sroberts / responding-at-scale-with-osqueryView external linksLinks
Using osquery for Mass Incident Detection & Response
☆19Jun 25, 2016Updated 9 years ago
Alternatives and similar repositories for responding-at-scale-with-osquery
Users that are interested in responding-at-scale-with-osquery are comparing it to the libraries listed below
Sorting:
- How can you track the hunting techniques you come up with?☆13Sep 3, 2017Updated 8 years ago
- Honeybadger Red Edition☆13Sep 13, 2017Updated 8 years ago
- Windows version of honeybits - a PoC tool to create breadcrumbs and honeytokens, to lead the attackers to your honeypots!☆25Jun 19, 2017Updated 8 years ago
- Maltego Transform to put entities into MISP events☆28Jul 24, 2021Updated 4 years ago
- Library for Object Linking and Embedding (OLE) data types☆12Nov 27, 2025Updated 2 months ago
- Library and tools to access the Windows Hibernation File (hiberfil.sys) format☆13Dec 20, 2025Updated last month
- ReviveIT (revit) is a proof of concept file recovery tool (carver)☆12Dec 3, 2020Updated 5 years ago
- A set of templates for documenting threat intelligence☆75Feb 28, 2013Updated 12 years ago
- CRITs IOC Visualization in Maltego☆28Jan 8, 2015Updated 11 years ago
- Parses for Google Analytic values in raw files like RAM, DD images etc.☆18Apr 17, 2016Updated 9 years ago
- ssdeep based clustering tool☆14Jan 17, 2016Updated 10 years ago
- Bro stuff.☆12May 24, 2016Updated 9 years ago
- Library and tools to access the Master Boot Record (MBR) volume system format☆14Dec 21, 2025Updated last month
- Materials for the BSides NoVA/Charleston 2018 Bro Workshop☆14Jun 4, 2025Updated 8 months ago
- Experimental Bro scripts with good prospects for the official bro-scripts repository.☆20Nov 2, 2017Updated 8 years ago
- Extract information from MISP via the API☆16Jul 18, 2016Updated 9 years ago
- Simple CLI utility to save off an image from every webcam hooked into a mac☆14May 20, 2021Updated 4 years ago
- Bro/Zeek integration with osquery☆94Nov 2, 2020Updated 5 years ago
- Library and tools to access the Windows (Vista/7) Explorer thumbnail cache database format (thumbcache.db)☆17Dec 3, 2025Updated 2 months ago
- Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!☆18Nov 5, 2013Updated 12 years ago
- Gather domains as a precursor to scanning☆20Updated this week
- ☆34Apr 29, 2021Updated 4 years ago
- Library for Windows XML Event Log (EVTX) data types☆18Dec 17, 2025Updated last month
- Web based analysis platform for use with the AWS_IR command line tool.☆17Aug 4, 2016Updated 9 years ago
- A Python library for being a CND Batman....☆35Oct 29, 2015Updated 10 years ago
- Basic Maltego Transforms for looking up SSL certs and IP info from censys.io☆38Mar 14, 2017Updated 8 years ago
- Zeek scripting language highlighting/support for Sublime Text☆19Jul 20, 2021Updated 4 years ago
- A Slack bot to add security info to messages containing URLs, hashes and IPs☆70Aug 28, 2024Updated last year
- Integration with Slack API☆15Dec 10, 2023Updated 2 years ago
- Visual Studio Code extension for writing Terrascan Rego policies☆23Sep 7, 2024Updated last year
- Library and tools to access the Microsoft Internet Explorer (MSIE) Cache File (index.dat) files☆16Dec 19, 2025Updated last month
- The OVAL Language Sandbox☆44Jan 25, 2021Updated 5 years ago
- Digital Forensics Windows Registry (dfWinReg)☆54Dec 22, 2025Updated last month
- My personal experience in Threat Hunting and knowledge gained so far.☆19May 27, 2017Updated 8 years ago
- Maltego transforms for all sorts of things☆21Aug 31, 2012Updated 13 years ago
- Simple Imaging. Tactical Triage. Zero Clicks.☆19Oct 31, 2017Updated 8 years ago
- ☆22Feb 2, 2026Updated last week
- ☆48Jan 15, 2016Updated 10 years ago
- Workflows for Shuffle☆24Oct 26, 2022Updated 3 years ago