{"id":21888673,"url":"https://github.com/swisscom/swisscom-csirt-resources","last_synced_at":"2026-02-03T02:35:28.823Z","repository":{"id":73689911,"uuid":"341549368","full_name":"swisscom/swisscom-csirt-resources","owner":"swisscom","description":"A curated list of analysis tools and resources created or maintained by Swisscom CSIRT.","archived":false,"fork":false,"pushed_at":"2021-10-28T19:46:34.000Z","size":13,"stargazers_count":7,"open_issues_count":0,"forks_count":2,"subscribers_count":16,"default_branch":"main","last_synced_at":"2025-07-05T06:37:14.285Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc0-1.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/swisscom.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-02-23T12:35:23.000Z","updated_at":"2023-01-25T10:17:19.000Z","dependencies_parsed_at":"2023-02-24T01:16:07.920Z","dependency_job_id":null,"html_url":"https://github.com/swisscom/swisscom-csirt-resources","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/swisscom/swisscom-csirt-resources","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swisscom%2Fswisscom-csirt-resources","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swisscom%2Fswisscom-csirt-resources/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swisscom%2Fswisscom-csirt-resources/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swisscom%2Fswisscom-csirt-resources/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/swisscom","download_url":"https://codeload.github.com/swisscom/swisscom-csirt-resources/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/swisscom%2Fswisscom-csirt-resources/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29028694,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-03T02:28:16.591Z","status":"ssl_error","status_checked_at":"2026-02-03T02:27:48.904Z","response_time":96,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-28T11:16:34.083Z","updated_at":"2026-02-03T02:35:28.808Z","avatar_url":"https://github.com/swisscom.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Swisscom CSIRT Resources\nA curated list of analysis tools and resources created or maintained by Swisscom CSIRT.\n\nBesides the tool mentioned below, our team contributes to various tools, among others to [Sigma](https://github.com/SigmaHQ/sigma), [KapeFiles](https://github.com/EricZimmerman/KapeFiles), [forensic artifacts](https://github.com/forensicartifacts/artifacts), [RECmd](https://github.com/EricZimmerman/RECmd) and [RegRipper](https://github.com/keydet89/RegRipper3.0).\n\n## Internet articles\nHere's a list of internet articles from various activities around the Swisscom CSIRT.\n* [Die guten Hacker [DE], 31 August 2016](https://www.swisscom.ch/de/magazin/datensicherheit-infrastruktur/die-guten-hacker/)\n* [Mr Red v. Mr Blue – a stress test for Swisscom, 8 November 2018](https://www.swisscom.ch/en/business/enterprise/themen/security/cyber-security-defense-csirt.html)\n* [Paying a visit to the IT fire brigade, 15 May 2020](https://www.swisscom.ch/en/business/enterprise/themen/security/soc-csirt-arbeitstag.html)\n* [On the hunt for hidden attackers, 18 September 2020](https://www.swisscom.ch/en/business/enterprise/themen/security/threat-hunting.html)\n\n## Incident Response Tools\n* [PowerGRR](https://github.com/swisscom/PowerGRR) - PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.\n* [PowerSponse](https://github.com/swisscom/PowerSponse) - PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.\n* [ArtifactCollectionMatrix](https://github.com/swisscom/ArtifactCollectionMatrix) - Forensic Artifact Collection Tool Matrix.\t\n* [Invoke-Forensics](https://github.com/swisscom/Invoke-Forensics) - Invoke-Forensics provides PowerShell scripts to simplify working with [KAPE](https://www.kroll.com/en/services/cyber-risk/incident-response-litigation-support/kroll-artifact-parser-extractor-kape)'s\n[targets and modules (KapeFiles)](https://github.com/EricZimmerman/KapeFiles) and [RegRipper](https://github.com/keydet89/RegRipper3.0)'s\n[plugins](https://github.com/keydet89/RegRipper3.0/tree/master/plugins).\n  \n## Detection Resources\n* [detections](https://github.com/swisscom/detections) - This repo contains threat intelligence information and threat detection indicators (IOC, IOA) shared by Swisscom CSIRT.\n\n## Log Management Tools\n* [PowerShell Splunk Addon](https://github.com/swisscom/splunk-addon-powershell/) - Splunk Add-on for PowerShell provides field extraction for PowerShell event logs.\n\n## Communication Channels\n* [Twitter](https://twitter.com/swisscom_csirt) - Swisscom CSIRT on Twitter.\n* [FIRST](https://www.first.org/members/teams/swisscom_csirt) - FIRST team page.\n\n## Vulnerability Management\n* [Bug Bounty](https://www.swisscom.ch/en/about/security/bug-bounty.html) - Our Bug Bounty programme supports the reporting and quick elimination of security gaps (bugs) in our products and services. We invite both private individuals and organisations to report weak points to our Computer Security Incident Response Team (CSIRT).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fswisscom%2Fswisscom-csirt-resources","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fswisscom%2Fswisscom-csirt-resources","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fswisscom%2Fswisscom-csirt-resources/lists"}