Alternatives and similar repositories for osquery:

Users that are interested in osquery are comparing it to the libraries listed below

• cmu-sei / BigGrep
  A scalable search index for binary files
  ☆117Updated 7 years ago
• ainfosec / ecr_toolkit
  ☆29Updated 6 years ago
• kevoreilly / CAPE
  Malware Configuration And Payload Extraction
  ☆18Updated 5 years ago
• cyber-itl / citl-static-analysis
  CITL's static analysis engine for native code artifacts
  ☆20Updated 3 years ago
• nimrodpar / Crawl-Labeled-PE
  Crawl (~600K) labeled Portable Exe files from Microsoft Cabs
  ☆13Updated 3 years ago
• microsoft / project-freta
  MSR Project Freta
  ☆77Updated 8 months ago
• avast / yaramod
  Parsing of YARA rules into AST and building new rulesets in C++.
  ☆124Updated this week
• Mimoja / MFT
  Mimojas Firmware Toolkit for unpacking and analysis firmware images
  ☆13Updated 4 years ago
• mattifestation / MSFTTraceMessageFormat
  All TMF files that I extracted from Microsoft PDBs.
  ☆12Updated 5 years ago
• MozillaSecurity / avalanche
  Avalanche is a document generator which uses context-free grammars to generate randomized outputs for fuzz-testing.
  ☆32Updated 3 years ago
• trailofbits / linuxevents
  A sample PoC for container-aware exec events for osquery
  ☆24Updated last year
• hatching / tracy
  tracy - a system call tracer and injector. Find us in #tracy on irc.freenode.net
  ☆33Updated last year
• rizinorg / book
  An official book about Rizin
  ☆77Updated last month
• rjhansen / nsrlsvr
  ☆83Updated 2 years ago
• fkie-cad / pcapFS
  A FUSE module to mount captured network data
  ☆37Updated last month
• Bareflank / boxy
  bareflank based hypervisor with guest support
  ☆60Updated 4 years ago
• Cisco-Talos / FIRST-server
  ☆32Updated 9 months ago
• riverloopsec / hashashin
  Hashashin: A Fuzzy Matching Tool for Binary Ninja
  ☆93Updated last year
• jpleasu / ghidraal
  A Ghidra extension for scripting with GraalVM languages, including Javascript, Python3, R, and Ruby.
  ☆60Updated 3 years ago
• v-p-b / ivmi
  Interactive Virtual Machine Introspection
  ☆18Updated 7 years ago
• atredis-jordan / SymbolicTriagePost
  Supporting Materials for “Symbolic Triage” blog post
  ☆24Updated 2 years ago
• hatching / roach
  Cockroach is your primitive & immortal swiss army knife.
  ☆47Updated 3 years ago
• mandiant / vivisect
  pure Python binary analysis framework
  ☆23Updated 6 years ago
• ishnid / mrsh-hbft
  Approximate matching using Hierarchical Bloom Filter Trees. Based on mrsh-v2.
  ☆12Updated 4 years ago
• Sentinel-One / SKREAM
  SentinelOne's KeRnel Exploits Advanced Mitigations
  ☆53Updated 6 years ago
• idaholab / EMV
  Exploit, Malware and Vulnerability Scoring Application
  ☆12Updated last year
• cylance / rogers
  Python command-line tool that uses nearest neighbor search methods for malware similarity analysis
  ☆16Updated 6 years ago
• mrexodia / GitIdentityManagerCpp
  Very simple cross-platform utility to manage your git identities.
  ☆10Updated 2 years ago
• trailofbits / sandshrew
  Underconstrained symbolic execution for cryptography verification
  ☆18Updated 4 years ago
• athre0z / disas-bench
  X86 disassembler benchmark
  ☆60Updated 9 months ago