Browse & filter

Filter by platform, license text, maturity, maintenance cadence, and editorial tags like privacy-focused or self-hosted. Search matches names, summaries, tags, and use cases.

Velociraptor

Top pick

Endpoint visibility and DFIR: Velociraptor Query Language (VQL), hunts, notebooks, and artifact packs across fleets.

dfiredrhuntingendpointsoc

Security & Privacy

WHIDS

Honorable mention

Open Windows EDR-oriented agent using Sysmon/ETW feeds with detection-driven artifact collection and MISP/Elastic export.

edrwindowssysmondetectionartifacts