Alternatives and similar repositories for osctrl:

Users that are interested in osctrl are comparing it to the libraries listed below

• palantir / osquery-configuration
  A repository for using osquery for incident detection and response
  ☆842Updated 2 years ago
• teoseller / osquery-attck
  Mapping the MITRE ATT&CK Matrix with Osquery
  ☆790Updated last year
• trailofbits / osquery-extensions
  osquery extensions by Trail of Bits
  ☆263Updated last year
• kolide / launcher
  Osquery launcher, autoupdater, and packager
  ☆517Updated this week
• chainguard-dev / osquery-defense-kit
  Production-ready detection & response queries for osquery
  ☆554Updated this week
• threathunters-io / laurel
  Transform Linux Audit logs for SIEM usage
  ☆754Updated last week
• zercurity / zercurity
  Manage, monitor and improve your cyber security posture.
  ☆89Updated last year
• defenxor / dsiem
  Security event correlation engine for ELK stack
  ☆435Updated 8 months ago
• TheHive-Project / CortexDocs
  Documentation of Cortex
  ☆174Updated last year
• mwielgoszewski / doorman
  an osquery fleet manager
  ☆618Updated 2 years ago
• target / strelka
  Real-time, container-based file scanning at enterprise scale
  ☆913Updated this week
• SecurityBrewery / catalyst
  ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident…
  ☆383Updated last week
• sttor / awesome-osquery
  Osquery Resources
  ☆60Updated 5 years ago
• bfuzzy / auditd-attack
  A Linux Auditd rule set mapped to MITRE's Attack Framework
  ☆786Updated 4 years ago
• Patrowl / PatrowlEngines
  PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
  ☆247Updated last week
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆130Updated 7 months ago
• panther-labs / panther-analysis
  Built-in Panther detection rules and policies
  ☆369Updated this week
• corelight / community-id-spec
  An open standard for hashing network flows into identifiers, a.k.a "Community IDs".
  ☆176Updated 6 months ago
• tenzir / threatbus
  🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
  ☆262Updated 2 years ago
• Patrowl / PatrowlManager
  PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
  ☆630Updated 2 weeks ago
• FoxIO-LLC / LogSlash
  A standard for reducing log volume without sacrificing analytical capability
  ☆203Updated last month
• log2timeline / dftimewolf
  A framework for orchestrating forensic collection, processing and data export
  ☆307Updated this week
• jasonish / evebox
  Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
  ☆449Updated 2 weeks ago
• rocknsm / rock
  Automated deployment scripts for the RockNSM network hunting distribution.
  ☆451Updated last year
• CriticalPathSecurity / Zeek-Intelligence-Feeds
  Zeek-Formatted Threat Intelligence Feeds
  ☆356Updated this week
• dfirtrack / dfirtrack
  DFIRTrack - The Incident Response Tracking Application
  ☆492Updated 6 months ago
• blacktop / docker-zeek
  Zeek IDS Dockerfile
  ☆101Updated 2 years ago
• MISP / x_old_misp_docker
  MISP Docker (XME edition)
  ☆283Updated last year
• TheHive-Project / TheHiveDocs
  Documentation of TheHive
  ☆396Updated last year
• idaholab / Malcolm
  Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…
  ☆390Updated this week