Pinned Repositories
aws_ir
Python installable command line utiltity for mitigation of host and key compromises.
aws_ir_plugins
Core incident handling plugins for aws_ir cli, incident pony, and more.
docker-elk
The ELK stack powered by Docker and Compose.
lime-compiler
WIP compiler for lime kernel modules
mad-king
Proof of Concept Zappa Based AWS Persistence and Attack Platform
margaritashotgun
Remote Memory Acquisition Tool
packer-threatresponse_workstation
Packer build of the ThreatResponse AMI
poor-webhook
An example of a vulnerable slack bot that runs in AWS lambda.
ThreatPrep
Python module for evaluation of AWS account best practices around incident handling readieness.
threatresponse_web
Web based analysis platform for use with the AWS_IR command line tool.
ThreatResponse's Repositories
ThreatResponse/aws_ir
Python installable command line utiltity for mitigation of host and key compromises.
ThreatResponse/margaritashotgun
Remote Memory Acquisition Tool
ThreatResponse/ThreatPrep
Python module for evaluation of AWS account best practices around incident handling readieness.
ThreatResponse/mad-king
Proof of Concept Zappa Based AWS Persistence and Attack Platform
ThreatResponse/aws_ir_plugins
Core incident handling plugins for aws_ir cli, incident pony, and more.
ThreatResponse/poor-webhook
An example of a vulnerable slack bot that runs in AWS lambda.
ThreatResponse/lime-compiler
WIP compiler for lime kernel modules
ThreatResponse/packer-threatresponse_workstation
Packer build of the ThreatResponse AMI
ThreatResponse/docker-elk
The ELK stack powered by Docker and Compose.
ThreatResponse/python-lambda-inspector
A profiler for the lambda sandbox.
ThreatResponse/serverless-observatory
A zappa project for scoring output of threatresponse serverless profilers.
ThreatResponse/ssm-acquire
A python module for orchestrating content acquisitions and analysis via amazon ssm.
ThreatResponse/defense-against-the-dark-arts
Defense against the dark arts blog series code.
ThreatResponse/serverless-vulnerable-azure
A vulnerable app for Azure functions
ThreatResponse/cloudtrailbeat
AWS CloudTrail in ElasticSearch
ThreatResponse/node-lambda-inspector
A profiler for the lambda sandbox.
ThreatResponse/threatresponse.cloud
middleman generated site
ThreatResponse/ansible-edda
Edda ansible playbooks for ThreatResponse supported AMI.
ThreatResponse/aws_ir-api
A chalice API gateway wrapper around aws_ir. **Highly experimental**
ThreatResponse/threatresponse-bsides
ThreatResponse/auth0-rules
Reference rules for integration for auth0.
ThreatResponse/bad-repo
Demonstration repository.
ThreatResponse/csharp-lambda-inspector
A profiler for the lambda sandbox.
ThreatResponse/derbycon-preso
ThreatResponse/federated_access_proxy
BeyondCorp-style federated access proxy
ThreatResponse/hovercraft-template
ThreatResponse/packer-gold
Packer file and lite touch ansible playbook to set up an ansible-container host.
ThreatResponse/serverless-showdown-api
ThreatResponse/margaritashotgun-bsides
ThreatResponse/packer-limecompiler
Packer file to build the lime-compiler AMI