☆88Mar 7, 2025Updated last year
Alternatives and similar repositories for OSQuery
Users that are interested in OSQuery are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This hosts all queries created on the LD&R Forum☆13Feb 18, 2025Updated last year
- Osquery Packs we use for customer security hardening☆12Jun 30, 2025Updated 8 months ago
- Cisco Orbital - Osquery queries by Talos☆137Aug 23, 2024Updated last year
- Threat Hunting & Incident Investigation with Osquery☆216Mar 30, 2022Updated 3 years ago
- Active Response plugin. Osquery to execute wazuh/ossec active response plugins. You can write your own plugins, easy to plug☆11Jun 20, 2020Updated 5 years ago
- Sophos-originated indicators-of-compromise from published reports☆652Jan 16, 2026Updated 2 months ago
- Leverage Sophos Central API☆31Sep 29, 2023Updated 2 years ago
- Cyber Threats Detection Rules☆14Sep 16, 2025Updated 6 months ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆808May 11, 2023Updated 2 years ago
- ALPHA/WIP for OSquery configuration for Mac and Linux Operating Systems☆16Jan 9, 2018Updated 8 years ago
- Hunting Malicious Macros SANS Threathunting Summit 2021 Materials☆39Oct 9, 2021Updated 4 years ago
- Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service☆32Sep 26, 2024Updated last year
- Automated testing, generation & manipulation of #osquery packs☆74Oct 16, 2024Updated last year
- LILO based Pulse Secure appliance disk image decryptor☆13Mar 20, 2024Updated 2 years ago
- A conglomeration of resources for any color of the rainbow☆14Feb 12, 2026Updated last month
- osquery query packs☆14Aug 31, 2018Updated 7 years ago
- Production-ready detection & response queries for osquery☆602Aug 13, 2025Updated 7 months ago
- MISP to Splunk Enterprise Security Theat Intelligence Framework Integration☆14Jul 11, 2023Updated 2 years ago
- Postman collection to work with Sophos Central APIs☆26Jan 8, 2026Updated 2 months ago
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Apr 13, 2018Updated 7 years ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆79Jan 9, 2024Updated 2 years ago
- osquery extensions by Trail of Bits☆269Apr 12, 2023Updated 2 years ago
- Recon Hunt Queries☆79May 16, 2021Updated 4 years ago
- Yara rules written by me, for free use.☆20Nov 26, 2021Updated 4 years ago
- A minimal CLI client for CRXcavator.io☆15Dec 8, 2022Updated 3 years ago
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆21Sep 30, 2022Updated 3 years ago
- ☆30May 1, 2025Updated 10 months ago
- A repository to share publicly available Velociraptor detection content☆196Mar 15, 2026Updated last week
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- ☆13Oct 7, 2019Updated 6 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- ☆34Aug 8, 2023Updated 2 years ago
- Automated Real-Time Threat Hunting with ATD, Active Response and Elasticsearch/Kibana☆10Aug 17, 2018Updated 7 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆291Jan 15, 2024Updated 2 years ago
- ☆12Jun 29, 2021Updated 4 years ago
- Windows Event Forwarding for Active Directory Security Logs☆29Jun 28, 2016Updated 9 years ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆806Jan 14, 2026Updated 2 months ago
- TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response☆13Jul 13, 2020Updated 5 years ago
- Turn any blog into structured threat intelligence.☆54Updated this week