Awesome Open Source
Awesome Open Source
Combined Topics
incident-response
x
Advertising
📦 10
All Projects
Application Programming Interfaces
📦 124
Applications
📦 192
Artificial Intelligence
📦 78
Blockchain
📦 73
Build Tools
📦 113
Cloud Computing
📦 80
Code Quality
📦 28
Collaboration
📦 32
Command Line Interface
📦 49
Community
📦 83
Companies
📦 60
Compilers
📦 63
Computer Science
📦 80
Configuration Management
📦 42
Content Management
📦 175
Control Flow
📦 213
Data Formats
📦 78
Data Processing
📦 276
Data Storage
📦 135
Economics
📦 64
Frameworks
📦 215
Games
📦 129
Graphics
📦 110
Hardware
📦 152
Integrated Development Environments
📦 49
Learning Resources
📦 166
Legal
📦 29
Libraries
📦 129
Lists Of Projects
📦 22
Machine Learning
📦 347
Mapping
📦 64
Marketing
📦 15
Mathematics
📦 55
Media
📦 239
Messaging
📦 98
Networking
📦 315
Operating Systems
📦 89
Operations
📦 121
Package Managers
📦 55
Programming Languages
📦 245
Runtime Environments
📦 100
Science
📦 42
Security
📦 396
Social Media
📦 27
Software Architecture
📦 72
Software Development
📦 72
Software Performance
📦 58
Software Quality
📦 133
Text Editors
📦 49
Text Processing
📦 136
User Interface
📦 330
User Interface Components
📦 514
Version Control
📦 30
Virtualization
📦 71
Web Browsers
📦 42
Web Servers
📦 26
Web User Interface
📦 210
The Top 76 Incident Response Open Source Projects
Categories
>
Operations
>
Incident Response
Awesome Sre
⭐
6,971
A curated list of Site Reliability and Production Engineering resources.
Howtheysre
⭐
6,469
A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)
My Arsenal Of Aws Security Tools
⭐
6,088
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
Awesome Incident Response
⭐
4,409
A curated list of tools for incident response
Wazuh
⭐
2,433
Wazuh - The Open Source Security Platform
Thehive
⭐
2,098
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
Intelowl
⭐
1,903
Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Sleuthkit
⭐
1,862
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Response
⭐
1,284
Monzo's real-time incident response and reporting tool ⚡️
Beagle
⭐
1,013
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Cyberchef Recipes
⭐
1,005
A list of cyber-chef recipes and curated links
Incident Response Docs
⭐
880
PagerDuty's Incident Response Documentation.
Velociraptor
⭐
855
Digging Deeper....
Bashfuscator
⭐
749
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Cortex
⭐
739
Cortex: a Powerful Observable Analysis and Active Response Engine
Fame
⭐
691
FAME Automates Malware Evaluation
Intelmq
⭐
658
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Osquery Configuration
⭐
636
A repository for using osquery for incident detection and response
Incident Playbook
⭐
578
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
Cyphon
⭐
560
Open source incident management and response platform.
Opcde
⭐
551
OPCDE Cybersecurity Conference Materials
Fcl
⭐
418
FCL (Fileless Command Lines) - Known command lines of fileless malicious executions
Patrowlmanager
⭐
401
PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Watcher
⭐
400
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Apt Hunter
⭐
381
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
Thehivedocs
⭐
370
Documentation of TheHive
Urlextractor
⭐
353
Information gathering & website reconnaissance | https://phishstats.info/
Ir Rescue
⭐
332
A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
Asn
⭐
329
ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation and geolocation lookup tool / Traceroute server
Kuiper
⭐
315
Digital Forensics Investigation Platform
Wazuh Ruleset
⭐
313
Wazuh - Ruleset
Vast
⭐
294
🔮 Visibility Across Space and Time – The network telemetry engine for data-driven security investigations.
