Alternatives and similar repositories for osquery-extensions

Users that are interested in osquery-extensions are comparing it to the libraries listed below

• palantir / osquery-configuration
  A repository for using osquery for incident detection and response
  ☆855Updated 2 years ago
• CrowdStrike / automactc
  AutoMacTC: Automated Mac Forensic Triage Collector
  ☆541Updated 3 years ago
• teoseller / osquery-attck
  Mapping the MITRE ATT&CK Matrix with Osquery
  ☆796Updated 2 years ago
• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆123Updated 4 years ago
• unfetter-discover / unfetter-analytic
  Main Build directory
  ☆179Updated 6 years ago
• 0x4D31 / deception-as-detection
  Deception based detection techniques mapped to the MITRE’s ATT&CK framework
  ☆289Updated 7 years ago
• mwielgoszewski / doorman
  an osquery fleet manager
  ☆618Updated 2 years ago
• OktaSecurityLabs / sgt
  Osquery Mangement Server
  ☆114Updated 4 years ago
• pan-unit42 / playbook_viewer
  ☆173Updated last year
• orlikoski / Skadi
  Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
  ☆499Updated 2 years ago
• Kirtar22 / Litmus_Test
  Detecting ATT&CK techniques & tactics for Linux
  ☆258Updated 4 years ago
• log2timeline / dftimewolf
  A framework for orchestrating forensic collection, processing and data export
  ☆324Updated last week
• mitre / brawl-public-game-001
  Data from a BRAWL Automated Adversary Emulation Exercise
  ☆207Updated 4 years ago
• kolide / launcher
  Osquery launcher, autoupdater, and packager
  ☆528Updated this week
• carbonblack / cbapi-python
  Carbon Black API - Python language bindings
  ☆145Updated 10 months ago
• endgameinc / eqllib
  ☆165Updated 4 years ago
• P4T12ICK / ypsilon
  Automated Use Case Testing
  ☆167Updated 7 years ago
• randomuserid / Adama
  Searches For Threat Hunting and Security Analytics
  ☆241Updated 3 months ago
• csirtgadgets / bearded-avenger
  CIF v3 -- the fastest way to consume threat intelligence
  ☆182Updated 2 years ago
• harvard-itsecurity / docker-misp
  Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
  ☆175Updated 4 years ago
• orlikoski / CDQR
  The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…
  ☆338Updated 3 years ago
• BayshoreNetworks / yextend
  Yara integrated software to handle archive file data.
  ☆313Updated 3 years ago
• PUNCH-Cyber / stoq
  An open source framework for enterprise level automated analysis.
  ☆395Updated 3 years ago
• TheHive-Project / Hippocampe
  Threat Feed Aggregation, Made Easy
  ☆168Updated 4 years ago
• DefensePointSecurity / threat_note
  DPS' Lightweight Investigation Notebook
  ☆432Updated last year
• carbonblack / tau-tools
  A repo containing tools developed by Carbon Black's Threat Research Team: Threat Analysis Unit
  ☆235Updated 3 years ago
• TheHive-Project / CortexDocs
  Documentation of Cortex
  ☆174Updated last year
• EmersonElectricCo / fsf
  File Scanning Framework
  ☆293Updated 3 years ago
• TheHive-Project / TheHiveDocs
  Documentation of TheHive
  ☆398Updated last year
• praetorian-inc / purple-team-attack-automation
  Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs
  ☆722Updated 5 years ago