133 Open source projects that are alternatives of or similar to Osctrl

SIAC is an enterprise SIEM built on open-source technology.

A repository for using osquery for incident detection and response

Recon Hunt Queries

Python API Client for Cortex

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

Wazuh - Chef cookbooks

Python API Client for TheHive

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Monzo's real-time incident response and reporting tool ⚡️

A list of cyber-chef recipes and curated links

Zentral is an open-source solution for infrastructure monitoring and endpoint event stream processing. It provides build-in orchestration of macOS security components (Santa, Osquery, et-al.), event correlation and event management. It consolidates its features with various data store backends (ElasticStack, Azure Log Analytics, Splunk, et-al.).

incident response tool for iOS devices

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

PagerDuty's Incident Response Documentation.

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

Go app that dispatches osquery to multi-machines

FAME Automates Malware Evaluation

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

Open source incident management and response platform.

Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.

Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

A curated list of tools for incident response

Explore Indicators of Compromise Automatically

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Osquery launcher, autoupdater, and packager

An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.

Invoke-LiveResponse

Maltego CaseFile entities for information security investigations, malware analysis and incident response

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

A Chef Cookbook to install and configure osquery.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders

A role-playing game for incident management training

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

A curated list of Site Reliability and Production Engineering resources.

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

Digging Deeper....

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Cortex: a Powerful Observable Analysis and Active Response Engine

A curated list of awesome things related to TheHive & Cortex

Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

Wazuh - Project documentation

OPCDE Cybersecurity Conference Materials

Extension to osquery windows that enhances it with real-time telemetry, log monitoring and other endpoint data collection

A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)

Provide a shell like interface by utilizing osquery's distributed API

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Documentation of TheHive

A community-oriented fork of osquery with support for cmake, public CI testing, and regular releases

Information gathering & website reconnaissance | https://phishstats.info/

All-in-one bundle of MISP, TheHive and Cortex

Hubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting. HubbleStack is a free and open source project made possible by Adobe. https://github.com/adobe

A flexible control server for osquery fleets

osquery extensions by Trail of Bits

Imago is a python tool that extract digital evidences from images.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

🚀 Bring your favorite shell wherever you go through the ssh.