ReconInfoSec/rhq external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ReconInfoSec/rhq

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ReconInfoSec/rhq)

Close

ReconInfoSec / rhqView on GitHubMore

• External links
• Readme badge

Recon Hunt Queries

☆79May 16, 2021Updated 4 years ago

Alternatives and similar repositories for rhq

Users that are interested in rhq are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• BatteryCandy / osquery-splunk-dashboards

  View on GitHub
  Collection of operational focused osquery dashboards.
  ☆10Jan 20, 2021Updated 5 years ago
• Benster900 / ThreatWaffle

  View on GitHub
  Threat hunting repo for my independent study on threat hunting with OSQuery
  ☆27Jan 16, 2018Updated 8 years ago
• Kirtar22 / ThreatHunting_with_Osquery

  View on GitHub
  Threat Hunting & Incident Investigation with Osquery
  ☆217Mar 30, 2022Updated 4 years ago
• splunk / TA-osquery

  View on GitHub
  A Splunk technology add-on for osquery
  ☆14Sep 5, 2025Updated 7 months ago
• ReconInfoSec / adversary-emulation-map

  View on GitHub
  Creates an ATT&CK Navigator map of an Adversary Emulation Plan
  ☆17Sep 4, 2021Updated 4 years ago
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• ReconInfoSec / velociraptor-to-timesketch

  View on GitHub
  ☆14Oct 24, 2024Updated last year
• ReconInfoSec / graylog2thehive

  View on GitHub
  Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.
  ☆45Aug 17, 2020Updated 5 years ago
• shortstack / art

  View on GitHub
  ☆18May 23, 2024Updated last year
• alwashmi / MasterParser

  View on GitHub
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆24Jul 9, 2021Updated 4 years ago
• vadim-hunter / Detection-Ideas-Rules

  View on GitHub
  Detection Ideas & Rules repository.
  ☆178Sep 10, 2021Updated 4 years ago
• forensicmatt / RustyReg

  View on GitHub
  Registry to JSON. This Project is for learning purposes and is not maintained.
  ☆12Dec 28, 2021Updated 4 years ago
• Velocidex / pyvelociraptor

  View on GitHub
  PyVelociraptor contains the python bindings for the Velociraptor API.
  ☆21Updated this week
• notx11 / urlScan2Hive

  View on GitHub
  Triage automation for suspect URLs
  ☆13Jul 23, 2019Updated 6 years ago
• kolide / docker-osquery

  View on GitHub
  Dockerfiles for containerized osquery
  ☆14May 23, 2017Updated 8 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• dfirlabs / ntfs-specimens

  View on GitHub
  NTFS file system specimens
  ☆13Jul 3, 2023Updated 2 years ago
• capesstack / capes-docker

  View on GitHub
  Cyber Analytics Platform and Examination System (CAPES) Project Page
  ☆14Feb 1, 2022Updated 4 years ago
• elastic / sans-dfir-2022

  View on GitHub
  Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
  ☆11Feb 6, 2025Updated last year
• fastlorenzo / redelk-kibana-app

  View on GitHub
  Kibana app for RedELK
  ☆18Mar 19, 2023Updated 3 years ago
• orlikoski / CDQR

  View on GitHub
  The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…
  ☆343Jun 25, 2022Updated 3 years ago
• ReconInfoSec / sigma-to-elastalert

  View on GitHub
  Ansible playbook to convert Sigma rules to ElastAlert rules
  ☆10Feb 5, 2021Updated 5 years ago
• randomuserid / Adama

  View on GitHub
  Searches For Threat Hunting and Security Analytics
  ☆239Mar 26, 2025Updated last year
• Velocidex / eql2vql

  View on GitHub
  Transform EQL detection rules to VQL artifacts
  ☆12Nov 12, 2021Updated 4 years ago
• 3CORESec / Automata

  View on GitHub
  Automatic detection engineering technical state compliance
  ☆55Jul 7, 2024Updated last year
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• svch0stz / TheThreatHuntLibrary

  View on GitHub
  Library of threat hunts to get any user started!
  ☆50Sep 4, 2020Updated 5 years ago
• osquery / foundation

  View on GitHub
  osquery Foundation Charter, Legal, and Process Documents
  ☆13Jun 10, 2022Updated 3 years ago
• WithSecureLabs / lazarus-sigma-rules

  View on GitHub
  ☆19Oct 23, 2020Updated 5 years ago
• airbus-cert / etl-parser

  View on GitHub
  Event Trace Log file parser in pure Python
  ☆150Nov 27, 2020Updated 5 years ago
• teoseller / osquery-attck

  View on GitHub
  Mapping the MITRE ATT&CK Matrix with Osquery
  ☆809May 11, 2023Updated 2 years ago
• palantir / alerting-detection-strategy-framework

  View on GitHub
  A framework for developing alerting and detection strategies for incident response.
  ☆856Sep 8, 2025Updated 7 months ago
• kolide / fleet

  View on GitHub
  A flexible control server for osquery fleets
  ☆1,101Dec 15, 2020Updated 5 years ago
• darkoperator / ThreatHunter-Playbook

  View on GitHub
  A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Windows Events and Sys…
  ☆12Apr 13, 2017Updated 8 years ago
• jstnk9 / TIBER-Cases

  View on GitHub
  TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to …
  ☆27Jul 13, 2022Updated 3 years ago
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• tesorion / TCERT-Cumulonimbus-UAL_Extractor

  View on GitHub
  Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…
  ☆21Oct 25, 2023Updated 2 years ago
• orlikoski / Skadi

  View on GitHub
  Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
  ☆506Oct 21, 2022Updated 3 years ago
• MalwareArchaeology / ARTHIR

  View on GitHub
  ATT&CK Remote Threat Hunting Incident Response
  ☆206Dec 8, 2024Updated last year
• palantir / osquery-configuration

  View on GitHub
  A repository for using osquery for incident detection and response
  ☆888Sep 8, 2025Updated 7 months ago
• d3sre / IntelligentProcessLifecycle

  View on GitHub
  The Intelligent Process Lifecycle of Active Cyber Defenders
  ☆33Jan 1, 2023Updated 3 years ago
• iknowjason / Velociraptor_Azure

  View on GitHub
  A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.
  ☆22Apr 16, 2021Updated 4 years ago
• mohlcyber / OpenDXL-ATD-MAR-Elasticsearch

  View on GitHub
  Automated Real-Time Threat Hunting with ATD, Active Response and Elasticsearch/Kibana
  ☆10Aug 17, 2018Updated 7 years ago