trailofbits / osquery-extensionsLinks
osquery extensions by Trail of Bits
☆264Updated 2 years ago
Alternatives and similar repositories for osquery-extensions
Users that are interested in osquery-extensions are comparing it to the libraries listed below
Sorting:
- A repository for using osquery for incident detection and response☆859Updated 3 years ago
- AutoMacTC: Automated Mac Forensic Triage Collector☆546Updated 3 years ago
- Osquery Mangement Server☆114Updated 5 years ago
- This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2☆123Updated 4 years ago
- Simple Docker-based quickstart for osquery, Fleet, and ELK stack☆63Updated last year
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆175Updated 4 years ago
- File Scanning Framework☆294Updated 3 years ago
- An open source framework for enterprise level automated analysis.☆395Updated 3 years ago
- Carbon Black API - Python language bindings☆145Updated last year
- [⛔️ Deprecated] Venator is a python tool used to gather data for proactive detection of malicious activity on macOS devices.☆177Updated 5 years ago
- Osquery Resources☆62Updated 6 years ago
- Osquery launcher, autoupdater, and packager☆528Updated last week
- Scripts and code referenced in CrowdStrike blog posts☆333Updated 5 years ago
- Extension to Cuckoo Sandbox open source projects, adds support to AWS cloud functionalities and enables running emulation on auto-scaling…☆136Updated 3 years ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆802Updated 2 years ago
- Threat Feed Aggregation, Made Easy☆168Updated 5 years ago
- Deception based detection techniques mapped to the MITRE’s ATT&CK framework☆289Updated 7 years ago
- ☆175Updated last year
- Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux☆501Updated 2 years ago
- 1-Click push forensics evidence to the cloud☆141Updated last year
- Documentation of Cortex☆174Updated last year
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆110Updated 7 years ago
- The Cold Disk Quick Response (CDQR) tool is a fast and easy to use forensic artifact parsing tool that works on disk images, mounted driv…☆340Updated 3 years ago
- A framework for orchestrating forensic collection, processing and data export☆328Updated last week
- CIF v3 -- the fastest way to consume threat intelligence☆182Updated 2 years ago
- Engine of MineMeld☆140Updated 2 years ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆263Updated 2 years ago
- Main Build directory☆179Updated 6 years ago
- Script for automating Linux memory capture and analysis☆271Updated 5 years ago
- Automated Use Case Testing☆167Updated 7 years ago