trailofbits / osquery-extensions
osquery extensions by Trail of Bits
☆264Updated last year
Alternatives and similar repositories for osquery-extensions:
Users that are interested in osquery-extensions are comparing it to the libraries listed below
- A repository for using osquery for incident detection and response☆840Updated 2 years ago
- AutoMacTC: Automated Mac Forensic Triage Collector☆534Updated 2 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆123Updated 4 years ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆788Updated last year
- A framework for orchestrating forensic collection, processing and data export☆305Updated last week
- Main Build directory☆178Updated 5 years ago
- Osquery Mangement Server☆114Updated 4 years ago
- Data from a BRAWL Automated Adversary Emulation Exercise☆204Updated 4 years ago
- Osquery launcher, autoupdater, and packager☆516Updated this week
- [⛔️ Deprecated] Venator is a python tool used to gather data for proactive detection of malicious activity on macOS devices.☆177Updated 4 years ago
- 1-Click push forensics evidence to the cloud☆142Updated 8 months ago
- Searches For Threat Hunting and Security Analytics☆240Updated 3 years ago
- An open source framework for enterprise level automated analysis.☆395Updated 2 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆123Updated 3 years ago
- Carbon Black API - Python language bindings☆145Updated 6 months ago
- Documentation of Cortex☆173Updated last year
- Bro/Zeek integration with osquery☆94Updated 4 years ago
- Extension to Cuckoo Sandbox open source projects, adds support to AWS cloud functionalities and enables running emulation on auto-scaling…☆136Updated 2 years ago
- Automated Use Case Testing☆167Updated 6 years ago
- Threat Feed Aggregation, Made Easy☆167Updated 4 years ago
- Fast and efficient osquery management☆422Updated this week
- File Scanning Framework☆291Updated 3 years ago
- Simple Docker-based quickstart for osquery, Fleet, and ELK stack☆62Updated last year
- Detecting ATT&CK techniques & tactics for Linux☆258Updated 4 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆336Updated 2 years ago
- ☆160Updated 4 years ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆175Updated 3 years ago
- CIF v3 -- the fastest way to consume threat intelligence☆183Updated last year
- The main project for the Unfetter-Discover application. This is the project that will hold the configuration files, the docker-compose f…☆411Updated 2 years ago
- Scripts and code referenced in CrowdStrike blog posts☆331Updated 5 years ago