jmpsec / osctrl
Fast and efficient osquery management
☆391Updated this week
Related projects ⓘ
Alternatives and complementary repositories for osctrl
- A repository for using osquery for incident detection and response☆828Updated 2 years ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆776Updated last year
- osquery extensions by Trail of Bits☆262Updated last year
- Manage, monitor and improve your cyber security posture.☆87Updated last year
- Osquery launcher, autoupdater, and packager☆506Updated this week
- Transform Linux Audit logs for SIEM usage☆711Updated 3 weeks ago
- Production-ready detection & response queries for osquery☆529Updated this week
- Osquery Resources☆59Updated 5 years ago
- Real-time, container-based file scanning at enterprise scale☆882Updated last month
- an osquery fleet manager☆621Updated last year
- Security event correlation engine for ELK stack☆434Updated 4 months ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆778Updated 4 years ago
- Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search☆431Updated last week
- PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform☆244Updated 2 weeks ago
- An open standard for hashing network flows into identifiers, a.k.a "Community IDs".☆171Updated last month
- PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform☆625Updated 2 weeks ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆89Updated last year
- Cisco Orbital - Osquery queries by Talos☆123Updated 2 months ago
- Scirius is a web application for Suricata ruleset management and threat hunting.☆635Updated last week
- Documentation of Cortex☆170Updated last year
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆258Updated last year
- A framework for orchestrating forensic collection, processing and data export☆296Updated this week
- Documentation of TheHive☆393Updated last year
- Go bindings for osquery☆388Updated 2 months ago
- ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident…☆351Updated last week
- Jimi is an automation first no-code platform designed and developed originally for Security Orchestration and Response. Since its launch …☆161Updated 5 months ago
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆362Updated this week
- Open source endpoint agent providing host information to Zeek. [v2]☆66Updated last month
- Golang library that implements a sigma log rule parser and match engine.☆91Updated 4 months ago
- simple YARA-based IOC scanner☆164Updated this week