defensivedepth/osquery-filters external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

defensivedepth/osquery-filters

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/defensivedepth/osquery-filters)

Close

defensivedepth / osquery-filtersView on GitHubMore

• External links
• Readme badge

☆34Aug 8, 2023Updated 2 years ago

Alternatives and similar repositories for osquery-filters

Users that are interested in osquery-filters are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• CyberSift / OSQUERY-PACKS

  View on GitHub
  Osquery Packs we use for customer security hardening
  ☆12Jun 30, 2025Updated 9 months ago
• guardicode / osquery

  View on GitHub
  Guardicore osqueries collection for asset information, TH and compliance.
  ☆19Dec 22, 2021Updated 4 years ago
• osquery / foundation

  View on GitHub
  osquery Foundation Charter, Legal, and Process Documents
  ☆13Jun 10, 2022Updated 3 years ago
• zeflow / Sigma2SplunkAlert

  View on GitHub
  Converts Sigma detection rules to a Splunk alert configuration.
  ☆12Jul 1, 2021Updated 4 years ago
• woanware / etw-event-dumper

  View on GitHub
  ☆33Feb 26, 2022Updated 4 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• NextronSystems / evtx-baseline

  View on GitHub
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆88Mar 11, 2026Updated last month
• wagga40 / Mitre2Datatables

  View on GitHub
  Bring Your Own Mitre Att&ck © Matrix !
  ☆13Oct 19, 2023Updated 2 years ago
• microsoft / MSTIC-Sysmon

  View on GitHub
  Anything Sysmon related from the MSTIC R&D team
  ☆156Jun 8, 2024Updated last year
• murchisd / splunk_pstree_app

  View on GitHub
  Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)
  ☆24Mar 30, 2026Updated 2 weeks ago
• ryanadler / downloadSplunk

  View on GitHub
  Downloading Splunk, made easy through scripts
  ☆28Apr 6, 2026Updated last week
• 3CORESec / Automata

  View on GitHub
  Automatic detection engineering technical state compliance
  ☆55Jul 7, 2024Updated last year
• Kintyre / TA-postfix

  View on GitHub
  Postfix Add-on for Splunk (Compliant with the Mail CIM model)
  ☆11Mar 18, 2021Updated 5 years ago
• AbGuthrie / goquery

  View on GitHub
  Provide a shell like interface by utilizing osquery's distributed API
  ☆82Jun 24, 2020Updated 5 years ago
• splunk / splunkconf-backup

  View on GitHub
  ☆13Apr 6, 2026Updated last week
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• cmdaltr / elrond

  View on GitHub
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆32Nov 23, 2025Updated 4 months ago
• zeek / zeek-agent-framework

  View on GitHub
  This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2
  ☆14Oct 12, 2020Updated 5 years ago
• CIRCL / factual-rules-generator

  View on GitHub
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆75Jan 18, 2022Updated 4 years ago
• chainguard-sandbox / osqtool

  View on GitHub
  Automated testing, generation & manipulation of #osquery packs
  ☆74Apr 10, 2026Updated last week
• RealityNet / McAFuse

  View on GitHub
  Toolset to analyze disks encrypted with McAFee FDE technology
  ☆19Mar 11, 2021Updated 5 years ago
• CiscoCXSecurity / log4j

  View on GitHub
  Detection rules to look for Log4J usage and exploitation
  ☆18Jun 21, 2025Updated 9 months ago
• d3sre / Use_Case_Applicability

  View on GitHub
  Security Monitoring Resolution Categories
  ☆137Nov 25, 2021Updated 4 years ago
• austincloudguru / ansible-role-splunk-forwarder

  View on GitHub
  ☆31Jun 10, 2024Updated last year
• Tib3rius / Free_Tech_Resources

  View on GitHub
  Compiling a list of free learning resources in different areas of tech
  ☆13Jul 19, 2023Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• splunk / TA-misp_es

  View on GitHub
  MISP to Splunk Enterprise Security Theat Intelligence Framework Integration
  ☆14Jul 11, 2023Updated 2 years ago
• ninoseki / kibune

  View on GitHub
  A Sigma based detection pipeline
  ☆12Dec 15, 2023Updated 2 years ago
• tsale / TA_tooling

  View on GitHub
  ☆10Dec 24, 2022Updated 3 years ago
• elastic / sans-dfir-2022

  View on GitHub
  Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
  ☆11Feb 6, 2025Updated last year
• M3NIX / sigmaio

  View on GitHub
  simple webapp for converting sigma rules into siem queries using the pySigma library
  ☆50Sep 1, 2023Updated 2 years ago
• GSA / oscal-ssp-to-word

  View on GitHub
  ☆19Oct 19, 2021Updated 4 years ago
• tmk1221 / frameSmith

  View on GitHub
  ☆11Oct 24, 2023Updated 2 years ago
• thedxt / Bookmarks

  View on GitHub
  My collection of Bookmarks
  ☆13Dec 29, 2025Updated 3 months ago
• modularise / modularise

  View on GitHub
  ☆20Oct 1, 2020Updated 5 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• operatorequals / terraform-provider-elastic-siem

  View on GitHub
  ☆12Apr 22, 2022Updated 3 years ago
• instruqt / packer-k3s

  View on GitHub
  Build K3s image using Packer
  ☆13Mar 31, 2026Updated 2 weeks ago
• fmanco / osquery-packs

  View on GitHub
  osquery query packs
  ☆14Aug 31, 2018Updated 7 years ago
• davisshannon / Splunk-Sunburst

  View on GitHub
  Sunburst IOCs for Splunk Ingest
  ☆18Jan 28, 2021Updated 5 years ago
• chainguard-dev / osquery-defense-kit

  View on GitHub
  Production-ready detection & response queries for osquery
  ☆603Apr 8, 2026Updated last week
• 3CORESec / SIEGMA

  View on GitHub
  SIEGMA - Transform Sigma rules into SIEM consumables
  ☆159Mar 10, 2025Updated last year
• NextronSystems / CyberChef

  View on GitHub
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆66Aug 10, 2022Updated 3 years ago