Alternatives and similar repositories for osquery-hids

Users that are interested in osquery-hids are comparing it to the libraries listed below

• jedisct1 / massresolver
  Mass DNS resolution tool
  ☆37Updated 4 years ago
• uber-archive / usb2fac
  Enabling 2fac confirmation for newly connected USB devices
  ☆45Updated 8 years ago
• anthonykasza / snapshooter
  It's like a polaroid, but for domains
  ☆24Updated 10 years ago
• StamusNetworks / ansible-misp
  Ansible playbook to install Malware Information Sharing Platform (MISP)
  ☆17Updated 10 years ago
• yolothreat / utilitybelt
  A Python library for being a CND Batman....
  ☆35Updated 9 years ago
• shellntel-acct / websocket_egress
  Websocket based egress tester
  ☆20Updated 8 years ago
• xme / mime2vt
  Unpack MIME attachments from a file and check them against virustotal.com
  ☆44Updated 9 years ago
• Xen0ph0n / MIDAS
  Metadata Inspection Database Alerting System
  ☆42Updated 11 years ago
• da667 / Autosuricata
  first commit
  ☆20Updated last year
• sroberts / responding-at-scale-with-osquery
  Using osquery for Mass Incident Detection & Response
  ☆19Updated 9 years ago
• kost / docker-cowrie
  A Docker container for Cowrie - SSH honeypot based on kippo
  ☆10Updated 10 years ago
• Security-Onion-Solutions / securityonion-bro-scripts
  ☆24Updated 5 years ago
• shirkdog / hunter-nsm
  Simple install script for Suricata/Zeek with JSON logging on FreeBSD
  ☆18Updated 2 months ago
• hatching / tracy
  tracy - a system call tracer and injector. Find us in #tracy on irc.freenode.net
  ☆33Updated last year
• blacktop / docker-yara
  Yara Dockerfile
  ☆50Updated 2 years ago
• salesforce / threatshell
  ☆64Updated 3 years ago
• cudeso / host-enrich
  Enrich a host with open source security information
  ☆27Updated 9 years ago
• kolide / docker-osquery
  Dockerfiles for containerized osquery
  ☆13Updated 8 years ago
• gamelinux / activedns
  An active domain name query tool to help keep track of domain name movements...
  ☆15Updated 4 years ago
• magoo / Vault-for-Incident-Responders
  Things to know when DFIR occurs near a vault deployment.
  ☆43Updated 7 years ago
• kf0jvt / deez_factors
  Looks for GitHub org users without 2FA turned on
  ☆9Updated 8 years ago
• fox-it / bro-scripts
  Bro-IDS scripts
  ☆50Updated 8 years ago
• davidski / VulnPryer
  🎯 Vulnerability Pryer - Prying context into your vulnerability data
  ☆21Updated 3 years ago
• kolide / kolide-quickstart
  [DEPRECATED] A quickstart demo for Kolide tools
  ☆52Updated 7 years ago
• cve-search / CVE-Search-MT
  CVE-Search Management Tools - Tools that might be useful for management purposes
  ☆21Updated 9 years ago
• tribalchicken / volatility-filevault2
  Volatility plugin to extract FileVault 2 VMK's
  ☆50Updated 3 years ago
• CIRCL / potiron
  Potiron - Normalize, Index and Visualize Network Capture
  ☆88Updated 6 years ago
• jheise / threatcmd
  Cli interface to threatcrowd.org
  ☆19Updated 7 years ago
• quarkslab / irma-ansible-old
  IRMA ansible
  ☆24Updated 8 years ago
• jgamblin / hostlookup-for-slack
  Custom slash command to find all a domains A records from within Slack
  ☆11Updated 9 years ago