trailofbits / osquery-extensionsLinks
osquery extensions by Trail of Bits
☆265Updated 2 years ago
Alternatives and similar repositories for osquery-extensions
Users that are interested in osquery-extensions are comparing it to the libraries listed below
Sorting:
- A repository for using osquery for incident detection and response☆855Updated 2 years ago
- AutoMacTC: Automated Mac Forensic Triage Collector☆541Updated 3 years ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆796Updated 2 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆123Updated 4 years ago
- Main Build directory☆179Updated 6 years ago
- Deception based detection techniques mapped to the MITRE’s ATT&CK framework☆289Updated 7 years ago
- an osquery fleet manager☆618Updated 2 years ago
- Osquery Mangement Server☆114Updated 4 years ago
- ☆173Updated last year
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆499Updated 2 years ago
- Detecting ATT&CK techniques & tactics for Linux☆258Updated 4 years ago
- A framework for orchestrating forensic collection, processing and data export☆324Updated last week
- Data from a BRAWL Automated Adversary Emulation Exercise☆207Updated 4 years ago
- Osquery launcher, autoupdater, and packager☆528Updated this week
- Carbon Black API - Python language bindings☆145Updated 10 months ago
- ☆165Updated 4 years ago
- Automated Use Case Testing☆167Updated 7 years ago
- Searches For Threat Hunting and Security Analytics☆241Updated 3 months ago
- CIF v3 -- the fastest way to consume threat intelligence☆182Updated 2 years ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆175Updated 4 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆338Updated 3 years ago
- Yara integrated software to handle archive file data.☆313Updated 3 years ago
- An open source framework for enterprise level automated analysis.☆395Updated 3 years ago
- Threat Feed Aggregation, Made Easy☆168Updated 4 years ago
- DPS' Lightweight Investigation Notebook☆432Updated last year
- A repo containing tools developed by Carbon Black's Threat Research Team: Threat Analysis Unit☆235Updated 3 years ago
- Documentation of Cortex☆174Updated last year
- File Scanning Framework☆293Updated 3 years ago
- Documentation of TheHive☆398Updated last year
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆722Updated 5 years ago