The Top 67 Incident Response Open Source Projects

Awesome Open Source

Awesome Open Source

Combined Topics

incident-response x

Advertising 📦 10

Application Programming Interfaces 📦 124

Applications 📦 192

Artificial Intelligence 📦 78

Blockchain 📦 73

Build Tools 📦 113

Cloud Computing 📦 80

Code Quality 📦 28

Collaboration 📦 32

Command Line Interface 📦 49

Community 📦 83

Companies 📦 60

Compilers 📦 63

Computer Science 📦 80

Configuration Management 📦 42

Content Management 📦 175

Control Flow 📦 213

Data Formats 📦 78

Data Processing 📦 276

Data Storage 📦 135

Economics 📦 64

Frameworks 📦 215

Graphics 📦 110

Hardware 📦 152

Integrated Development Environments 📦 49

Learning Resources 📦 166

Libraries 📦 129

Lists Of Projects 📦 22

Machine Learning 📦 347

Mapping 📦 64

Marketing 📦 15

Mathematics 📦 55

Messaging 📦 98

Networking 📦 315

Operating Systems 📦 89

Operations 📦 121

Package Managers 📦 55

Programming Languages 📦 245

Runtime Environments 📦 100

Science 📦 42

Security 📦 396

Social Media 📦 27

Software Architecture 📦 72

Software Development 📦 72

Software Performance 📦 58

Software Quality 📦 133

Text Editors 📦 49

Text Processing 📦 136

User Interface 📦 330

User Interface Components 📦 514

Version Control 📦 30

Virtualization 📦 71

Web Browsers 📦 42

Web Servers 📦 26

Web User Interface 📦 210

The Top 67 Incident Response Open Source Projects

Categories > Operations > Incident Response

Awesome Sre ⭐ 5,940

A curated list of Site Reliability and Production Engineering resources.

My Arsenal Of Aws Security Tools ⭐ 5,493

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Awesome Incident Response ⭐ 3,943

A curated list of tools for incident response

Wazuh ⭐ 2,003

Wazuh - The Open Source Security Platform

Thehive ⭐ 1,863

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Sleuthkit ⭐ 1,744

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

Intelowl ⭐ 1,666

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Response ⭐ 1,236

Monzo's real-time incident response and reporting tool ⚡️

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

Incident Response Docs ⭐ 846

PagerDuty's Incident Response Documentation.

FAME Automates Malware Evaluation

Cortex: a Powerful Observable Analysis and Active Response Engine

Bashfuscator ⭐ 633

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

Osquery Configuration ⭐ 609

A repository for using osquery for incident detection and response

Velociraptor ⭐ 608

Digging Deeper....

Intelmq ⭐ 597

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

Open source incident management and response platform.

OPCDE Cybersecurity Conference Materials

Cyberchef Recipes ⭐ 534

A list of cyber-chef recipes and curated links

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

Patrowlmanager ⭐ 348

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Urlextractor ⭐ 340

Information gathering & website reconnaissance | https://phishstats.info/

Thehivedocs ⭐ 339

Documentation of TheHive

Ir Rescue ⭐ 305

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

Wazuh Ruleset ⭐ 303

Wazuh - Ruleset

Watcher ⭐ 294

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

Threatpinchlookup ⭐ 247

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

Cortex Analyzers ⭐ 232

Cortex Analyzers Repository

Dfirtrack ⭐ 224

DFIRTrack - The Incident Response Tracking Application

Digital Forensics Investigation Platform

🔮 Visibility Across Space and Time

Atc React ⭐ 206

A knowledge base of actionable Incident Response techniques

Sandia Cyber Omni Tracker (SCOT)

Wazuh Kibana App ⭐ 203

Wazuh - Kibana plugin

Wazuh Docker ⭐ 200

Wazuh - Docker containers

Dfir Orc ⭐ 197

Forensics artefact collection tool for systems running Microsoft Windows

ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation and geolocation lookup tool / Traceroute server

Pypowershellxray ⭐ 189

Python script to decode common encoded PowerShell scripts

Pockint ⭐ 189

A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️

Litmus_test ⭐ 187

Detecting ATT&CK techniques & tactics for Linux

Fast and efficient osquery management

Weffles ⭐ 175

Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI

Imago Forensics ⭐ 168

Imago is a python tool that extract digital evidences from images.

Misp Taxonomies ⭐ 162

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

Aurora Incident Response ⭐ 153

Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

Patrowlengines ⭐ 146

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Thehive4py ⭐ 133

Python API Client for TheHive

All-in-one bundle of MISP, TheHive and Cortex

Edr Testing Script ⭐ 122

Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

Invoke Liveresponse ⭐ 115

Invoke-LiveResponse

Apt Hunter ⭐ 111

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

Information Security Tasks ⭐ 102

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

SIAC is an enterprise SIEM built on open-source technology.

Patrowldocs ⭐ 99

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Threathunt ⭐ 88

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

A curated list of awesome things related to TheHive & Cortex

Wazuh Documentation ⭐ 78

Wazuh - Project documentation

Yara Endpoint ⭐ 74

Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.

Ioc Explorer ⭐ 73

Explore Indicators of Compromise Automatically

Wheel Of Misfortune ⭐ 50

A role-playing game for incident management training

Historicprocesstree ⭐ 46

An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.

Scripting ⭐ 45

PS / Bash / Python / Other scripts For FUN!

Ios Triage ⭐ 42

incident response tool for iOS devices

Analyst Casefile ⭐ 41

Maltego CaseFile entities for information security investigations, malware analysis and incident response

Cortex4py ⭐ 21

Python API Client for Cortex

Wazuh Chef ⭐ 9

Wazuh - Chef cookbooks

1-67 of 67 projects

Advertising 📦 10

Application Programming Interfaces 📦 124

Applications 📦 192

Artificial Intelligence 📦 78

Blockchain 📦 73

Build Tools 📦 113

Cloud Computing 📦 80

Code Quality 📦 28

Collaboration 📦 32

Command Line Interface 📦 49

Community 📦 83

Companies 📦 60

Compilers 📦 63

Computer Science 📦 80

Configuration Management 📦 42

Content Management 📦 175

Control Flow 📦 213

Data Formats 📦 78

Data Processing 📦 276

Data Storage 📦 135

Economics 📦 64

Frameworks 📦 215

Graphics 📦 110

Hardware 📦 152

Integrated Development Environments 📦 49

Learning Resources 📦 166

Libraries 📦 129

Lists Of Projects 📦 22

Machine Learning 📦 347

Mapping 📦 64

Marketing 📦 15

Mathematics 📦 55

Messaging 📦 98

Networking 📦 315

Operating Systems 📦 89

Operations 📦 121

Package Managers 📦 55

Programming Languages 📦 245

Runtime Environments 📦 100

Science 📦 42

Security 📦 396

Social Media 📦 27

Software Architecture 📦 72

Software Development 📦 72

Software Performance 📦 58

Software Quality 📦 133

Text Editors 📦 49

Text Processing 📦 136

User Interface 📦 330

User Interface Components 📦 514

Version Control 📦 30

Virtualization 📦 71

Web Browsers 📦 42

Web Servers 📦 26

Web User Interface 📦 210