Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Projects in Awesome Lists tagged with incident-response
A curated list of projects in awesome lists tagged with incident-response .
https://github.com/kubeshark/kubeshark
The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters. Inspired by Wireshark, purposely built for Kubernetes
amqp cloud-native devops devops-tools docker forensics go golang grpc incident-response kafka kubernetes microservice microservices microservices-application observability redis rest sniffer wireshark
Last synced: 29 Sep 2024
https://github.com/up9inc/mizu
The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters. Inspired by Wireshark, purposely built for Kubernetes
amqp cloud-native devops devops-tools docker forensics go golang grpc incident-response kafka kubernetes microservice microservices microservices-application observability redis rest sniffer wireshark
Last synced: 30 Jul 2024
https://github.com/wazuh/wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
cloud-security compliance configuration-assessement container-security cybersecurity file-integrity-monitoring incident-response infosec log-analysis malware-detection pci-dss security security-audit security-automation security-hardening security-tools siem vulnerability-detection wazuh xdr
Last synced: 25 Sep 2024
https://github.com/upgundecha/howtheysre
A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)
alerting chaos-engineering dev-ops devops hacktoberfest hacktoberfest-accepted incident-management incident-response infrastructure ml-ops monitoring observability on-call post-mortem reliability security site-reliability-engineering software-engineering sre sre-culture
Last synced: 30 Sep 2024
https://github.com/toniblyx/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
auditing aws-infrastructure aws-inventory aws-lambda cloud cloudtrail dfir iam incident-response security security-tools
Last synced: 30 Sep 2024
https://github.com/OneUptime/oneuptime
OneUptime is the complete open-source observability platform.
devops incident-management incident-response monitoring observability on-call status-page
Last synced: 31 Jul 2024
https://github.com/thehive-project/thehive
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
agplv3 analyzer api cortex dfir digital-forensics free incident-management incident-response incident-response-tooling investigations iocs misp open-source orchestration platform rest scala security-incidents thehive
Last synced: 01 Oct 2024
https://github.com/TheHive-Project/TheHive
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
agplv3 analyzer api cortex dfir digital-forensics free incident-management incident-response incident-response-tooling investigations iocs misp open-source orchestration platform rest scala security-incidents thehive
Last synced: 01 Aug 2024
https://github.com/intelowlproject/intelowl
IntelOwl: manage your Threat Intelligence at scale
cyber-security cyber-threat-intelligence cybersecurity dfir enrichment hacktoberfest honeynet incident-response intel-owl ioc malware-analysis malware-analyzer osint osint-python python security-tools threat-hunting threat-intelligence threathunting threatintel
Last synced: 25 Sep 2024
https://github.com/intelowlproject/IntelOwl
IntelOwl: manage your Threat Intelligence at scale
cyber-security cyber-threat-intelligence cybersecurity dfir enrichment hacktoberfest honeynet incident-response intel-owl ioc malware-analysis malware-analyzer osint osint-python python security-tools threat-hunting threat-intelligence threathunting threatintel
Last synced: 31 Jul 2024
https://github.com/a-poc/blueteam-tools
Tools and Techniques for Blue Team / Incident Response
blue-team blueteam cheatsheet cyber-security defender incident incident-response malware-analysis resources tools vulnerability-management wiki
Last synced: 26 Sep 2024
https://github.com/velocidex/velociraptor
Digging Deeper....
digital-forensics endpoint-discovery endpoint-protection endpoint-security forensics-investigations incident-response inventory-management
Last synced: 30 Sep 2024
https://github.com/Velocidex/velociraptor
Digging Deeper....
