PaloAltoNetworks/cortex-xql-queries external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

PaloAltoNetworks/cortex-xql-queries

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/PaloAltoNetworks/cortex-xql-queries)

Close

PaloAltoNetworks / cortex-xql-queriesView on GitHubMore

• External links
• Readme badge

Repository for Cortex XDR and Cortex XSIAM XQL queries and more!

☆45Jun 7, 2024Updated last year

Alternatives and similar repositories for cortex-xql-queries

Users that are interested in cortex-xql-queries are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• k4nfr3 / XDR_scripts

  View on GitHub
  A few XDR Scripts
  ☆23Mar 19, 2025Updated last year
• ebarti / cortex-xdr-client

  View on GitHub
  A python-based API client for Cortex XDR API.
  ☆26Sep 22, 2025Updated 8 months ago
• Beercow / walitean

  View on GitHub
  ☆11Aug 3, 2018Updated 7 years ago
• alexverboon / SentinelTIUploadToolkit

  View on GitHub
  Sentinel Threat Intelligence Upload Toolkit
  ☆18Jul 15, 2024Updated last year
• jonny-jhnson / Detecting-Process-Injection-Techniques

  View on GitHub
  This is a repository that is meant to hold detections for various process injection techniques.
  ☆34Mar 3, 2020Updated 6 years ago
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• ionsec / maes-platform

  View on GitHub
  MAES: M365 Analyzer & Extractor Suite Po
  ☆36May 4, 2026Updated 3 weeks ago
• PaloAltoNetworks / prismacloud-cli

  View on GitHub
  The Prisma Cloud CLI is a command line interface for Prisma Cloud by Palo Alto Networks.
  ☆43Apr 8, 2025Updated last year
• jgasmussen / Case_Notes.py

  View on GitHub
  Case_Notes.py is a cross-platform (Windows, macOS, & Linux) python script to help make the documentation process easier.
  ☆26Jun 24, 2023Updated 2 years ago
• 0xsp-SRD / PAS-mini-c2c-

  View on GitHub
  ☆12Oct 9, 2022Updated 3 years ago
• cyb3rmik3 / cyb3rmik3

  View on GitHub
  GitHub landing page repo
  ☆12May 14, 2026Updated last week
• PaloAltoNetworks / pan.dev

  View on GitHub
  Palo Alto Networks for Developers
  ☆69Updated this week
• PacktPublishing / TypeScript-Modern-JavaScript-Development

  View on GitHub
  This is the code repository for the course, TypeScript: Modern Javascript Development, published by Packt
  ☆16Jan 30, 2023Updated 3 years ago
• markuskont / pikksilm

  View on GitHub
  Look into EDR events from network
  ☆25Nov 20, 2025Updated 6 months ago
• openai / aws-fluent-plugin-kinesis

  View on GitHub
  Fluentd output plugin that sends events to Amazon Kinesis Streams and Amazon Kinesis Firehose.
  ☆13Apr 2, 2023Updated 3 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• papaeye / pytest-httpretty

  View on GitHub
  A thin wrapper of HTTPretty for pytest
  ☆21May 26, 2019Updated 7 years ago
• lorisAmbrozzo / KQL-Queries

  View on GitHub
  Repository with Hunting and Detection Queries for Microsoft Sentinel and Microsoft Defender XDR
  ☆17Nov 7, 2025Updated 6 months ago
• kward / tabulate

  View on GitHub
  Tabulate is a command-line tool to convert record type data (e.g. CSV files) into a pretty printed table.
  ☆16Mar 1, 2020Updated 6 years ago
• splunk / splunk-webframework-toolkit

  View on GitHub
  The Splunk Web Framework Toolkit
  ☆12May 3, 2022Updated 4 years ago
• kacos2000 / Evtx_Log_Browser

  View on GitHub
  Evtx Log (xml) Browser
  ☆59Mar 12, 2023Updated 3 years ago
• bricerenaud / xdr_yara_rule_matching

  View on GitHub
  custom Python script to perform Yara matching in Cortex XDR
  ☆14May 18, 2021Updated 5 years ago
• RomanR-dev / python-logging-loki

  View on GitHub
  Python logging handler for Loki
  ☆19Dec 12, 2025Updated 5 months ago
• atola-technology / iscsi-targets

  View on GitHub
  Automatically create iSCSI targets for all drives except for a boot device
  ☆26May 23, 2025Updated last year
• vysecurity / IPFilter

  View on GitHub
  IP address filter by City
  ☆12Jan 17, 2025Updated last year
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• wdahlenburg / canary

  View on GitHub
  CLI tool written in Go to generate Canary Tokens from https://canarytokens.org
  ☆13Aug 22, 2025Updated 9 months ago
• cudeso / misp-reporting

  View on GitHub
  A package to create HTML MISP reports, including volume of trending events and attributes, evens received from key organisations and targ…
  ☆12Aug 14, 2025Updated 9 months ago
• shellspec / altshfmt

  View on GitHub
  AltSH (alternative shell script) formatter with support for ShellSpec and shpec syntax (experimental)
  ☆16Jun 22, 2024Updated last year
• PatrickKeisler / SQLMorningHealthChecks

  View on GitHub
  ☆13Mar 19, 2024Updated 2 years ago
• Pragmateam / coding-dojo

  View on GitHub
  ☆10Feb 4, 2024Updated 2 years ago
• jabadia / gif_catalog

  View on GitHub
  Ejemplo mostrado en la charla de Vue+Django en el meetup de Vue.js 12/Sep/2017
  ☆10Sep 13, 2017Updated 8 years ago
• magicsword-io / LOLBASline

  View on GitHub
  Baseline a Windows System against LOLBAS
  ☆74Feb 2, 2026Updated 3 months ago
• LucasFaudman / sans-index-generator

  View on GitHub
  Generate Indexes from SANS PDFs
  ☆18Jun 3, 2024Updated last year
• NextronSystems / velociraptor-artifacts-thor

  View on GitHub
  Thor Artifacts for Velociraptor
  ☆19Dec 2, 2025Updated 5 months ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• CCSIR / WP-Plugins-Scanner

  View on GitHub
  Wordpress Plugins Scanner it's a semi-automatic white box pentesting/crawler app for WP plugins using RIPS from OWASP.
  ☆14Aug 6, 2013Updated 12 years ago
• dfirvault / Thor-scanner-menu

  View on GitHub
  Menu for Thor scanner lite
  ☆20Oct 24, 2025Updated 7 months ago
• ausec-it / bof-registry

  View on GitHub
  Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry
  ☆31Feb 11, 2021Updated 5 years ago
• DataDog / workload-security-evaluator

  View on GitHub
  ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…
  ☆37Oct 17, 2024Updated last year
• vrikodar / Mango

  View on GitHub
  Mango is a user interactive Powershell program to search for possible privilege escalation vectors on windows
  ☆15Aug 4, 2021Updated 4 years ago
• HillsyCyberSec / CheatSheet

  View on GitHub
  ☆10Aug 9, 2024Updated last year
• cudeso / misp2defender

  View on GitHub
  MISP to Microsoft Defender integration
  ☆17Feb 24, 2026Updated 3 months ago