Alternatives and similar repositories for osquery

Users that are interested in osquery are comparing it to the libraries listed below

• SophosRapidResponse / OSQuery
  ☆87Updated 8 months ago
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆40Updated 3 years ago
• TheHive-Project / awesome
  A curated list of awesome things related to TheHive & Cortex
  ☆182Updated 4 years ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆78Updated 3 weeks ago
• sametsazak / sysmon
  Sysmon and wazuh integration with Sigma sysmon rules [updated]
  ☆70Updated 4 years ago
• InfoSecInnovations / What2Log
  ☆43Updated 2 years ago
• activecm / docker-zeek
  Run zeek with zeekctl in docker
  ☆55Updated last year
• CISecurity / ControlsAssessmentSpecification
  Controls Assessment Specification
  ☆70Updated 7 months ago
• MrM8BRH / Splunk
  This repository is a comprehensive collection of resources, documentation, apps, and add-ons related to Splunk, a powerful data analytics…
  ☆23Updated last week
• OTRF / infosec-jupyter-book
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆126Updated 5 years ago
• weslambert / DinoSOARLab
  Security Onion + Automation + Response Lab including n8n and Velociraptor
  ☆112Updated 3 years ago
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆47Updated last year
• robvandenbrink / Critical-Controls-v7
  Implementing the CIS Critical Controls (almost) for Free
  ☆86Updated 3 years ago
• CrowdStrike / community
  CrowdStrike's Open Source Policy & Contribution Guide
  ☆45Updated last month
• Truvis / SplunkDashboards
  Collection of Dashboards for Threat Hunting and more!
  ☆70Updated 5 years ago
• shauntdergrigorian / splunkqueries
  A list of Splunk queries that I've collected and used over time.
  ☆87Updated 5 years ago
• PaloAltoNetworks / minemeld-ansible
  Ansible playbook for installing MineMeld on Linux
  ☆48Updated 4 years ago
• msraju / Incident-Response-Playbooks
  ☆45Updated 3 years ago
• NUKIB / misp
  Docker image for MISP
  ☆135Updated 2 months ago
• SHolzhauer / elastic-tip
  Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common …
  ☆28Updated last year
• sans-blue-team / sec530-wiki
  ☆55Updated 4 years ago
• Truvis / Splunk_TA_Truvis_Suricata5
  This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup…
  ☆15Updated 5 years ago
• sophos / sophos-central-api-connector
  Leverage Sophos Central API
  ☆30Updated 2 years ago
• 3CORESec / SIEGMA
  SIEGMA - Transform Sigma rules into SIEM consumables
  ☆157Updated 7 months ago
• splunk / securitydatasets
  Home for Splunk security datasets.
  ☆125Updated 5 years ago
• PwC-IR / MIA-MailItemsAccessed-
  Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…
  ☆41Updated 5 years ago
• activecm / passer
  Passive service locator, a python sniffer that identifies servers, clients, names and much more
  ☆256Updated 2 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆56Updated 5 years ago
• CriticalPathSecurity / Public-Intelligence-Feeds
  Standard-Format Threat Intelligence Feeds
  ☆124Updated this week
• brianreitz / awesome-blueteam
  A list of resources to build a information security team.
  ☆13Updated 4 years ago