Awesome Open Source
Awesome Open Source
Combined Topics
incident-response x
Advertising 📦 9
All Projects
Application Programming Interfaces 📦 120
Applications 📦 181
Artificial Intelligence 📦 72
Blockchain 📦 70
Build Tools 📦 111
Cloud Computing 📦 79
Code Quality 📦 28
Collaboration 📦 30
Command Line Interface 📦 48
Community 📦 81
Companies 📦 60
Compilers 📦 60
Computer Science 📦 74
Configuration Management 📦 39
Content Management 📦 167
Control Flow 📦 197
Data Formats 📦 77
Data Processing 📦 266
Data Storage 📦 132
Economics 📦 60
Frameworks 📦 198
Games 📦 122
Graphics 📦 103
Hardware 📦 148
Integrated Development Environments 📦 47
Learning Resources 📦 147
Legal 📦 28
Libraries 📦 119
Lists Of Projects 📦 21
Machine Learning 📦 336
Mapping 📦 61
Marketing 📦 15
Mathematics 📦 55
Media 📦 228
Messaging 📦 97
Networking 📦 304
Operating Systems 📦 84
Operations 📦 120
Package Managers 📦 52
Programming Languages 📦 229
Runtime Environments 📦 96
Science 📦 42
Security 📦 375
Social Media 📦 26
Software Architecture 📦 70
Software Development 📦 68
Software Performance 📦 57
Software Quality 📦 127
Text Editors 📦 45
Text Processing 📦 131
User Interface 📦 310
User Interface Components 📦 465
Version Control 📦 29
Virtualization 📦 68
Web Browsers 📦 38
Web Servers 📦 25
Web User Interface 📦 194

The Top 216 Incident Response Open Source Projects on Github

Categories > Operations > Incident Response
Awesome Sre ⭐ 7,612
A curated list of Site Reliability and Production Engineering resources.
Howtheysre ⭐ 6,865
A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)
My Arsenal Of Aws Security Tools ⭐ 6,223
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
Awesome Incident Response ⭐ 4,648
A curated list of tools for incident response
Wazuh ⭐ 3,071
Wazuh - The Open Source Security Platform
Thehive ⭐ 2,268
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
Intelowl ⭐ 2,098
Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Sleuthkit ⭐ 1,939
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Response ⭐ 1,298
Monzo's real-time incident response and reporting tool ⚡️
Cyberchef Recipes ⭐ 1,098
A list of cyber-chef recipes and curated links
Beagle ⭐ 994
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Velociraptor ⭐ 993
Digging Deeper....
Incident Response Docs ⭐ 895
PagerDuty's Incident Response Documentation.
Cortex ⭐ 800
Cortex: a Powerful Observable Analysis and Active Response Engine
Bashfuscator ⭐ 724
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Intelmq ⭐ 702
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Fame ⭐ 702
FAME Automates Malware Evaluation
Atomic Threat Coverage ⭐ 686
Actionable analytics designed to combat threats
Incident Playbook ⭐ 673
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
Opcde ⭐ 551
OPCDE Cybersecurity Conference Materials
Apt Hunter ⭐ 538
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
Osquery Configuration ⭐ 527
A repository for using osquery for incident detection and response
Watcher ⭐ 451
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Patrowlmanager ⭐ 431
PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Fcl ⭐ 411
FCL (Fileless Command Lines) - Known command lines of fileless malicious executions
Asn ⭐ 400
ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation and geolocation lookup tool / Traceroute server
Thehivedocs ⭐ 365
Documentation of TheHive
Kuiper ⭐ 363
Digital Forensics Investigation Platform
Urlextractor ⭐ 344
Information gathering & website reconnaissance | https://phishstats.info/
Atc React ⭐ 336
A knowledge base of actionable Incident Response techniques
Vast ⭐ 328
🔮 Visibility Across Space and Time – The network telemetry engine for data-driven security investigations.
Wazuh Ruleset ⭐ 318
Wazuh - Ruleset
Dfirtrack ⭐ 317
DFIRTrack - The Incident Response Tracking Application
Ir Rescue ⭐ 309
A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
Windows Auditing Mindmap ⭐ 301
Set of Mindmaps providing a detailed overview of the different #Windows auditing capacities and event log files.
Cortex Analyzers ⭐ 298
Cortex Analyzers Repository
Wazuh Docker ⭐ 269
Wazuh - Docker containers
Wazuh Kibana App ⭐ 253
Wazuh - Kibana plugin
Threatpinchlookup ⭐ 236
Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Aurora Incident Response ⭐ 229
Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
Dfir Orc ⭐ 222
Forensics artefact collection tool for systems running Microsoft Windows
Awesome Event Ids ⭐ 215
Collection of Event ID ressources useful for Digital Forensics and Incident Response
Osctrl ⭐ 209
Fast and efficient osquery management
Scot ⭐ 207
Sandia Cyber Omni Tracker (SCOT)
Thephish ⭐ 194
ThePhish: an automated phishing email analysis tool
Misp Taxonomies ⭐ 190
Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.
Pockint ⭐ 188
A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️
Pypowershellxray ⭐ 184
Python script to decode common encoded PowerShell scripts
Patrowlengines ⭐ 180
PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Mindmaps ⭐ 172
#ThreatHunting #DFIR #Malware #Detection Mind Maps
Litmus_test ⭐ 168
Detecting ATT&CK techniques & tactics for Linux
Weffles ⭐ 161
Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
Thehive4py ⭐ 160
Python API Client for TheHive
Edr Testing Script ⭐ 154
Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Imago Forensics ⭐ 144
Imago is a python tool that extract digital evidences from images.
Mthc ⭐ 144
All-in-one bundle of MISP, TheHive and Cortex
Oriana ⭐ 136
Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Wazuh Ansible ⭐ 136
Wazuh - Ansible playbook
Information Security Tasks ⭐ 126
This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Uac ⭐ 123
UAC is a Live Response collection tool for Incident Response that makes use of built-in tools to automate the collection of Unix-like systems artifacts.
Awesome ⭐ 121
A curated list of awesome things related to TheHive & Cortex
Who_and_what_to_follow ⭐ 118
Who and what to follow in the world of cyber security
Invoke Liveresponse ⭐ 118
Invoke-LiveResponse
Rdpcachestitcher ⭐ 106
RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
Malwaremustdie ⭐ 106
repository of tools & resources of the MMD team
Spyre ⭐ 104
simple YARA-based IOC scanner
Azurehunter ⭐ 100
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
Patrowldocs ⭐ 98
PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Cdir ⭐ 93
CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library
Wazuh Documentation ⭐ 92
Wazuh - Project documentation
Siac ⭐ 87
SIAC is an enterprise SIEM built on open-source technology.
Assisted Log Enabler For Aws ⭐ 77
Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.
Wheel Of Misfortune ⭐ 72
A role-playing game for incident management training
Threathunt ⭐ 70
ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Gsvsoc_cirt Playbook Battle Cards ⭐ 70
Cyber Incident Response Team Playbook Battle Cards
Squidmagic ⭐ 70
analyze a web-based network traffic 🕶 to detect central command and control servers
Yara Endpoint ⭐ 68
Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Ioc Explorer ⭐ 66
Explore Indicators of Compromise Automatically
Mediator ⭐ 64
An extensible, end-to-end encrypted reverse shell with a novel approach to its architecture
Aws Security Hub Response And Remediation ⭐ 55
Pre-configured response & remediation playbooks for AWS Security Hub
Rhq ⭐ 53
Recon Hunt Queries
Incident Response Plan Template ⭐ 52
A concise, directive, specific, flexible, and free incident response plan template
Compliance ⭐ 50
Legal, procedural and policies document templates for operating an IRT
Powergrr ⭐ 50
PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.
Bits_parser ⭐ 48
Extract BITS jobs from QMGR queue and store them as CSV records
Postmortem Docs ⭐ 47
PagerDuty's Public Postmortem Documentation
Infosechouse ⭐ 47
Infosec resource center for offensive and defensive security operations.
Ios Triage ⭐ 47
incident response tool for iOS devices
Historicprocesstree ⭐ 46
An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
Power Response ⭐ 43
Powering Up Incident Response with Power-Response
Analyst Casefile ⭐ 43
Maltego CaseFile entities for information security investigations, malware analysis and incident response
Scripting ⭐ 42
PS / Bash / Python / Other scripts For FUN!
Wazuh Packages ⭐ 42
Wazuh - Tools for packages creation
Trident ⭐ 42
A PowerShell incident response script for quick triage
Blazescan ⭐ 41
Blazescan is a linux webserver malware scanning and incident response tool, with built in support for cPanel servers, but will run on any linux based server.
Wazuh Api ⭐ 41
Wazuh - RESTful API
Docker Yara ⭐ 40
Yara Dockerfile
Docker Templates ⭐ 40
Docker configurations for TheHive, Cortex and 3rd party tools
Synapse ⭐ 40
Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform
Training Materials ⭐ 39
1-100 of 216 projects

