Alternatives and similar repositories for osquery-extensions

Users that are interested in osquery-extensions are comparing it to the libraries listed below

• palantir / osquery-configuration
  A repository for using osquery for incident detection and response
  ☆869Updated 2 months ago
• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆123Updated 5 years ago
• CrowdStrike / automactc
  AutoMacTC: Automated Mac Forensic Triage Collector
  ☆553Updated 3 years ago
• OktaSecurityLabs / sgt
  Osquery Mangement Server
  ☆114Updated 5 years ago
• google / GiftStick
  1-Click push forensics evidence to the cloud
  ☆142Updated 2 months ago
• carbonblack / cbapi-python
  Carbon Black API - Python language bindings
  ☆145Updated last year
• teoseller / osquery-attck
  Mapping the MITRE ATT&CK Matrix with Osquery
  ☆803Updated 2 years ago
• zeek / zeek-osquery
  Bro/Zeek integration with osquery
  ☆94Updated 5 years ago
• richiercyrus / Venator
  [⛔️ Deprecated] Venator is a python tool used to gather data for proactive detection of malicious activity on macOS devices.
  ☆177Updated 5 years ago
• harvard-itsecurity / docker-misp
  Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
  ☆177Updated 4 years ago
• PUNCH-Cyber / stoq
  An open source framework for enterprise level automated analysis.
  ☆396Updated 3 years ago
• mikermcneil / fleet-osquery-in-a-box
  Simple Docker-based quickstart for osquery, Fleet, and ELK stack
  ☆63Updated 2 years ago
• 0x4D31 / deception-as-detection
  Deception based detection techniques mapped to the MITRE’s ATT&CK framework
  ☆287Updated 8 years ago
• csirtgadgets / bearded-avenger
  CIF v3 -- the fastest way to consume threat intelligence
  ☆182Updated 2 years ago
• EmersonElectricCo / fsf
  File Scanning Framework
  ☆295Updated 4 years ago
• TheHive-Project / CortexDocs
  Documentation of Cortex
  ☆175Updated 2 years ago
• log2timeline / dftimewolf
  A framework for orchestrating forensic collection, processing and data export
  ☆334Updated this week
• BayshoreNetworks / yextend
  Yara integrated software to handle archive file data.
  ☆320Updated 3 years ago
• mandiant / GeoLogonalyzer
  GeoLogonalyzer is a utility to analyze remote access logs for anomalies such as travel feasibility and data center sources.
  ☆196Updated last year
• TheHive-Project / Hippocampe
  Threat Feed Aggregation, Made Easy
  ☆168Updated 5 years ago
• kolide / launcher
  Osquery launcher, autoupdater, and packager
  ☆534Updated last week
• CrowdStrike / Forensics
  Scripts and code referenced in CrowdStrike blog posts
  ☆334Updated 6 years ago
• Yara-Rules / yara-endpoint
  Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
  ☆109Updated 7 years ago
• orlikoski / Skadi
  Collect, Process, and Hunt with host based data from MacOS, Windows, and Linux
  ☆504Updated 3 years ago
• secureworks / flowsynth
  a network packet capture compiler
  ☆204Updated 3 years ago
• unfetter-discover / unfetter
  The main project for the Unfetter-Discover application. This is the project that will hold the configuration files, the docker-compose f…
  ☆416Updated 2 years ago
• PUNCH-Cyber / YaraGuardian
  Django web interface for managing Yara rules
  ☆197Updated 7 years ago
• spotify / terraform-google-grr
  A Terraform module for GRR: the distributed incident forensics and response framework
  ☆51Updated 5 years ago
• unfetter-discover / unfetter-analytic
  Main Build directory
  ☆179Updated 6 years ago
• endgameinc / eqllib
  ☆166Updated 4 years ago