trailofbits / osquery-extensionsLinks
osquery extensions by Trail of Bits
☆264Updated 2 years ago
Alternatives and similar repositories for osquery-extensions
Users that are interested in osquery-extensions are comparing it to the libraries listed below
Sorting:
- A repository for using osquery for incident detection and response☆855Updated 2 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆123Updated 4 years ago
- AutoMacTC: Automated Mac Forensic Triage Collector☆543Updated 3 years ago
- Osquery Mangement Server☆115Updated 4 years ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆175Updated 4 years ago
- CIF v3 -- the fastest way to consume threat intelligence☆182Updated 2 years ago
- Threat Feed Aggregation, Made Easy☆168Updated 5 years ago
- Carbon Black API - Python language bindings☆145Updated 10 months ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆799Updated 2 years ago
- Extension to Cuckoo Sandbox open source projects, adds support to AWS cloud functionalities and enables running emulation on auto-scaling…☆136Updated 3 years ago
- Engine of MineMeld☆141Updated 2 years ago
- Deception based detection techniques mapped to the MITRE’s ATT&CK framework☆289Updated 7 years ago
- Automated Use Case Testing☆167Updated 7 years ago
- Bro/Zeek integration with osquery☆94Updated 4 years ago
- A Terraform module for GRR: the distributed incident forensics and response framework☆51Updated 5 years ago
- ☆173Updated last year
- 1-Click push forensics evidence to the cloud☆141Updated last year
- a network packet capture compiler☆201Updated 3 years ago
- ☆164Updated 4 years ago
- An open source framework for enterprise level automated analysis.☆395Updated 3 years ago
- The main project for the Unfetter-Discover application. This is the project that will hold the configuration files, the docker-compose f…☆414Updated 2 years ago
- [⛔️ Deprecated] Venator is a python tool used to gather data for proactive detection of malicious activity on macOS devices.☆177Updated 5 years ago
- Suricata Extreme Performance Tuning guide☆210Updated 7 years ago
- Documentation of Cortex☆174Updated last year
- Main Build directory☆179Updated 6 years ago
- Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.☆141Updated 2 years ago
- File Scanning Framework☆293Updated 3 years ago
- An open standard for hashing network flows into identifiers, a.k.a "Community IDs".☆181Updated 9 months ago
- Simple Docker-based quickstart for osquery, Fleet, and ELK stack☆63Updated last year
- CASCADE Server☆272Updated 2 years ago