Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for incident response
incident-response
x
272 search results found
Mthc
⭐
154
All-in-one bundle of MISP, TheHive and Cortex
Wazuh Documentation
⭐
151
Wazuh - Project documentation
Imago Forensics
⭐
144
Imago is a python tool that extract digital evidences from images.
Kc7
⭐
141
A cybersecurity game in Azure Data Explorer
Invoke Liveresponse
⭐
141
Invoke-LiveResponse
Oriana
⭐
136
Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Awesome
⭐
121
A curated list of awesome things related to TheHive & Cortex
Cdir
⭐
120
CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library
Patrowldocs
⭐
118
PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Socless
⭐
117
The SOCless automation framework
Cti Blueprints
⭐
116
CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.
Jupyter Notebook For Incident Response
⭐
116
A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incident responders in identifying, containing, eradicating, and recovering from an incident.
Malwaremustdie
⭐
115
repository of tools & resources of the MMD team
Fucking Awesome Incident Response
⭐
113
A curated list of tools for incident response. With repository stars⭐ and forks🍴
Sandfly Entropyscan
⭐
108
Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes.
Revily
⭐
108
On-call scheduling and incident response
Rdpcachestitcher
⭐
106
RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
Vanillawindowsreference
⭐
99
A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare and see what's been added with each update. Use these CSVs to create your own known good hash sets!
Linux Incident Response
⭐
98
practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response
Evtx Hunter
⭐
93
evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
Cybersecurity Entry Level
⭐
92
Curso para aprender Ciberseguridad desde cero, en español y 100% gratis. Abarca 5 dominios fundamentales que necesitas conocer para poder dar tus primeros pasos en este apasionante mundo.
Mediator
⭐
91
An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.
Siac
⭐
87
SIAC is an enterprise SIEM built on open-source technology.
Incident Bot
⭐
86
The Open Source Incident Management Framework
Docker Templates
⭐
78
Docker configurations for TheHive, Cortex and 3rd party tools
Wazuh Ossec
⭐
78
WAZUH - The Open Source Security Platform Installation
Shomon
⭐
75
Shodan Monitoring integration for TheHive.
Wheel Of Misfortune
⭐
72
A role-playing game for incident management training
Squidmagic
⭐
70
analyze a web-based network traffic 🕶 to detect central command and control servers
Threathunt
⭐
70
ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Wazuh Packages
⭐
69
Wazuh - Tools for packages creation
Yara Endpoint
⭐
68
Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Ioc Explorer
⭐
66
Explore Indicators of Compromise Automatically
Case
⭐
62
Cyber-investigation Analysis Standard Expression (CASE) Ontology
Cloud Droid
⭐
61
Cloud Incident and Response Simulations
Check_ioc
⭐
58
Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was primarily written to be run on a schedule from a monitoring engine such as Nagios, however, it may also be run from a command-line (for incident response). For more information on the script and the logic behind it, check out https://www.linuxincluded.com/uncovering-indicator
Pywirt
⭐
58
Pywirt - Python Windows Incident Response Toolkit
Tuxresponse
⭐
56
Linux Incident Response
Wazuh Api
⭐
56
Wazuh - RESTful API
Postmortem Docs
⭐
56
PagerDuty's Public Postmortem Documentation
Incidents
⭐
55
Please use https://github.com/veeral-patel/true-positive instead
Aws Security Hub Response And Remediation
⭐
55
Pre-configured response & remediation playbooks for AWS Security Hub
Mobile Incident Response
⭐
52
Mobile Incident Response Book
Pylirt
⭐
52
Pylirt - Python Linux Incident Response Toolkit
Powergrr
⭐
51
PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.
Compliance
⭐
50
Legal, procedural and policies document templates for operating an IRT
Aws Incident Response Playbooks Workshop
⭐
50
Ios Triage
⭐
49
incident response tool for iOS devices
Trident
⭐
49
A PowerShell incident response script for quick triage
Defensomania
⭐
48
Defensomania is a security monitoring and incident response card game.
Bits_parser
⭐
48
Extract BITS jobs from QMGR queue and store them as CSV records
Historicprocesstree
⭐
46
An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
Mimicry
⭐
46
Mimicry is a dynamic deception tool that actively deceives an attacker during exploitation and post-exploitation.
