Recon Hunt Queries
☆79May 16, 2021Updated 4 years ago
Alternatives and similar repositories for rhq
Users that are interested in rhq are comparing it to the libraries listed below
Sorting:
- Collection of operational focused osquery dashboards.☆11Jan 20, 2021Updated 5 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Jan 16, 2018Updated 8 years ago
- Threat Hunting & Incident Investigation with Osquery☆216Mar 30, 2022Updated 3 years ago
- A Splunk technology add-on for osquery☆14Sep 5, 2025Updated 6 months ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Sep 4, 2021Updated 4 years ago
- ☆14Oct 24, 2024Updated last year
- ☆18May 23, 2024Updated last year
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆45Aug 17, 2020Updated 5 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆24Jul 9, 2021Updated 4 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- PyVelociraptor contains the python bindings for the Velociraptor API.☆21Feb 11, 2026Updated last month
- Triage automation for suspect URLs☆13Jul 23, 2019Updated 6 years ago
- Dockerfiles for containerized osquery☆14May 23, 2017Updated 8 years ago
- NTFS file system specimens☆13Jul 3, 2023Updated 2 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Feb 1, 2022Updated 4 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Kibana app for RedELK☆18Mar 19, 2023Updated 3 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆343Jun 25, 2022Updated 3 years ago
- Ansible playbook to convert Sigma rules to ElastAlert rules☆10Feb 5, 2021Updated 5 years ago
- Searches For Threat Hunting and Security Analytics☆238Mar 26, 2025Updated 11 months ago
- Transform EQL detection rules to VQL artifacts☆12Nov 12, 2021Updated 4 years ago
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year
- Library of threat hunts to get any user started!☆50Sep 4, 2020Updated 5 years ago
- osquery Foundation Charter, Legal, and Process Documents☆13Jun 10, 2022Updated 3 years ago
- ☆19Oct 23, 2020Updated 5 years ago
- Event Trace Log file parser in pure Python☆150Nov 27, 2020Updated 5 years ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆808May 11, 2023Updated 2 years ago
- A framework for developing alerting and detection strategies for incident response.☆850Sep 8, 2025Updated 6 months ago
- A flexible control server for osquery fleets☆1,099Dec 15, 2020Updated 5 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Windows Events and Sys…☆12Apr 13, 2017Updated 8 years ago
- TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to …☆27Jul 13, 2022Updated 3 years ago
- Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…☆21Oct 25, 2023Updated 2 years ago
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆505Oct 21, 2022Updated 3 years ago
- The Intelligent Process Lifecycle of Active Cyber Defenders☆33Jan 1, 2023Updated 3 years ago
- ATT&CK Remote Threat Hunting Incident Response☆206Dec 8, 2024Updated last year
- A repository for using osquery for incident detection and response☆882Sep 8, 2025Updated 6 months ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 4 years ago
- Automated Real-Time Threat Hunting with ATD, Active Response and Elasticsearch/Kibana☆10Aug 17, 2018Updated 7 years ago