digital-forensics endpoint-discovery endpoint-protection endpoint-security forensics-investigations incident-response inventory-management
Last synced: 30 Jul 2024
https://github.com/sleuthkit/sleuthkit
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
forensics incident-response ntfs sleuthkit tct
Last synced: 30 Sep 2024
https://github.com/A-poc/BlueTeam-Tools
Tools and Techniques for Blue Team / Incident Response
blue-team blueteam cheatsheet cyber-security defender incident incident-response malware-analysis resources tools vulnerability-management wiki
Last synced: 01 Aug 2024
https://github.com/volatilityfoundation/volatility3
Volatility 3.0 development
digital-investigation forensics incident-response malware memory python ram volatility volatility-framework
Last synced: 30 Sep 2024
https://github.com/mattnotmax/cyberchef-recipes
A list of cyber-chef recipes and curated links
cyberchef cyberchef-recipes data-manipulation dfir incident-response malware regular-expression
Last synced: 01 Aug 2024
https://github.com/Yamato-Security/hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
attack cybersecurity detection dfir event forensics hayabusa hunting incident incident-response logs response rust security security-automation sigma threat threat-hunting windows yamato
Last synced: 01 Aug 2024
https://github.com/last-byte/PersistenceSniper
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte
incident-response malware-detection persistence powershell powershell-module powershell-script registry techniques windows
Last synced: 01 Aug 2024
https://github.com/bashfuscator/bashfuscator
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
bash blue-team evasion incident-response infosec linux linux-shell obfuscation red-team
Last synced: 30 Sep 2024
https://github.com/Bashfuscator/Bashfuscator
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
bash blue-team evasion incident-response infosec linux linux-shell obfuscation red-team
Last synced: 04 Aug 2024
https://github.com/monzo/response
Monzo's real-time incident response and reporting tool ⚡️
incident incident-management incident-reports incident-response response slack-bot
Last synced: 01 Oct 2024
https://github.com/austinsonger/incident-playbook
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
catalog contributions-welcome contributors-welcome cybersecurity cybersecurity-playbook incident-management incident-response incidents mitre mitre-attack playbook
Last synced: 30 Sep 2024
https://github.com/austinsonger/Incident-Playbook
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
catalog contributions-welcome contributors-welcome cybersecurity cybersecurity-playbook incident-management incident-response incidents mitre mitre-attack playbook
Last synced: 01 Aug 2024
https://github.com/thehive-project/cortex
Cortex: a Powerful Observable Analysis and Active Response Engine
analysis analyzer api cortex cyber-threat-intelligence dfir digital-forensics engine free free-software incident-response iocs observable open-source python response rest scala security-incidents thehive
Last synced: 30 Sep 2024
https://github.com/dastergon/postmortem-templates
A collection of postmortem templates
devops incident-reporting incident-reports incident-response post-mortem postmortem postmortem-templates site-reliability site-reliability-engineering sre
Last synced: 30 Sep 2024
https://github.com/yampelo/beagle
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
dfir digital-forensics forensic-analysis graph incident-response security threat-hunting
Last synced: 30 Sep 2024
https://github.com/TheHive-Project/Cortex
Cortex: a Powerful Observable Analysis and Active Response Engine
analysis analyzer api cortex cyber-threat-intelligence dfir digital-forensics engine free free-software incident-response iocs observable open-source python response rest scala security-incidents thehive
Last synced: 01 Aug 2024
https://github.com/nitefood/asn
ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server
api as-path asn asn-lookup autonomous-systems bash bgp fingerprinting geolocation incident-response ip-lookup ip-reputation mtr osint recon rpki shodan team-cymru traceroute whois
Last synced: 01 Aug 2024
https://github.com/ahmedkhlief/apt-hunter
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
apt-attacks forensic-analysis incident-response purpleteam python3 threat-hunting windows-event-logs windows-eventlog
Last synced: 30 Sep 2024
https://github.com/ahmedkhlief/APT-Hunter
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
apt-attacks forensic-analysis incident-response purpleteam python3 threat-hunting windows-event-logs windows-eventlog
Last synced: 04 Aug 2024
https://github.com/emalderson/thephish
ThePhish: an automated phishing email analysis tool
attack cyberdefense cybersecurity detection digital-forensics email free incident-response indicators-of-compromise malware misp phishing phishing-detection python script thehive thehive4 thehive4py threat-intelligence webapp
Last synced: 30 Sep 2024
https://github.com/emalderson/ThePhish
ThePhish: an automated phishing email analysis tool
attack cyberdefense cybersecurity detection digital-forensics email free incident-response indicators-of-compromise malware misp phishing phishing-detection python script thehive thehive4 thehive4py threat-intelligence webapp
Last synced: 01 Aug 2024
https://github.com/pagerduty/incident-response-docs
PagerDuty's Incident Response Documentation.
