Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/Correia-jpv/fucking-awesome-incident-response
A curated list of tools for incident response. With repository stars⭐ and forks🍴
awesome awesome-list dfir dfir-automation digital-forensics digitalforensics incident incident-management incident-reports incident-response incident-response-tooling incidents list security
Last synced: 18 Jun 2024
![](https://github.com/Correia-jpv.png)
https://github.com/cado-security/rip_raw
Rip Raw is a small tool to analyse the memory of compromised Linux systems.
dfir dfir-automation forensic-analysis forensics memory-forensics security
Last synced: 05 Jun 2024
![](https://github.com/cado-security.png)
https://github.com/jurelou/epagneul
Graph Visualization for windows event logs
blueteam dfir-automation evtx forensics forensics-tools hunting security security-tools threat-hunting
Last synced: 05 Jun 2024
![](https://github.com/jurelou.png)
https://github.com/op7ic/unix_collector
unix_collector is a live response collection script for Incident Response on UNIX-like systems using native binaries.
blueteam computer-forensics dfir dfir-automation forensic-analysis forensics freebsd linux live-response openbsd posix script shell solaris unix
Last synced: 26 May 2024
![](https://github.com/op7ic.png)
https://github.com/hashlookup/hashlookup-forensic-analyser
Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/
bloom-filter dfir dfir-automation forensic-analysis forensics-investigations hashlookup nsrl nsrllookup
Last synced: 26 May 2024
![](https://github.com/hashlookup.png)
https://github.com/clong/DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
ansible detection detectionlab dfir dfir-automation information-security lab-environment osquery packer powershell sysmon terraform vagrant vagrantfile
Last synced: 25 May 2024
![](https://github.com/clong.png)
https://github.com/securityjoes/MasterParser
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
automation cyber cyber-security dfir dfir-automation digital-forensic incident-response infosec ir mdr powershell reporting security soc tools
Last synced: 11 May 2024
![](https://github.com/securityjoes.png)
https://github.com/cado-security/varc
Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.
aws aws-fargate aws-forensics aws-lambda cloud-security dfir dfir-automation docker-forensics eks-forensics fargate-forensics forensics hacktoberfest memory-forensics security
Last synced: 17 Apr 2024
![](https://github.com/cado-security.png)
https://github.com/iknowjason/BlueCloud
Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
blue-team cyber-range cyberrange dfir dfir-automation edr-testing pentesting purpleteam
Last synced: 31 Mar 2024
![](https://github.com/iknowjason.png)
https://github.com/iknowjason/PurpleCloud
A little tool to play with Azure Identity - Azure Active Directory lab creation tool
azure azure-lab dfir dfir-automation pentest purpleteam siem
Last synced: 31 Mar 2024
![](https://github.com/iknowjason.png)