| osquery/osquery |
20,877 |
|
0 |
0 |
about 2 years ago |
3 |
March 31, 2018 |
624 |
other |
C++ |
| SQL powered operating system instrumentation, monitoring, and analytics. |
| meirwah/awesome-incident-response |
6,852 |
|
0 |
0 |
about 2 years ago |
0 |
|
13 |
apache-2.0 |
|
| A curated list of tools for incident response |
| kolide/fleet |
1,058 |
|
0 |
0 |
over 5 years ago |
10 |
August 04, 2020 |
110 |
mit |
|
| A flexible control server for osquery fleets |
| Netflix-Skunkworks/diffy |
631 |
|
0 |
0 |
over 2 years ago |
1 |
June 06, 2018 |
3 |
apache-2.0 |
Python |
| :no_entry: (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response. |
| chainguard-dev/osquery-defense-kit |
485 |
|
0 |
0 |
about 2 years ago |
0 |
|
0 |
apache-2.0 |
Makefile |
| Production-ready detection & response queries for osquery |
| jmpsec/osctrl |
312 |
|
0 |
5 |
about 2 years ago |
12 |
February 25, 2021 |
31 |
mit |
Go |
| Fast and efficient osquery management |
| trailofbits/osquery-extensions |
241 |
|
0 |
0 |
about 3 years ago |
0 |
|
17 |
apache-2.0 |
C |
| osquery extensions by Trail of Bits |
| trailofbits/ebpfpub |
95 |
|
0 |
0 |
about 3 years ago |
0 |
|
0 |
apache-2.0 |
C++ |
| ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes. |
| citybasebrooks/SIAC |
87 |
|
0 |
0 |
over 7 years ago |
0 |
|
0 |
apache-2.0 |
|
| SIAC is an enterprise SIEM built on open-source technology. |
| 0x4D31/sqhunter |
65 |
|
0 |
0 |
almost 9 years ago |
0 |
|
0 |
mit |
Python |
| A simple threat hunting tool based on osquery, Salt Open and Cymon API |