documentation incident-response oncall pagerduty team-security
Last synced: 30 Sep 2024
https://github.com/PagerDuty/incident-response-docs
PagerDuty's Incident Response Documentation.
documentation incident-response oncall pagerduty team-security
Last synced: 01 Aug 2024
https://github.com/mdecrevoisier/Microsoft-eventlog-mindmap
Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
active-directory azure evtx exchange incident-response mindmap windows
Last synced: 03 Aug 2024
https://github.com/certtools/intelmq
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
alerts automation cert csirt cybersecurity feeds handling ihap incident incident-response intelligence ioc malware phishing python threat
Last synced: 01 Aug 2024
https://github.com/dfir-iris/iris-web
Collaborative Incident Response platform
csirt-tooling digital-forensics digital-forensics-incident-response forensic forensic-analysis forensic-tools incident-response python
Last synced: 01 Aug 2024
https://github.com/mikeroyal/open-source-security-guide
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
compliance cyber-security detection-engineering forensics-tools incident-management incident-response information-security infosec intrusion-detection kali-linux mitre-attack network-analysis offensive-security pentesters privacy-protection scanning-tool siem surveillance vulnerabilities vulnerability-detection
Last synced: 03 Oct 2024
https://github.com/mikeroyal/Open-Source-Security-Guide
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
compliance cyber-security detection-engineering forensics-tools incident-management incident-response information-security infosec intrusion-detection kali-linux mitre-attack network-analysis offensive-security pentesters privacy-protection scanning-tool siem surveillance vulnerabilities vulnerability-detection
Last synced: 01 Aug 2024
https://github.com/certsocietegenerale/fame
FAME Automates Malware Evaluation
framework incident-response infosec malware malware-analysis malware-research
Last synced: 20 Aug 2024
https://github.com/A3sal0n/CyberThreatHunting
A collection of resources for Threat Hunters
cybersecurity dfir incident-response threat-hunting threat-intelligence
Last synced: 31 Jul 2024
https://github.com/a3sal0n/cyberthreathunting
A collection of resources for Threat Hunters
cybersecurity dfir incident-response threat-hunting threat-intelligence
Last synced: 03 Aug 2024
https://github.com/thalesgroup-cert/Watcher
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
certificate-transparency certstream cybersecurity django incident-response misp monitoring nltk osint osint-python phishing reactjs rss-bridge security thehive threat-detection threat-hunting threat-intelligence watcher webapp
Last synced: 01 Aug 2024
https://github.com/palantir/osquery-configuration
A repository for using osquery for incident detection and response
detection incident-response information-security octo-correct-managed osquery
Last synced: 31 Jul 2024
https://github.com/darkquasar/AzureHunter
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
azforensics azure azure-forensics azuresearcher cloud-forensics cybersecurity dfir digital-forensics incident-response powershellv5 threat-hunting threathunting unifiedauditlog
Last synced: 04 Aug 2024
https://github.com/cyb3rfox/Aurora-Incident-Response
Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
incident-management incident-response incident-response-tooling
Last synced: 04 Aug 2024
https://github.com/drew-alleman/datasurgeon
Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Security Numbers and a lot More From Text
bug-bounty ctf-tools cybersecurity email file-search hacking incident-response infosec ip-address osint pentesting recon reconnaissance regex rust rust-lang search search-tools security-tools windows
Last synced: 28 Sep 2024
https://github.com/Drew-Alleman/DataSurgeon
Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Security Numbers and a lot More From Text
bug-bounty ctf-tools cybersecurity email file-search hacking incident-response infosec ip-address osint pentesting recon reconnaissance regex rust rust-lang search search-tools security-tools windows
Last synced: 06 Aug 2024
https://github.com/DFIRKuiper/Kuiper
Digital Forensics Investigation Platform
artifacts dfir digital-forensics incident-response parser security
Last synced: 01 Aug 2024
https://github.com/tenzir/tenzir
Open source security data pipelines.
