packetzero

Pinned Repositories

clog
C++ Logging with per-module levels and string hiding for release-mode
Language:C++1 2 00
crow
C++11 lib for binary encoder/decoder. Like protobuf without needing .proto files
Language:C++2 2 01
dnsparser
Simple C++ DNS payload parser
Language:C++34 5 122
dnssniffer
Sniffer that extracts DNS data using libpcap in C++
Language:C++5 1 03
etwrealtime
Example of real-time Windows ETW packet capture session
Language:C++52 7 020
kafka.cr
crystal-lang wrapper around kafka C library
Language:Crystal8 3 06
libntstat
C++ library for com.apple.network.statistics kernel events on MacOS/OS X/Darwin
Language:C++20 2 13
libtls_cert_example
C++ example of pinned certs and LibreSSL libtls
Language:C++3 2 12
osquery_aws_notes
Best Practices and Integration Testing osquery AWS Logger
Language:Shell3 1 00
ps-audit-scripts
Powershell scripts for setting local event log audit settings using auditpol.exe
Language:PowerShell2 2 01

packetzero's Repositories

packetzero/dnsparser
Simple C++ DNS payload parser
Language:C++34 5 122
packetzero/libntstat
C++ library for com.apple.network.statistics kernel events on MacOS/OS X/Darwin
Language:C++20 2 13
packetzero/kafka.cr
crystal-lang wrapper around kafka C library
Language:Crystal8 3 06
packetzero/osquery_aws_notes
Best Practices and Integration Testing osquery AWS Logger
Language:Shell3 1 00
packetzero/crow
C++11 lib for binary encoder/decoder. Like protobuf without needing .proto files
Language:C++2 2 01
packetzero/osq_config_report
A tool to generate hyperlinked static HTML from osquery configs and packs
Language:Ruby1 1 0
packetzero/osquery
SQL powered operating system instrumentation, monitoring, and analytics.
Language:C++1 1 0
packetzero/vsqlite_serialize
A self-contained C++ module for osquery-like applications to serialize results, determine differential results, and have flexible protocols.
Language:C++1 1 01
packetzero/atomic-harness
A tool to run and validate telemetry for Atomic Red Team tests
Language:Go0 0
packetzero/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Language:PowerShell1 0
packetzero/atomic-validation-criteria
0 0
packetzero/auditutils
Language:C++2 0
packetzero/code1920
Language:Go7 04
packetzero/conveyor
C++11 library : efficient event cache for osquery agent with multiple read cursor support
Language:C++1 0
packetzero/csvtoker
Simple C++ CSV line parser
Language:C++1 0
packetzero/diwebapp
Language:JavaScript1 01
packetzero/dyno
Dynamic C++ objects for osquery
Language:C++1 0
packetzero/edarr-deps
Language:Ruby1 0
packetzero/falco_builder_ubuntu
2 0
packetzero/fring_bench
Comparison of JSON vs Binary record encoding performance tests with fring
Language:C++2 0
packetzero/go-atomicredteam
go-atomicredteam is a Golang application to execute tests as defined in the atomics folder of Red Canary's Atomic Red Team project (https://github.com/redcanaryco/atomic-red-team).
Language:Go1 0
packetzero/gorm-test
Language:Go2 0
packetzero/libetw
Simple C++ library for Windows ETW event access
Language:C++2 01
packetzero/mason
Cross platform package manager for C/C++ apps
Language:Shell1 0
packetzero/notes
1 0
packetzero/prettysql
SQL Pretty printer using simplesql C++ library, with optional schema awareness
Language:C++2 0
packetzero/simplesql
C++ library for parsing, evaluating simple SQLite queries and expressions
Language:C++1 0
packetzero/third-party
All of the dependencies that osquery needs that don't have nice packages
Language:C1 0
packetzero/vsqlite
C++11 library for using sqlite3 with virtual tables
Language:C++2 0
packetzero/yara
The pattern matching swiss knife
Language:C1 0