Recon Hunt Queries
☆79May 16, 2021Updated 4 years ago
Alternatives and similar repositories for rhq
Users that are interested in rhq are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Collection of operational focused osquery dashboards.☆10Jan 20, 2021Updated 5 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Jan 16, 2018Updated 8 years ago
- Threat Hunting & Incident Investigation with Osquery☆217Mar 30, 2022Updated 4 years ago
- A Splunk technology add-on for osquery☆14Sep 5, 2025Updated 7 months ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Sep 4, 2021Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆14Oct 24, 2024Updated last year
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆45Aug 17, 2020Updated 5 years ago
- ☆18May 23, 2024Updated last year
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆24Jul 9, 2021Updated 4 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- PyVelociraptor contains the python bindings for the Velociraptor API.☆21Apr 18, 2026Updated last week
- Triage automation for suspect URLs☆13Jul 23, 2019Updated 6 years ago
- Dockerfiles for containerized osquery☆14May 23, 2017Updated 8 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- NTFS file system specimens☆13Jul 3, 2023Updated 2 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Feb 1, 2022Updated 4 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Kibana app for RedELK☆18Mar 19, 2023Updated 3 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆343Jun 25, 2022Updated 3 years ago
- Ansible playbook to convert Sigma rules to ElastAlert rules☆10Feb 5, 2021Updated 5 years ago
- Searches For Threat Hunting and Security Analytics☆239Mar 26, 2025Updated last year
- Transform EQL detection rules to VQL artifacts☆12Nov 12, 2021Updated 4 years ago
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Library of threat hunts to get any user started!☆50Sep 4, 2020Updated 5 years ago
- osquery Foundation Charter, Legal, and Process Documents☆13Jun 10, 2022Updated 3 years ago
- ☆20Oct 23, 2020Updated 5 years ago
- Event Trace Log file parser in pure Python☆151Nov 27, 2020Updated 5 years ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆810May 11, 2023Updated 2 years ago
- A framework for developing alerting and detection strategies for incident response.☆868Sep 8, 2025Updated 7 months ago
- A flexible control server for osquery fleets☆1,100Dec 15, 2020Updated 5 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Windows Events and Sys…☆12Apr 13, 2017Updated 9 years ago
- TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to …☆27Jul 13, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆21Oct 25, 2023Updated 2 years ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆506Oct 21, 2022Updated 3 years ago
- ATT&CK Remote Threat Hunting Incident Response☆206Dec 8, 2024Updated last year
- A repository for using osquery for incident detection and response☆891Sep 8, 2025Updated 7 months ago
- The Intelligent Process Lifecycle of Active Cyber Defenders☆34Jan 1, 2023Updated 3 years ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 5 years ago
- Automated Real-Time Threat Hunting with ATD, Active Response and Elasticsearch/Kibana☆10Aug 17, 2018Updated 7 years ago