Atc React
⭐
287
A knowledge base of actionable Incident Response techniques
Dfirtrack
⭐
278
DFIRTrack - The Incident Response Tracking Application
Cortex Analyzers
⭐
273
Cortex Analyzers Repository
Threatpinchlookup
⭐
266
Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Wazuh Kibana App
⭐
241
Wazuh - Kibana plugin
Wazuh Docker
⭐
239
Wazuh - Docker containers
Dfir Orc
⭐
221
Forensics artefact collection tool for systems running Microsoft Windows
Aurora Incident Response
⭐
213
Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
Scot
⭐
212
Sandia Cyber Omni Tracker (SCOT)
Pockint
⭐
210
A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️
Litmus_test
⭐
203
Detecting ATT&CK techniques & tactics for Linux
Osctrl
⭐
197
Fast and efficient osquery management
Pypowershellxray
⭐
193
Python script to decode common encoded PowerShell scripts
Imago Forensics
⭐
187
Imago is a python tool that extract digital evidences from images.
Weffles
⭐
181
Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
Misp Taxonomies
⭐
177
Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.
Patrowlengines
⭐
171
PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Oriana
⭐
160
Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Thehive4py
⭐
154
Python API Client for TheHive
Edr Testing Script
⭐
145
Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Mthc
⭐
141
All-in-one bundle of MISP, TheHive and Cortex
Incident Response Plan Template
⭐
138
A concise, directive, specific, flexible, and free incident response plan template
Invoke Liveresponse
⭐
118
Invoke-LiveResponse
Wazuh Ansible
⭐
117
Wazuh - Ansible playbook
Patrowldocs
⭐
116
PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Information Security Tasks
⭐
113
This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Awesome
⭐
106
A curated list of awesome things related to TheHive & Cortex
Siac
⭐
102
SIAC is an enterprise SIEM built on open-source technology.
Threathunt
⭐
98
ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Spyre
⭐
96
simple YARA-based IOC scanner
Wazuh Documentation
⭐
88
Wazuh - Project documentation
Uac
⭐
82
UAC (Unix-like Artifacts Collector) is a Live Response collection tool for Incident Reponse that makes use of built-in tools to automate the collection of Unix-like systems artifacts. Supported systems: AIX, FreeBSD, Linux, macOS, NetBSD, Netscaler, OpenBSD and Solaris.
Ioc Explorer
⭐
78
Explore Indicators of Compromise Automatically
Yara Endpoint
⭐
75
Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Wheel Of Misfortune
⭐
67
A role-playing game for incident management training
Evtx Hunter
⭐
65
evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
Scripting
⭐
50
PS / Bash / Python / Other scripts For FUN!
Ios Triage
⭐
47
incident response tool for iOS devices
Memprocfs Analyzer
⭐
47
MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
Historicprocesstree
⭐
46
An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
Analyst Casefile
⭐
41
Maltego CaseFile entities for information security investigations, malware analysis and incident response
Docker Templates
⭐
34
Docker configurations for TheHive, Cortex and 3rd party tools
Cortex4py
⭐
26
Python API Client for Cortex
Wazuh Chef
⭐
14
Wazuh - Chef cookbooks
1-76 of 76 projects
Advertising
📦 10
All Projects
Application Programming Interfaces
📦 124
Applications
📦 192
Artificial Intelligence
📦 78
Blockchain
📦 73
Build Tools
📦 113
Cloud Computing
📦 80
Code Quality
📦 28
Collaboration
📦 32
Command Line Interface
📦 49
Community
📦 83
Companies
📦 60
Compilers
📦 63
Computer Science
📦 80
Configuration Management
📦 42
Content Management
📦 175
Control Flow
📦 213
Data Formats
📦 78
Data Processing
📦 276
Data Storage
📦 135
Economics
📦 64
Frameworks
📦 215
Games
📦 129
Graphics
📦 110
Hardware
📦 152
Integrated Development Environments
📦 49
Learning Resources
📦 166
Legal
📦 29
Libraries
📦 129
Lists Of Projects
📦 22
Machine Learning
📦 347
Mapping
📦 64
Marketing
📦 15
Mathematics
📦 55
Media
📦 239
Messaging
📦 98
Networking
📦 315
Operating Systems
📦 89
Operations
📦 121
Package Managers
📦 55
Programming Languages
📦 245
Runtime Environments
📦 100
Science
📦 42
Security
📦 396
Social Media
📦 27
Software Architecture
📦 72
Software Development
📦 72
Software Performance
📦 58
Software Quality
📦 133
Text Editors
📦 49
Text Processing
📦 136
User Interface
📦 330
User Interface Components
📦 514
Version Control
📦 30
Virtualization
📦 71
Web Browsers
📦 42
Web Servers
📦 26
Web User Interface
📦 210
