Alternatives and similar repositories for osquery-extensions

Users that are interested in osquery-extensions are comparing it to the libraries listed below

• palantir / osquery-configuration
  A repository for using osquery for incident detection and response
  ☆880Updated 4 months ago
• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆124Updated 5 years ago
• OktaSecurityLabs / sgt
  Osquery Mangement Server
  ☆115Updated 5 years ago
• CrowdStrike / automactc
  AutoMacTC: Automated Mac Forensic Triage Collector
  ☆558Updated 3 years ago
• harvard-itsecurity / docker-misp
  Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
  ☆177Updated 4 years ago
• zeek / zeek-osquery
  Bro/Zeek integration with osquery
  ☆94Updated 5 years ago
• mikermcneil / fleet-osquery-in-a-box
  Simple Docker-based quickstart for osquery, Fleet, and ELK stack
  ☆64Updated 2 years ago
• carbonblack / cbapi-python
  Carbon Black API - Python language bindings
  ☆145Updated last year
• TheHive-Project / Hippocampe
  Threat Feed Aggregation, Made Easy
  ☆169Updated 5 years ago
• csirtgadgets / bearded-avenger
  CIF v3 -- the fastest way to consume threat intelligence
  ☆183Updated 2 years ago
• EmersonElectricCo / fsf
  File Scanning Framework
  ☆295Updated 4 years ago
• google / GiftStick
  1-Click push forensics evidence to the cloud
  ☆144Updated 4 months ago
• teoseller / osquery-attck
  Mapping the MITRE ATT&CK Matrix with Osquery
  ☆808Updated 2 years ago
• P4T12ICK / ypsilon
  Automated Use Case Testing
  ☆171Updated 7 years ago
• 0x4D31 / deception-as-detection
  Deception based detection techniques mapped to the MITRE’s ATT&CK framework
  ☆291Updated 8 years ago
• zeek / packages
  The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.
  ☆144Updated last week
• CheckPointSW / Cuckoo-AWS
  Extension to Cuckoo Sandbox open source projects, adds support to AWS cloud functionalities and enables running emulation on auto-scaling…
  ☆135Updated 3 years ago
• pan-unit42 / playbook_viewer
  ☆176Updated last year
• mitre / brawl-public-game-001
  Data from a BRAWL Automated Adversary Emulation Exercise
  ☆211Updated 5 years ago
• Soinull / assimilate
  Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers
  ☆92Updated 8 years ago
• secureworks / flowsynth
  a network packet capture compiler
  ☆205Updated 3 years ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆136Updated last year
• kolide / launcher
  Osquery launcher, autoupdater, and packager
  ☆536Updated this week
• zeek / zeek-docker
  Docker files for building Zeek.
  ☆88Updated 2 years ago
• alphasoc / nfr
  A lightweight tool to score network traffic and flag anomalies
  ☆123Updated last year
• spotify / terraform-google-grr
  A Terraform module for GRR: the distributed incident forensics and response framework
  ☆52Updated 5 years ago
• blacktop / docker-zeek
  Zeek IDS Dockerfile
  ☆101Updated 3 years ago
• endgameinc / eqllib
  ☆168Updated 5 years ago
• PUNCH-Cyber / stoq
  An open source framework for enterprise level automated analysis.
  ☆396Updated 3 years ago
• TheHive-Project / CortexDocs
  Documentation of Cortex
  ☆174Updated 2 years ago