Alternatives and similar repositories for osquery

Users that are interested in osquery are comparing it to the libraries listed below

• cmu-sei / BigGrep
  A scalable search index for binary files
  ☆116Updated 7 years ago
• athre0z / disas-bench
  X86 disassembler benchmark
  ☆63Updated last week
• microsoft / project-freta
  MSR Project Freta
  ☆77Updated last year
• trailofbits / linuxevents
  A sample PoC for container-aware exec events for osquery
  ☆24Updated last year
• Bareflank / boxy
  bareflank based hypervisor with guest support
  ☆60Updated 5 years ago
• ainfosec / ecr_toolkit
  ☆28Updated 7 years ago
• uberspark / uberxmhf
  uber eXtensible Micro-Hypervisor Framework
  ☆33Updated last year
• trailofbits / sandshrew
  Underconstrained symbolic execution for cryptography verification
  ☆19Updated 4 years ago
• Cisco-Talos / Mussels
  ☆55Updated 10 months ago
• nsacyber / BAM
  The Binary Analysis Metadata tool gathers information about Windows binaries to aid in their analysis. #nsacyber
  ☆163Updated last year
• ionescu007 / tpmtool
  The TpmTool utility is a simple cross-platform tool for accessing TPM2.0 Non-Volatile (NV) Spaces (Index Values) on compliant systems, wi…
  ☆147Updated 4 years ago
• blitz / baresifter
  A bare-metal x86 instruction set fuzzer a la Sandsifter
  ☆70Updated last year
• corkami / sbud-v2
  An experimental file formats playground
  ☆87Updated 2 years ago
• brainsmoke / ptrace-burrito
  a friendly wrapper around ptrace
  ☆133Updated 3 years ago
• trailofbits / bpf_tutorials_code
  This repository contains the companion code from the "All your tracing are belong to BPF" blog posts
  ☆18Updated 2 years ago
• NationalSecurityAgency / kmyth
  ☆97Updated 11 months ago
• revng / pagebuster
  PageBuster - dump all executable pages of packed processes.
  ☆204Updated 4 years ago
• avast / yaramod
  Parsing of YARA rules into AST and building new rulesets in C++.
  ☆128Updated last month
• trailofbits / magnifier
  ☆59Updated 2 years ago
• conix-security / machoke
  ☆53Updated 7 years ago
• Cisco-Talos / Barbervisor
  Intel x86 bare metal hypervisor for researching snapshot fuzzing ideas.
  ☆167Updated 4 years ago
• trailofbits / anselm
  Detect patterns of bad behavior in function calls
  ☆25Updated 5 years ago
• Vector35 / sigkit
  Function signature matching and signature generation plugin for Binary Ninja
  ☆76Updated last year
• lifting-bits / dds
  Dr. Disassembler
  ☆37Updated 3 years ago
• libvmtrace / libvmtrace
  Virtual machine introspection library based on libvmi - parts of this work have been funded by Deutsche Forschungsgemeinschaft (DFG) – pr…
  ☆30Updated 3 years ago
• uNetworking / libEpollFuzzer
  Tool for findings bugs in epoll-based Linux servers
  ☆33Updated 5 years ago
• trailofbits / uthenticode
  A cross-platform library for verifying Authenticode signatures
  ☆158Updated 2 months ago
• NationalSecurityAgency / ghidra-data
  Supporting Data Archives for Ghidra
  ☆192Updated last month
• Wenzel / r2vmi
  Hypervisor-Level Debugger based on Radare2 / LibVMI, using VMI IO and debug plugins
  ☆134Updated 6 years ago
• trailofbits / polyfile
  A pure Python cleanroom implementation of libmagic, with instrumented parsing from Kaitai struct and an interactive hex viewer
  ☆372Updated last month