dataops incident-response investigation netflow pcap pipelines secdataops security siem sigma soc suricata threathunting zeek
Last synced: 31 Jul 2024
https://github.com/Patrowl/PatrowlManager
PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
api automation incident-response ioc orchestration patrowl scans secops security-automation security-scanner security-tools thehive threat-hunting threat-intelligence vulnerabilities vulnerability-detection vulnerability-management vulnerability-scanners
Last synced: 01 Aug 2024
https://github.com/tclahr/uac
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
aix android computer-forensics dfir esxi forensics freebsd incident-response linux live-response macos netbsd netscaler openbsd script security shell solaris terminal triage
Last synced: 26 Sep 2024
https://github.com/counteractive/incident-response-plan-template
A concise, directive, specific, flexible, and free incident response plan template
cybersecurity incident incident-management incident-response information-security infosec
Last synced: 01 Aug 2024
https://github.com/comaeio/opcde
OPCDE Cybersecurity Conference Materials
cybersecurity incident-response information-security vulnerability
Last synced: 06 Aug 2024
https://github.com/atc-project/atc-react
A knowledge base of actionable Incident Response techniques
amitt dfir incident-response mitre-attack response-playbooks thehive
Last synced: 04 Aug 2024
https://atc-project.github.io/atc-react/
A knowledge base of actionable Incident Response techniques
amitt dfir incident-response mitre-attack response-playbooks thehive
Last synced: 01 Aug 2024
https://github.com/msuiche/OPCDE
OPCDE Cybersecurity Conference Materials
cybersecurity incident-response information-security vulnerability
Last synced: 01 Aug 2024
https://github.com/wazuh/wazuh-docker
Wazuh - Docker containers
compliance docker elasticsearch file-integrity-management hacktoberfest hacktoberfest-accepted ids incident-response intrusion-detection log-analysis loganalyzer monitoring ossec pci-dss policy-monitoring security security-awareness security-hardening vulnerability-detection wazuh
Last synced: 01 Aug 2024
https://github.com/securityjoes/MasterParser
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
automation cyber cyber-security dfir dfir-automation digital-forensic incident-response infosec ir mdr powershell reporting security soc tools
Last synced: 01 Aug 2024
https://github.com/Johnng007/Live-Forensicator
A suite of Tools to aid Incidence Response and Live Forensics for - Windows (Powershell) | Linux (Bash) | MacOS (Shell)
bash eventlog-analysis eventlogs forensicator forensics forensics-investigations incident-response linux linux-shell live-forensic log4j macos powershell ransomeware
Last synced: 04 Aug 2024
https://github.com/dfirtrack/dfirtrack
DFIRTrack - The Incident Response Tracking Application
dfir digital-forensics incident-management incident-response incident-response-tooling
Last synced: 02 Aug 2024
https://github.com/chenerlich/FCL
FCL (Fileless Command Lines) - Known command lines of fileless malicious executions
command-line fcl file-less incident-response malware malware-analysis malware-detection threat-hunting
Last synced: 01 Aug 2024
https://github.com/diogo-fernan/ir-rescue
A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
bash batch cybersecurity dfir forensics incident-response malware nirsoft sysinternals unix windows
Last synced: 01 Aug 2024
https://github.com/incidentalhq/incidental
An opensource incident management platform integrating with Slack.
