mikermcneil / fleet-osquery-in-a-boxView external linksLinks
Simple Docker-based quickstart for osquery, Fleet, and ELK stack
☆64Sep 5, 2023Updated 2 years ago
Alternatives and similar repositories for fleet-osquery-in-a-box
Users that are interested in fleet-osquery-in-a-box are comparing it to the libraries listed below
Sorting:
- checks site content against known good ssdeep hash, identifies matches☆10Jun 2, 2019Updated 6 years ago
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 4 years ago
- python lib for simpleMDM API☆19Jan 10, 2024Updated 2 years ago
- Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…☆82Sep 26, 2017Updated 8 years ago
- Provides an easy way to collect and send Slack access & integration logs.☆13Oct 19, 2021Updated 4 years ago
- Discover which process execute a hunted binary inside macOS☆27Dec 15, 2021Updated 4 years ago
- Assorted, MIT licensed, threat hunting rules from @bradleyjkemp☆14Mar 11, 2022Updated 3 years ago
- Ansible Network Cisco IOS-XR Provider Role☆14Jun 29, 2020Updated 5 years ago
- Apfell POC Chrome Extension Payload☆10Jun 24, 2020Updated 5 years ago
- Decision trees generated via Graphviz to inform pragmatic threat modelling.☆11Jan 16, 2021Updated 5 years ago
- ☆15Apr 20, 2020Updated 5 years ago
- A generic skeleton project for quickly getting a new cisagov project started.☆18Feb 6, 2026Updated last week
- event shipper for Carbon Black Defense notifications☆10Feb 25, 2023Updated 2 years ago
- https://wojciechregula.blog/post/macos-red-teaming-get-ad-credentials-from-nomad/☆43Mar 4, 2022Updated 3 years ago
- Swift code to parse the quarantine history database, Chrome history database, Safari history database, and Firefox history database on ma…☆15Dec 3, 2020Updated 5 years ago
- ☆17Sep 10, 2021Updated 4 years ago
- Apfell C2 Server for the Google Chrome Extension Payload☆12Aug 12, 2020Updated 5 years ago
- Password spraying on sites that require 2+ page loads and dynamic nonces☆32Jun 23, 2019Updated 6 years ago
- Collection of operational focused osquery dashboards.☆11Jan 20, 2021Updated 5 years ago
- Liberating dem proprietary APT implants☆20Dec 17, 2019Updated 6 years ago
- Ansible role for security standards compliance☆13Mar 6, 2019Updated 6 years ago
- Python 3 library to build YARA rules.☆13Oct 24, 2021Updated 4 years ago
- Launchd daemon that reports major OSX modifications through growl☆16Feb 19, 2015Updated 10 years ago
- Provide a shell like interface by utilizing osquery's distributed API☆82Jun 24, 2020Updated 5 years ago
- Rules Shared by the Community from 100 Days of YARA 2023 -☆18Apr 10, 2023Updated 2 years ago
- Dockerfiles for containerized osquery☆14May 23, 2017Updated 8 years ago
- Configurable, Community driven, HTTP C2 Profile☆27May 30, 2025Updated 8 months ago
- Easily scan with multiple yara rules from different sources.☆14Mar 9, 2024Updated last year
- A Python PoC for CVE-2018-9206☆13Oct 22, 2018Updated 7 years ago
- Catalog Red Team techniques that cause popups in various macOS versions☆15Nov 18, 2024Updated last year
- POC for a basic C2 server using the python aiohttp framework☆15Mar 22, 2020Updated 5 years ago
- Scripts to automate standing up C2 infra with firewall settings inside of DigitalOcean.☆18Feb 5, 2021Updated 5 years ago
- Remotely collect linux live forensics artifacts.☆14Jul 8, 2022Updated 3 years ago
- An Ubuntu 18.04 box for Mythic C2 framework development☆17Jun 17, 2022Updated 3 years ago
- Swift code to run a dylib on disk☆16May 9, 2022Updated 3 years ago
- Pcaps for PeddleCheap and implant communication + script for interpreting and decrypting pcaps.☆17Nov 29, 2017Updated 8 years ago
- command line tool to use the DNSDB Flexible Search API extensions.☆16Aug 5, 2024Updated last year
- Carving tool based in Radare2 & Yara☆17Oct 30, 2018Updated 7 years ago
- ☆15Aug 20, 2019Updated 6 years ago