Alternatives and similar repositories for osquery

Users that are interested in osquery are comparing it to the libraries listed below

• cmu-sei / BigGrep
  A scalable search index for binary files
  ☆116Updated 7 years ago
• athre0z / disas-bench
  X86 disassembler benchmark
  ☆66Updated 2 months ago
• ainfosec / ecr_toolkit
  ☆28Updated 7 years ago
• microsoft / project-freta
  MSR Project Freta
  ☆77Updated last year
• trailofbits / bpf_tutorials_code
  This repository contains the companion code from the "All your tracing are belong to BPF" blog posts
  ☆19Updated 2 years ago
• trailofbits / uthenticode
  A cross-platform library for verifying Authenticode signatures
  ☆162Updated last month
• Cisco-Talos / Mussels
  ☆54Updated 2 weeks ago
• ionescu007 / tpmtool
  The TpmTool utility is a simple cross-platform tool for accessing TPM2.0 Non-Volatile (NV) Spaces (Index Values) on compliant systems, wi…
  ☆147Updated 4 years ago
• taviso / kiewtai
  A port of Kaitai to the Hiew hex editor
  ☆149Updated 5 years ago
• riverloopsec / hashashin
  Hashashin: A Fuzzy Matching Tool for Binary Ninja
  ☆94Updated 2 years ago
• Bareflank / boxy
  bareflank based hypervisor with guest support
  ☆61Updated 5 years ago
• blitz / baresifter
  A bare-metal x86 instruction set fuzzer a la Sandsifter
  ☆72Updated last year
• GrammaTech / gtirb-pprinter
  Pretty printer from GTIRB to assembly code
  ☆49Updated 2 months ago
• cyber-itl / citl-static-analysis
  CITL's static analysis engine for native code artifacts
  ☆20Updated 4 years ago
• libyal / libyal
  Yet another library library (and tools)
  ☆214Updated 2 weeks ago
• conix-security / machoke
  ☆53Updated 7 years ago
• trailofbits / linuxevents
  A sample PoC for container-aware exec events for osquery
  ☆24Updated last year
• Cisco-Talos / Barbervisor
  Intel x86 bare metal hypervisor for researching snapshot fuzzing ideas.
  ☆169Updated 5 years ago
• revng / pagebuster
  PageBuster - dump all executable pages of packed processes.
  ☆204Updated 4 years ago
• sdasgup3 / binary-decompilation
  Extracting high level semantic information from binary code
  ☆67Updated 6 years ago
• avast / yaramod
  Parsing of YARA rules into AST and building new rulesets in C++.
  ☆129Updated last month
• bdcht / ccrawl
  clang-based search engine for C/C++ data structures, classes, prototypes & macros
  ☆103Updated 5 months ago
• trailofbits / magnifier
  ☆59Updated 2 years ago
• epakskape / whpexp
  Experiments involving the Windows Hypervisor Platform
  ☆23Updated 5 years ago
• brainsmoke / ptrace-burrito
  a friendly wrapper around ptrace
  ☆134Updated 3 years ago
• trailofbits / sandshrew
  Underconstrained symbolic execution for cryptography verification
  ☆19Updated 4 years ago
• optimyze / simple_simhash
  A pure ANSI-C implementation of calculating a SimHash over 4-byte tuples (including multiplicities) for a given byte stream. Simple and r…
  ☆46Updated 6 years ago
• radareorg / r2yara
  yara and radare2, better together
  ☆27Updated 3 weeks ago
• Wenzel / oswatcher
  A framework to track the evolution of Operating Systems over time
  ☆67Updated 2 years ago
• oberoisecurity / ghidra-processor-module-generator
  A step towards automating the creation of Ghidra processor modules
  ☆39Updated 8 months ago