incident incident-management incident-response open-source python3 react
Last synced: 01 Aug 2024
https://github.com/eschultze/urlextractor
Information gathering & website reconnaissance | https://phishstats.info/
abuse domain incident-response information-extraction information-gathering malicious-domains malware osint phishing shodan virustotal whois
Last synced: 01 Aug 2024
https://github.com/eschultze/URLextractor
Information gathering & website reconnaissance | https://phishstats.info/
abuse domain incident-response information-extraction information-gathering malicious-domains malware osint phishing shodan virustotal whois
Last synced: 09 Aug 2024
https://github.com/Bert-JanP/Incident-Response-Powershell
PowerShell Digital Forensics & Incident Response Scripts.
forensics-tools incident-response powershell
Last synced: 01 Aug 2024
https://github.com/LearningKijo/KQL
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
edr incident-response kql kusto threat-hunting xdr
Last synced: 01 Aug 2024
https://github.com/evild3ad/MemProcFS-Analyzer
MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
dfir digital-forensics incident-response live-response memory-forensics memprocfs powershell
Last synced: 01 Aug 2024
https://github.com/wazuh/wazuh-ruleset
Wazuh - Ruleset
compliance elasticsearch file-integrity-management ids incident-response intrusion-detection log-analysis loganalyzer monitoring openscap ossec pci-dss policy-monitoring security security-awareness security-hardening vulnerability-detection wazuh
Last synced: 01 Aug 2024
https://github.com/AzureAD/Azure-AD-Incident-Response-PowerShell-Module
The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Product Group in conjunction with the Microsoft Detection and Response Team (DART), to assist in compromise response.
azuread incident-response powershell powershell-module
Last synced: 01 Aug 2024
https://github.com/wazuh/wazuh-dashboard-plugins
Plugins for Wazuh Dashboard
compliance file-integrity-management gdpr ids incident-response intrusion-detection log-analysis loganalyzer monitoring openscap opensearch-dashboards opensearch-plugins ossec pci-dss policy-monitoring security security-awareness security-hardening vulnerability-detection wazuh
Last synced: 03 Aug 2024
https://mthcht.github.io/ThreatHunting-Keywords/
Awesome list of keywords and artifacts for Threat Hunting sessions
awesome-list blueteam detection-engineering dfir elk-stack endpoint-security forensic hacktools incident-response iocs offensive-scripts offensive-security redteam siem sigma-rules soc splunk threat-hunting threat-intelligence threathunting
Last synced: 01 Aug 2024
https://github.com/jmpsec/osctrl
Fast and efficient osquery management
detection-infrastructure endpoint-security host-instrumentation incident-response infrastructure-management osquery security
Last synced: 01 Aug 2024
https://github.com/vm32/Linux-Incident-Response
practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response
digital-forensics digital-forensics-incident-response incident-response ir linux
Last synced: 01 Aug 2024
https://github.com/cloudtracer/ThreatPinchLookup
Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
alienvault censys cert chrome-extension circl cve dfir ibm-xforce incident-response misp osint passivetotal security shodan threat-hunting threat-sharing threatintel threatminer virustotal whois
Last synced: 01 Aug 2024
https://github.com/op7ic/EDR-Testing-Script
Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
att edr edr-solutions incident-response mitre security security-audit
Last synced: 01 Aug 2024
https://github.com/SecurityBrewery/catalyst
Catalyst is an open source SOAR and ticket system that helps to automate alert handling and incident response processes
dfir digital-forensics incident-response soar
Last synced: 17 Sep 2024
https://github.com/netevert/pockint
A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️
dfir incident-response incident-response-tooling infosec infosec-19 osint osint-professionals osint-python osinttool portable python python3 tkinter-gui tkinter-python
Last synced: 02 Aug 2024
https://github.com/sandialabs/scot
Sandia Cyber Omni Tracker (SCOT)
applications cyber-security cybersecurity incident-response javascript perl scr-1627 snl-applications snl-cyber-sec threat-intelligence
Last synced: 31 Jul 2024
https://github.com/redaelli/imago-forensics
Imago is a python tool that extract digital evidences from images.
