Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/opensourcesec/CIRTKit
Tools for the Computer Incident Response Team :computer:
https://github.com/opensourcesec/CIRTKit
carbonblack dfir malware-analysis python
Last synced: 2 months ago
JSON representation
Tools for the Computer Incident Response Team :computer:
- Host: GitHub
- URL: https://github.com/opensourcesec/CIRTKit
- Owner: opensourcesec
- License: mit
- Created: 2015-10-19T15:50:22.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2017-04-17T16:43:44.000Z (about 7 years ago)
- Last Synced: 2024-03-22T13:27:38.925Z (3 months ago)
- Topics: carbonblack, dfir, malware-analysis, python
- Language: Python
- Homepage:
- Size: 461 KB
- Stars: 140
- Watchers: 19
- Forks: 25
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Lists
- awesome-cybersecurity-blueteam - CIRTKit - Scriptable Digital Forensics and Incident Response (DFIR) toolkit built on Viper. (Incident Response tools / IR management consoles)
- awesome-cybersecurity-blueteam - CIRTKit - Scriptable Digital Forensics and Incident Response (DFIR) toolkit built on Viper. (Incident Response tools / IR management consoles)
- awesome-blueteam - CIRTKit - Scriptable Digital Forensics and Incident Response (DFIR) toolkit built on Viper. (Incident Response tools / IR management consoles)
- awesome-cybersecurity-blueteam-cn - CIRTKit - 基于Viper构建的、可编写脚本的数字取证和事件响应(Digital Forensics and Incident Response, DFIR)工具包 (事件响应工具 / 事件响应管理平台)
README
One DFIR console to rule them all. Built on top of the [Viper Framework](https://github.com/viper-framework/viper)
[](https://travis-ci.org/byt3smith/CIRTKit)
## Documentation
* Please see the [wiki](https://github.com/byt3smith/CIRTKit/wiki) for more information about CIRTKit and documentation
## Roadmap
### Future integrations
* Bit9
* Palo Alto Networks
* EnCase/FTK
### Future modules
* Packet Analysis (possibly Dshell)
* Javascript Unpacking/Deobfuscation
* Volatility Memory Analysis Framework
* Hex Viewer/Editor
### Scripting Framework
* Automation is key. Scripting is key to DFIR, thus needs to be available in CIRTKit