Alternatives and similar repositories for osquery

Users that are interested in osquery are comparing it to the libraries listed below

• SophosRapidResponse / OSQuery
  ☆85Updated 4 months ago
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆46Updated 8 months ago
• activecm / docker-zeek
  Run zeek with zeekctl in docker
  ☆51Updated 10 months ago
• crow1011 / wazuh2thehive
  Wazuh integration TheHive
  ☆38Updated 2 years ago
• branchnetconsulting / wazuh-tools
  Useful scripts for those administering Wazuh
  ☆84Updated 3 weeks ago
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆38Updated 2 years ago
• pulsedive / certrss
  ☆119Updated last year
• InfoSecInnovations / What2Log
  ☆39Updated 2 years ago
• juaromu / wazuh-nmap
  ☆17Updated 3 years ago
• CrowdStrike / community
  CrowdStrike's Open Source Policy & Contribution Guide
  ☆42Updated 3 months ago
• MrM8BRH / Splunk
  This repository is a comprehensive collection of resources, documentation, apps, and add-ons related to Splunk, a powerful data analytics…
  ☆23Updated this week
• juaromu / wazuh-misp
  ☆17Updated 2 years ago
• sans-blue-team / sec530-wiki
  ☆54Updated 4 years ago
• TheHive-Project / awesome
  A curated list of awesome things related to TheHive & Cortex
  ☆180Updated 3 years ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆70Updated 2 years ago
• CISecurity / ControlsAssessmentSpecification
  Controls Assessment Specification
  ☆70Updated 3 months ago
• OTRF / infosec-jupyter-book
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆122Updated 4 years ago
• sophos / sophos-central-api-connector
  Leverage Sophos Central API
  ☆28Updated last year
• guardsight / gsvsoc_cybersecurity-incident-response-plan
  Cybersecurity Incident Response Plan
  ☆91Updated 4 years ago
• splunk / securitydatasets
  Home for Splunk security datasets.
  ☆125Updated 5 years ago
• Mikoyan-Dee / CrowdStrike-Queries
  CrowdStrike Falcon Queries For Advanced Threat Detection
  ☆20Updated 4 months ago
• TheHive-Project / Docker-Templates
  Docker configurations for TheHive, Cortex and 3rd party tools
  ☆126Updated 2 years ago
• CrowdStrike / MISP-tools
  Import CrowdStrike Threat Intelligence into your instance of MISP
  ☆47Updated last month
• NUKIB / misp
  Docker image for MISP
  ☆132Updated last month
• p3hndrx / B-B-Shuffle
  Dashboard for conducting Backdoors and Breaches sessions over Zoom.
  ☆115Updated 9 months ago
• guardsight / gsvsoc_cirt-playbook-battle-cards
  Cyber Incident Response Team Playbook Battle Cards
  ☆382Updated last year
• InfoSecInnovations / project-fantastic
  ☆72Updated 2 years ago
• weslambert / DinoSOARLab
  Security Onion + Automation + Response Lab including n8n and Velociraptor
  ☆110Updated 2 years ago
• splunk / salo
  Synthetic Adversarial Log Objects: A Framework for synthentic log generation
  ☆82Updated last year
• josh-morin / qradar
  Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.
  ☆82Updated 2 months ago