Alternatives and similar repositories for OSQUERY-PACKS:

Users that are interested in OSQUERY-PACKS are comparing it to the libraries listed below

• defensivedepth / osquery-filters
  ☆34Updated last year
• blackstork-io / fabric-templates
  Open-source Fabric templates for cybersecurity and compliance
  ☆16Updated 2 months ago
• weslambert / securityonion-strelka
  ☆12Updated 5 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 4 months ago
• deeso / fleet-deployment
  ☆15Updated 5 years ago
• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆23Updated this week
• Shuffle / workflows
  Workflows for Shuffle
  ☆21Updated 2 years ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆39Updated 10 months ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆54Updated 8 months ago
• izysec / linux-audit
  Some resources to facilitate my blog on auditd for security monitoring
  ☆12Updated 2 years ago
• ReconInfoSec / rhq
  Recon Hunt Queries
  ☆76Updated 3 years ago
• juju4 / ansible-MISP
  ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing
  ☆53Updated 3 months ago
• jafarspalace / Crowdstrike-Falcon-Scripts
  Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation
  ☆22Updated 3 months ago
• cdefid / TheHiveIRPlaybook
  TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response
  ☆13Updated 4 years ago
• olafhartong / sysmon-modular-linux
  A repository of Sysmon For Linux configuration modules
  ☆15Updated 3 years ago
• spyx / SysmonGrahp
  ☆15Updated 3 years ago
• haidermdost / Threat-Detection-Maturity-Framework
  ☆18Updated 3 years ago
• HASecuritySolutions / Sysmon-Manager
  This repo contains information on how to auto deploy Sysmon via GPO and Task Scheduler
  ☆12Updated 3 years ago
• austinsonger / Elastic-Security
  Repo for Automations and other solutions for Elastic SIEM/Security.
  ☆18Updated 3 years ago
• redcanaryco / vscode-attack
  Visual Studio Code extension for MITRE ATT&CK
  ☆54Updated 8 months ago
• w8mej / ThreatPlays
  Sharing Threat Hunting runbooks
  ☆25Updated 5 years ago
• chihebchebbi / Azure-Sentinel-Hive-Playbook
  Send High & New Incidents to The Hive incident management Platform
  ☆18Updated 4 years ago
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated last year
• mattreduce / cti-self-study
  Track progress and keep notes while working through likethecoins' CTI Self Study Plan
  ☆28Updated 2 years ago
• guardsight / gsvsoc_mission-model
  Incident Response Report Using GitHub-Sphinx
  ☆20Updated 5 years ago
• corelight / Dashboards-Splunk-DNS-Hunting-Beaconing
  DNS Dashboard for hunting and identifying beaconing
  ☆15Updated 4 years ago
• DomainTools / DomainCAT
  Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations
  ☆43Updated 3 years ago
• swimlane / CLAW
  A packer utility to create and capture DFIR Image for use AWS & Azure
  ☆15Updated 5 years ago
• turbot / steampipe-plugin-virustotal
  Use SQL to instantly query file, domain, URL and IP scanning results from VirusTotal.
  ☆22Updated 4 months ago
• juaromu / wazuh
  ☆19Updated 3 years ago