Indxripper
⭐
45
Carve file metadata from NTFS index ($I30) attributes
Analyst Casefile
⭐
43
Maltego CaseFile entities for information security investigations, malware analysis and incident response
Power Response
⭐
43
Powering Up Incident Response with Power-Response
Docker Yara
⭐
42
Yara Dockerfile
Scripting
⭐
42
PS / Bash / Python / Other scripts For FUN!
Blazescan
⭐
41
Blazescan is a linux webserver malware scanning and incident response tool, with built in support for cPanel servers, but will run on any linux based server.
Synapse
⭐
40
Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform
Dcfldd
⭐
39
dcfldd - enhanced version of dd for forensics and security
Training Materials
⭐
39
Inxidents
⭐
39
Incident Monitoring for the Lean and Mean ;)
Artemis
⭐
39
A cross platform forensic parser written in Rust!
Winterfell Collection
⭐
39
Winterfell is a group of windows batch scripts to collect Windows forensics data and perform efficient, and fast incident response and threat hunting activities.
Awesome Endpoint Detection And Response
⭐
39
Collection of tool you need to have in your Endpoint Detection and Response arsenal
Wazuh Puppet
⭐
38
Wazuh - Puppet module
Loki2
⭐
38
LOKI2 - Simple IOC and YARA Scanner
Wazuh Cloudformation
⭐
36
Wazuh - Amazon AWS Cloudformation
Utmstack
⭐
34
Customizable SIEM and XDR powered by Real-Time correlation and Threat Intelligence
Azuread Incident Response
⭐
34
Notes on responding to security breaches relating to Azure AD
Fastfinder
⭐
34
Incident Response - Fast suspicious file finder
Incident Response
⭐
34
Powersponse
⭐
33
PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
Gdpatrol
⭐
31
A Lambda-powered Security Orchestration framework for AWS GuardDuty
Pofr
⭐
31
Penguin OS Forensic (or Flight) Recorder
Logboost
⭐
31
Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, Domain, ASN, DNS and Threat Indicator matches.
Weiyingcloud
⭐
30
维鹰云智能事件平台,告警事件统一接收、降噪、处置
Meat
⭐
28
This toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices
Pstrace
⭐
27
Trace ScriptBlock execution for powershell v2
Apiosintds
⭐
26
On demand query API for https://github.com/davidonzo/Threat-Intel project.
Douglas 042
⭐
26
Powershell script to help Speed up Threat hunting incident response processes
Cortex4py
⭐
26
Python API Client for Cortex
Evilize
⭐
26
Parses Windows event logs files based on SANS Poster
Ngx Charts Builder
⭐
26
🚀 Chart Builder for ngx-charts!
Attack Threat_intel
⭐
23
Graph Representation of MITRE ATT&CK's CTI data
Syntheticsun
⭐
23
SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.
Decipheringual
⭐
23
This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365 Unified Audit Log.
Hikeshi
⭐
21
Hikeshi is a security incident response application that keeps documenting incidents simple, so you can focus on fighting fires.
Simple Live Data Collection
⭐
19
Simple Live Data Collection Tool
Macostriagecollectionscript
⭐
19
A triage data collection script for macOS
Wazuh Chef
⭐
19
Wazuh - Chef cookbooks
Ccxdigger
⭐
19
The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.
Awesome Security Card Games
⭐
18
A curated list of security card games.
Learningfromincidents
⭐
17
Links and resources from my talk about how to learn more from incidents!
Cti Stix Diamond Activity Attack Graph
⭐
17
STIX 2.1 Visualizer, Attack and Activity Thread Graph for Threat Modeling
Pyarascanner
⭐
17
A simple many-rules to many-files YARA scanner for incident response or malware zoos.
Austin Tech Meetups
⭐
17
A comprehensive list of Austin Tech Meetups with Codes of Conduct
Threathunting Keywords Yara Rules
⭐
17
yara detection rules for hunting with the threathunting-keywords project
Prefetch Hash Cracker
⭐
17
A small util to brute-force prefetch hashes
101-200 of 272 search results
< Previous
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.