Alternatives and similar repositories for osquery

Users that are interested in osquery are comparing it to the libraries listed below

• Cisco-Talos / Mussels
  ☆54Updated 2 weeks ago
• cmu-sei / BigGrep
  A scalable search index for binary files
  ☆116Updated 7 years ago
• ionescu007 / tpmtool
  The TpmTool utility is a simple cross-platform tool for accessing TPM2.0 Non-Volatile (NV) Spaces (Index Values) on compliant systems, wi…
  ☆149Updated 4 years ago
• athre0z / disas-bench
  X86 disassembler benchmark
  ☆69Updated 3 months ago
• ainfosec / ecr_toolkit
  ☆28Updated 7 years ago
• trailofbits / uthenticode
  A cross-platform library for verifying Authenticode signatures
  ☆163Updated 2 months ago
• Bareflank / boxy
  bareflank based hypervisor with guest support
  ☆62Updated 5 years ago
• cyber-itl / citl-static-analysis
  CITL's static analysis engine for native code artifacts
  ☆20Updated 4 years ago
• Phorklift / phorklift
  Phorklift is an HTTP server and proxy daemon, with clear, powerful and dynamic configuration.
  ☆45Updated 4 years ago
• trailofbits / linuxevents
  A sample PoC for container-aware exec events for osquery
  ☆25Updated last year
• microsoft / project-freta
  MSR Project Freta
  ☆77Updated last year
• nsacyber / BAM
  The Binary Analysis Metadata tool gathers information about Windows binaries to aid in their analysis. #nsacyber
  ☆163Updated last year
• gamozolabs / falkervisor_beta
  ☆74Updated 5 years ago
• revng / pagebuster
  PageBuster - dump all executable pages of packed processes.
  ☆204Updated 4 years ago
• hatching / roach
  Cockroach is your primitive & immortal swiss army knife.
  ☆49Updated 4 years ago
• brainsmoke / ptrace-burrito
  a friendly wrapper around ptrace
  ☆134Updated 3 years ago
• trailofbits / bpf_tutorials_code
  This repository contains the companion code from the "All your tracing are belong to BPF" blog posts
  ☆19Updated 2 years ago
• blitz / baresifter
  A bare-metal x86 instruction set fuzzer a la Sandsifter
  ☆73Updated last year
• avast / yaramod
  Parsing of YARA rules into AST and building new rulesets in C++.
  ☆129Updated last week
• GrammaTech / gtirb-pprinter
  Pretty printer from GTIRB to assembly code
  ☆49Updated 3 months ago
• uberspark / uberxmhf
  uber eXtensible Micro-Hypervisor Framework
  ☆33Updated last year
• taviso / kiewtai
  A port of Kaitai to the Hiew hex editor
  ☆149Updated 5 years ago
• hasherezade / ViDi
  ViDi Visual Disassembler (experimental)
  ☆79Updated 3 months ago
• aspire-fp7 / framework
  The central ASPIRE framework repository, start here if you want to use our tools (this contains all tools and documentation)
  ☆13Updated 4 years ago
• conix-security / machoke
  ☆53Updated 7 years ago
• mandiant / capa-testfiles
  Data to test capa's code and rules.
  ☆47Updated last week
• uNetworking / libEpollFuzzer
  Tool for findings bugs in epoll-based Linux servers
  ☆33Updated 5 years ago
• Wenzel / r2vmi
  Hypervisor-Level Debugger based on Radare2 / LibVMI, using VMI IO and debug plugins
  ☆135Updated 7 years ago
• riverloopsec / hashashin
  Hashashin: A Fuzzy Matching Tool for Binary Ninja
  ☆95Updated 2 years ago
• polyverse / EnVisen
  ROP gadget finder and analysis in pure Javascript
  ☆27Updated 3 years ago