defensivedepth / osquery-filtersView external linksLinks
☆34Aug 8, 2023Updated 2 years ago
Alternatives and similar repositories for osquery-filters
Users that are interested in osquery-filters are comparing it to the libraries listed below
Sorting:
- Osquery Packs we use for customer security hardening☆12Jun 30, 2025Updated 7 months ago
- A Sal client for Chrome OS☆16Jan 3, 2025Updated last year
- Downloading Splunk, made easy through scripts☆25Nov 21, 2025Updated 2 months ago
- osquery Foundation Charter, Legal, and Process Documents☆13Jun 10, 2022Updated 3 years ago
- Guardicore osqueries collection for asset information, TH and compliance.☆16Dec 22, 2021Updated 4 years ago
- ☆10Dec 24, 2022Updated 3 years ago
- Custom Splunk search command to reconstruct a pstree from Sysmon process creation events (EventCode 1)☆24Mar 3, 2023Updated 2 years ago
- Generates TCP/UDP stream configuration files for NGINX based on the backend servers and ports provided☆11May 23, 2019Updated 6 years ago
- ☆10Jan 30, 2022Updated 4 years ago
- Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files☆31Jun 15, 2022Updated 3 years ago
- Anything Sysmon related from the MSTIC R&D team☆156Jun 8, 2024Updated last year
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 2 months ago
- InSpec profile for Microsoft Windows 10, against DISA's Microsoft Windows 10 Security Technical Implementation Guide (STIG) Version 1, Re…☆14Jan 9, 2025Updated last year
- F-Box 渗透测试武器库☆14Aug 28, 2021Updated 4 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- ☆33Feb 26, 2022Updated 3 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2☆14Oct 12, 2020Updated 5 years ago
- Bring Your Own Mitre Att&ck © Matrix !☆13Oct 19, 2023Updated 2 years ago
- MISP to Splunk Enterprise Security Theat Intelligence Framework Integration☆14Jul 11, 2023Updated 2 years ago
- tp3注入总结☆19Jan 6, 2022Updated 4 years ago
- ☆19Aug 2, 2020Updated 5 years ago
- Toolset to analyze disks encrypted with McAFee FDE technology☆19Mar 11, 2021Updated 4 years ago
- Red Team Server (RTS)☆16Mar 8, 2024Updated last year
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆66Aug 10, 2022Updated 3 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆75Jan 18, 2022Updated 4 years ago
- A running list of Windows sources and the related event ids.☆19Aug 2, 2023Updated 2 years ago
- razorAP, Bash and Python tool used to generate Fake Access Points for Wi-Fi networks with 802.1X authentication.☆22Sep 18, 2024Updated last year
- Sunburst IOCs for Splunk Ingest☆18Jan 28, 2021Updated 5 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆86Dec 17, 2025Updated last month
- Imphash-like calculation on Golang binaries☆49Jul 2, 2022Updated 3 years ago
- AWS Testing and Reporting Management Tool☆20Jan 23, 2023Updated 3 years ago
- Splunk App for MITRE Att&CK Navigator(TM)☆23Mar 25, 2021Updated 4 years ago
- Repository of Volatility3 plugins☆22Mar 22, 2023Updated 2 years ago
- A Zeek package to detect CVE-2021-42292, a Microsoft Excel local privilege escalation exploit.☆18Nov 11, 2021Updated 4 years ago
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆94Jun 28, 2025Updated 7 months ago
- Detect possible sysmon logging bypasses given a specific configuration☆111Dec 26, 2018Updated 7 years ago
- Provide a shell like interface by utilizing osquery's distributed API☆82Jun 24, 2020Updated 5 years ago
- A post exploitation framework designed to operate covertly on heavily monitored environments☆21Jan 5, 2021Updated 5 years ago
- Small utility package for manipulating Windows process tokens☆26Apr 26, 2022Updated 3 years ago