Using osquery for Mass Incident Detection & Response
☆19Jun 25, 2016Updated 10 years ago
Alternatives and similar repositories for responding-at-scale-with-osquery
Users that are interested in responding-at-scale-with-osquery are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Cli interface to threatcrowd.org☆21Jul 6, 2017Updated 9 years ago
- How can you track the hunting techniques you come up with?☆13Sep 3, 2017Updated 8 years ago
- Maltego Transform to put entities into MISP events☆28Jul 24, 2021Updated 4 years ago
- ssdeep based clustering tool☆14Jan 17, 2016Updated 10 years ago
- Extract information from MISP via the API☆16Jul 18, 2016Updated 9 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- CRITs IOC Visualization in Maltego☆28Jan 8, 2015Updated 11 years ago
- Experimental Bro scripts with good prospects for the official bro-scripts repository.☆20Nov 2, 2017Updated 8 years ago
- Bro stuff.☆12May 24, 2016Updated 10 years ago
- Honeybadger Red Edition☆13Sep 13, 2017Updated 8 years ago
- Windows version of honeybits - a PoC tool to create breadcrumbs and honeytokens, to lead the attackers to your honeypots!☆24Jun 19, 2017Updated 9 years ago
- Library for Object Linking and Embedding (OLE) data types☆12Jun 24, 2026Updated 2 weeks ago
- Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!☆17Nov 5, 2013Updated 12 years ago
- A Python library for being a CND Batman....☆35Oct 29, 2015Updated 10 years ago
- Parses for Google Analytic values in raw files like RAM, DD images etc.☆19Apr 17, 2016Updated 10 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Library and tools to access the Windows Hibernation File (hiberfil.sys) format☆16Jun 27, 2026Updated 2 weeks ago
- Bro/Zeek integration with osquery☆94Nov 2, 2020Updated 5 years ago
- Zeek scripting language highlighting/support for Sublime Text☆18Jul 20, 2021Updated 4 years ago
- Library and tools to access the Master Boot Record (MBR) volume system format☆14Jun 28, 2026Updated last week
- Passive DNS server interface compliant to "Common Output Format"☆10Sep 19, 2016Updated 9 years ago
- Basic Maltego Transforms for looking up SSL certs and IP info from censys.io☆38Mar 14, 2017Updated 9 years ago
- ReviveIT (revit) is a proof of concept file recovery tool (carver)☆13Dec 3, 2020Updated 5 years ago
- Maltego transforms for all sorts of things☆21Aug 31, 2012Updated 13 years ago
- A set of templates for documenting threat intelligence☆75Feb 28, 2013Updated 13 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- FireEye Alert json files to MISP Malware information sharing plattform (Alpha)☆32Jun 11, 2017Updated 9 years ago
- Web based analysis platform for use with the AWS_IR command line tool.☆17Aug 4, 2016Updated 9 years ago
- A book about how to conduct digital forensic investigations with free and open source tools.☆12Apr 30, 2014Updated 12 years ago
- Implementation of a Whois Server with a redis backend☆15Oct 31, 2010Updated 15 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- Library for Windows XML Event Log (EVTX) data types☆18Jul 2, 2026Updated last week
- Library and tools to access the Windows (Vista/7) Explorer thumbnail cache database format (thumbcache.db)☆16Jun 25, 2026Updated 2 weeks ago
- libvirt Puppet Module☆23Dec 23, 2014Updated 11 years ago
- Digital Forensics Windows Registry (dfWinReg)☆54Jul 4, 2026Updated last week
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Library and tools to access the Windows SuperFetch database format☆13Jun 30, 2026Updated last week
- Scripts to process big chunks of data from MISP and do in depth correlations on samples.☆12Jul 2, 2016Updated 10 years ago
- Auxiliary scripts for Incident Response with ELK☆11Oct 7, 2015Updated 10 years ago
- Python script that gets IOC from MISP and converts it into BRO intel files.☆13Apr 17, 2016Updated 10 years ago
- A framework that correlates Bro events☆18Oct 25, 2013Updated 12 years ago
- My personal experience in Threat Hunting and knowledge gained so far.☆19May 27, 2017Updated 9 years ago
- A collection of Bro scripts I've written☆41Jun 5, 2015Updated 11 years ago