sqhunter -  threat hunter based on osquery and salt open.

sqhunter – threat hunter based on osquery and salt open.

sqhunter is a Threat hunter based on osquery, Salt Open and Cymon API.
Features
+ query open network sockets and check them against threat intelligence sources
+ issue ad-hoc or distributed queries using salt and osqueryi, without the need for osqueryd’s tls plugin

sqhunter

Requirements
– Salt Open (salt-master, salt-minion)¹
– Python 2.7
– salt (you may need to install gcc, gcc-c++, python dev)
– cymon
– netaddr

Use and Download:

Source: https://github.com/0x4D31