trailofbits / osquery-extensions

Related projects ⓘ

Alternatives and complementary repositories for osquery-extensions

• palantir / osquery-configuration
  A repository for using osquery for incident detection and response
  ☆828Updated 2 years ago
• CrowdStrike / automactc
  AutoMacTC: Automated Mac Forensic Triage Collector
  ☆532Updated 2 years ago
• teoseller / osquery-attck
  Mapping the MITRE ATT&CK Matrix with Osquery
  ☆776Updated last year
• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆124Updated 4 years ago
• OktaSecurityLabs / sgt
  Osquery Mangement Server
  ☆114Updated 4 years ago
• mikermcneil / fleet-osquery-in-a-box
  Simple Docker-based quickstart for osquery, Fleet, and ELK stack
  ☆60Updated last year
• TheHive-Project / Hippocampe
  Threat Feed Aggregation, Made Easy
  ☆166Updated 4 years ago
• corelight / community-id-spec
  An open standard for hashing network flows into identifiers, a.k.a "Community IDs".
  ☆171Updated last month
• zercurity / zercurity
  Manage, monitor and improve your cyber security posture.
  ☆87Updated last year
• spyre-project / spyre
  simple YARA-based IOC scanner
  ☆164Updated this week
• log2timeline / dftimewolf
  A framework for orchestrating forensic collection, processing and data export
  ☆296Updated this week
• unfetter-discover / unfetter-analytic
  Main Build directory
  ☆177Updated 5 years ago
• unfetter-discover / unfetter
  The main project for the Unfetter-Discover application. This is the project that will hold the configuration files, the docker-compose f…
  ☆408Updated last year
• csirtgadgets / bearded-avenger
  CIF v3 -- the fastest way to consume threat intelligence
  ☆184Updated last year
• google / GiftStick
  1-Click push forensics evidence to the cloud
  ☆139Updated 4 months ago
• kolide / launcher
  Osquery launcher, autoupdater, and packager
  ☆506Updated this week
• carbonblack / cbapi-python
  Carbon Black API - Python language bindings
  ☆147Updated 2 months ago
• jmpsec / osctrl
  Fast and efficient osquery management
  ☆391Updated this week
• pan-unit42 / playbook_viewer
  ☆168Updated 4 months ago
• BayshoreNetworks / yextend
  Yara integrated software to handle archive file data.
  ☆299Updated 2 years ago
• endgameinc / eqllib
  ☆158Updated 3 years ago
• richiercyrus / Venator
  [⛔️ Deprecated] Venator is a python tool used to gather data for proactive detection of malicious activity on macOS devices.
  ☆176Updated 4 years ago
• harvard-itsecurity / docker-misp
  Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
  ☆175Updated 3 years ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆123Updated 2 months ago
• carbonblack / tau-tools
  A repo containing tools developed by Carbon Black's Threat Research Team: Threat Analysis Unit
  ☆230Updated 3 years ago
• orlikoski / Skadi
  Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
  ☆491Updated 2 years ago
• mitre / brawl-public-game-001
  Data from a BRAWL Automated Adversary Emulation Exercise
  ☆202Updated 4 years ago
• randomuserid / Adama
  Searches For Threat Hunting and Security Analytics
  ☆239Updated 3 years ago