / Go-MISPFeedGenerator
  Golang implementation of PyMISP-feedgenerator
  ☆16Updated 2 years ago
• turbot / steampipe-plugin-virustotal
  Use SQL to instantly query file, domain, URL and IP scanning results from VirusTotal.
  ☆22Updated 2 months ago
• gyrospectre / squyre
  Security Alert Decoration
  ☆26Updated 2 months ago
• 0xdefendA / defenda-data-lake
  defendA Data Lake. A firehose pipeline to athena providing enrichment and normalization for security events
  ☆16Updated last year
• ReconInfoSec / rhq
  Recon Hunt Queries
  ☆76Updated 3 years ago
• weslambert / securityonion-strelka
  ☆12Updated 5 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 2 months ago
• austinsonger / Elastic-Security
  Repo for Automations and other solutions for Elastic SIEM/Security.
  ☆18Updated 3 years ago
• fmanco / osquery-packs
  osquery query packs
  ☆14Updated 6 years ago
• telekom-security / acquire-aws-ec2
  A python script to acquire multiple aws ec2 instances in a forensically sound-ish way
  ☆37Updated 3 years ago
• juju4 / ansible-MISP
  ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing
  ☆53Updated last month
• swimlane / pyattck-data
  This repository contains generated contextual data utilized by pyattck.
  ☆18Updated 6 months ago
• corelight / Dashboards-Splunk-DNS-Hunting-Beaconing
  DNS Dashboard for hunting and identifying beaconing
  ☆14Updated 4 years ago
• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆23Updated this week
• jctello / JCT-Wazuh
  Tools for Wazuh by Juan C. Tello
  ☆14Updated 3 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆53Updated 6 months ago
• the2dl / SSDT
  Stupid Simple Detection Testing
  ☆12Updated 10 months ago
• karimhabush / cis-vsphere
  A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark.
  ☆49Updated 2 years ago
• activecm / smudge
  Passive OS detection based on SYN packets without Transmitting any Data
  ☆45Updated last year
• theparanoids / rdfp
  Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt
  ☆38Updated last year
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆38Updated 8 months ago
• swimlane / CLAW
  A packer utility to create and capture DFIR Image for use AWS & Azure
  ☆14Updated 5 years ago
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆50Updated 2 years ago
• sandialabs / gait
  Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies
  ☆27Updated 10 months ago
• swisscom / detections
  Threat intelligence and threat detection indicators (IOC, IOA)
  ☆53Updated 4 years ago