dfir forensics-investigations image-analysis incident-response python
Last synced: 02 Aug 2024
https://github.com/eshlomo1/Microsoft-Sentinel-SecOps
Microsoft Sentinel SOC Operations
azure azure-sentinel cloudsecurity hunting incident-response ir microsoft microsoft-sentinel secops security siem soc threat-hunting threat-intelligence
Last synced: 02 Aug 2024
https://github.com/BSI-Bund/RdpCacheStitcher
RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
cybersecurity dfir digitalforensics forensics incident-response incident-response-tooling rdp security
Last synced: 01 Aug 2024
https://github.com/WithSecureLabs/LinuxCatScale
Incident Response collection and processing scripts with automated reporting scripts
collection countercept incident-response linux triage
Last synced: 04 Aug 2024
https://github.com/merlinn-co/merlinn
Open source AI on-call developer 🧙♂️ Get relevant context & root cause analysis in seconds about production incidents and make on-call engineers 10x better 🏎️
aiops alerts chatops-ai devtools in incident incident-response incident-response-tooling llm llm-agent metrics monitoring observability oncall oncall-engineers site-reliability-engineering sre traces
Last synced: 01 Aug 2024
https://github.com/codeyourweb/fastfinder
Incident Response - Fast suspicious file finder
dfir incident-response investigation threat-hunting
Last synced: 01 Aug 2024
https://github.com/utmstack/UTMStack
Customizable SIEM and XDR powered by Real-Time correlation and Threat Intelligence
compliance correlation edr incident-response log-management siem threat-intelligence threat-management utmstack xdr
Last synced: 02 Aug 2024
https://github.com/mvelazc0/Oriana
Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
dfir incident-response threat-hunting
Last synced: 31 Jul 2024
https://github.com/InfosecHouse/InfosecHouse
Tools & Resources for Cyber Security Operations
bugbounty bugbounty-tool defensive-security hacking incident-response infosec infosec-reference infosectools offensive-security penetration-testing-tools pentest-tools resources
Last synced: 02 Aug 2024
https://github.com/center-for-threat-informed-defense/cti-blueprints
CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.
ctid cyber-threat-intelligence cybersecurity incident-response malware-analysis mitre-attack threat-actors threat-informed-defense
Last synced: 01 Aug 2024
https://github.com/bb1nfosec/Information-Security-Tasks
This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
auditing blueteam compliance forensics incident-response information-security malware-analysis osint pentesting redteam steganography
Last synced: 01 Aug 2024
https://github.com/spyre-project/spyre
simple YARA-based IOC scanner
go golang hacktoberfest incident-response ioc linux macos macosx scanner security windows yara yara-scanner
Last synced: 01 Aug 2024
https://github.com/cgosec/Blauhaunt
A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you come from where did you go) in Security Incidents and Threat Hunts
analysis cyber-crime dfir forensics graph incident-response investigation security velociraptor
Last synced: 03 Aug 2024
https://github.com/santosomar/who_and_what_to_follow
Who and what to follow in the world of cyber security
cyber-security cybersecurity incident-response malware network news security
Last synced: 03 Aug 2024
https://github.com/jfarley248/MEAT
This toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices
dfir ediscovery forensics incident-response ios
Last synced: 02 Aug 2024
https://github.com/CityBaseInc/SIAC
SIAC is an enterprise SIEM built on open-source technology.
aws compliance elk fim incident-response intrusion-detection osquery pci-dss secdevops security siem wazuh
Last synced: 01 Aug 2024
https://github.com/Yara-Rules/yara-endpoint
Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
anti-malware endpoint incident-response yara
Last synced: 02 Aug 2024
https://github.com/echoboomer/incident-bot
The Open Source Incident Management Framework
devops docker incident-management incident-response python3 react slack slack-bot
Last synced: 04 Aug 2024
https://github.com/lawndoc/mediator
An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.
end-to-end-encryption handlers incident-response incident-response-tooling live-response pentesting pentesting-tools plugin-system plugins python python-3 python-script python3 red-team red-teaming reverse-shell reverse-shells security-tools socket-programming
Last synced: 04 Aug 2024