Related Projects

Dfir Incident Response Projects (77)
Python Incident Response Projects (74)
Security Incident Response Projects (51)
Forensics Incident Response Projects (36)
Threat Hunting Incident Response Projects (35)
Cybersecurity Incident Response Projects (34)
Python Dfir Incident Response Projects (26)
Powershell Incident Response Projects (26)
Incident Response Digital Forensics Projects (24)
Forensics Dfir Incident Response Projects (23)
Advertising 📦 9
All Projects
Application Programming Interfaces 📦 120
Applications 📦 181
Artificial Intelligence 📦 72
Blockchain 📦 70
Build Tools 📦 111
Cloud Computing 📦 79
Code Quality 📦 28
Collaboration 📦 30
Command Line Interface 📦 48
Community 📦 81
Companies 📦 60
Compilers 📦 60
Computer Science 📦 74
Configuration Management 📦 39
Content Management 📦 167
Control Flow 📦 197
Data Formats 📦 77
Data Processing 📦 266
Data Storage 📦 132
Economics 📦 60
Frameworks 📦 198
Games 📦 122
Graphics 📦 103
Hardware 📦 148
Integrated Development Environments 📦 47
Learning Resources 📦 147
Legal 📦 28
Libraries 📦 119
Lists Of Projects 📦 21
Machine Learning 📦 336
Mapping 📦 61
Marketing 📦 15
Mathematics 📦 55
Media 📦 228
Messaging 📦 97
Networking 📦 304
Operating Systems 📦 84
Operations 📦 120
Package Managers 📦 52
Programming Languages 📦 229
Runtime Environments 📦 96
Science 📦 42
Security 📦 375
Social Media 📦 26
Software Architecture 📦 70
Software Development 📦 68
Software Performance 📦 57
Software Quality 📦 127
Text Editors 📦 45
Text Processing 📦 131
User Interface 📦 310
User Interface Components 📦 465
Version Control 📦 29
Virtualization 📦 68
Web Browsers 📦 38
Web Servers 📦 25
Web User Interface 📦 194
Privacy policy
"GitHub" is a registered trademark of GitHub, Inc. Awesome Open Source is not affiliated with GitHub.

All non readme contents or Github based topics or project metadata copyright Awesome Open Source 2018-2021