Alternatives and similar repositories for osquery

Users that are interested in osquery are comparing it to the libraries listed below

• cmu-sei / BigGrep
  A scalable search index for binary files
  ☆116Updated 7 years ago
• Bareflank / boxy
  bareflank based hypervisor with guest support
  ☆60Updated 4 years ago
• microsoft / project-freta
  MSR Project Freta
  ☆77Updated 11 months ago
• trailofbits / linuxevents
  A sample PoC for container-aware exec events for osquery
  ☆24Updated last year
• ainfosec / ecr_toolkit
  ☆28Updated 6 years ago
• nsacyber / BAM
  The Binary Analysis Metadata tool gathers information about Windows binaries to aid in their analysis. #nsacyber
  ☆159Updated last year
• dod-cyber-crime-center / Dragodis
  Dragodis is a Python framework which allows for the creation of universal disassembler scripts.
  ☆51Updated last year
• avast / yaramod
  Parsing of YARA rules into AST and building new rulesets in C++.
  ☆124Updated last week
• trailofbits / ebpf-common
  Various utilities useful for developers writing BPF tools
  ☆30Updated 2 years ago
• uberspark / uberxmhf
  uber eXtensible Micro-Hypervisor Framework
  ☆31Updated last year
• ionescu007 / tpmtool
  The TpmTool utility is a simple cross-platform tool for accessing TPM2.0 Non-Volatile (NV) Spaces (Index Values) on compliant systems, wi…
  ☆145Updated 4 years ago
• radareorg / r2yara
  yara and radare2, better together
  ☆26Updated last week
• athre0z / disas-bench
  X86 disassembler benchmark
  ☆61Updated last year
• trailofbits / bpf_tutorials_code
  This repository contains the companion code from the "All your tracing are belong to BPF" blog posts
  ☆18Updated 2 years ago
• Wenzel / r2vmi
  Hypervisor-Level Debugger based on Radare2 / LibVMI, using VMI IO and debug plugins
  ☆135Updated 6 years ago
• mandiant / capa-testfiles
  Data to test capa's code and rules.
  ☆42Updated 3 weeks ago
• revng / pagebuster
  PageBuster - dump all executable pages of packed processes.
  ☆203Updated 4 years ago
• jpleasu / ghidraal
  A Ghidra extension for scripting with GraalVM languages, including Javascript, Python3, R, and Ruby.
  ☆61Updated 4 years ago
• GaloisInc / grease
  CLI tool, Ghidra plug-in, and Haskell library for analyzing binaries using under-constrained symbolic execution
  ☆119Updated this week
• rizinorg / book
  An official book about Rizin
  ☆81Updated last week
• blitz / baresifter
  A bare-metal x86 instruction set fuzzer a la Sandsifter
  ☆69Updated last year
• lifting-bits / cxx-common
  Common dependency management for various Trail of Bits C++ codebases
  ☆33Updated last year
• GrammaTech / gtirb-pprinter
  Pretty printer from GTIRB to assembly code
  ☆48Updated this week
• conix-security / machoke
  ☆52Updated 6 years ago
• osquery / osquery-toolchain
  A LLVM-based toolchain for Linux designed to build a portable osquery
  ☆40Updated 8 months ago
• CERT-Polska / ursadb
  Trigram database written in C++, suited for malware indexing
  ☆125Updated 8 months ago
• Battelle / PaperMachete
  A project that uses Binary Ninja and GRAKN.AI to perform static analysis on binary files with the goal of identifying bugs in software.
  ☆33Updated 7 years ago
• Cisco-Talos / Mussels
  ☆53Updated 6 months ago
• Sentinel-One / SKREAM
  SentinelOne's KeRnel Exploits Advanced Mitigations
  ☆54Updated 6 years ago
• uNetworking / libEpollFuzzer
  Tool for findings bugs in epoll-based Linux servers
  ☆31Updated 4 years ago