jmpsec / osctrl

Related projects ⓘ

Alternatives and complementary repositories for osctrl

• palantir / osquery-configuration
  A repository for using osquery for incident detection and response
  ☆824Updated 2 years ago
• teoseller / osquery-attck
  Mapping the MITRE ATT&CK Matrix with Osquery
  ☆776Updated last year
• trailofbits / osquery-extensions
  osquery extensions by Trail of Bits
  ☆262Updated last year
• kolide / launcher
  Osquery launcher, autoupdater, and packager
  ☆506Updated this week
• threathunters-io / laurel
  Transform Linux Audit logs for SIEM usage
  ☆707Updated last week
• sttor / awesome-osquery
  Osquery Resources
  ☆59Updated 5 years ago
• defenxor / dsiem
  Security event correlation engine for ELK stack
  ☆434Updated 4 months ago
• chainguard-dev / osquery-defense-kit
  Production-ready detection & response queries for osquery
  ☆523Updated this week
• mwielgoszewski / doorman
  an osquery fleet manager
  ☆620Updated last year
• TheHive-Project / CortexDocs
  Documentation of Cortex
  ☆170Updated last year
• zercurity / zercurity
  Manage, monitor and improve your cyber security posture.
  ☆87Updated last year
• idaholab / Malcolm
  Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…
  ☆358Updated this week
• jasonish / evebox
  Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
  ☆429Updated this week
• Patrowl / PatrowlEngines
  PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
  ☆244Updated this week
• osquery / osquery-go
  Go bindings for osquery
  ☆387Updated last month
• dfirtrack / dfirtrack
  DFIRTrack - The Incident Response Tracking Application
  ☆482Updated 2 months ago
• Patrowl / PatrowlManager
  PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
  ☆625Updated last week
• tenzir / threatbus
  🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
  ☆258Updated last year
• target / strelka
  Real-time, container-based file scanning at enterprise scale
  ☆878Updated 3 weeks ago
• rocknsm / rock
  Automated deployment scripts for the RockNSM network hunting distribution.
  ☆446Updated last year
• kolide / fleet
  A flexible control server for osquery fleets
  ☆1,103Updated 3 years ago
• bfuzzy / auditd-attack
  A Linux Auditd rule set mapped to MITRE's Attack Framework
  ☆778Updated 4 years ago
• log2timeline / dftimewolf
  A framework for orchestrating forensic collection, processing and data export
  ☆297Updated last week
• StamusNetworks / scirius
  Scirius is a web application for Suricata ruleset management and threat hunting.
  ☆633Updated 3 weeks ago
• salesforce / hassh
  HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints…
  ☆532Updated 7 months ago
• TheHive-Project / Cortex-Analyzers
  Cortex Analyzers Repository
  ☆433Updated this week
• AbGuthrie / goquery
  Provide a shell like interface by utilizing osquery's distributed API
  ☆80Updated 4 years ago
• Patrowl / PatrowlDocs
  PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
  ☆147Updated 2 years ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆122Updated 2 months ago
• TheHive-Project / TheHiveDocs
  Documentation of TheHive
  ☆392Updated last year