csirt
There are 43 repositories under csirt topic.
cyb3rxp/awesome-soc
A collection of sources of documentation, as well as field best practices, to build/run a SOC
certtools/intelmq
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Spacial/awesome-csirt
Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
CERT-Polska/karton
Distributed malware processing framework based on Python, Redis and S3.
NVISOsecurity/evtx-hunter
evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
adulau/DomainClassifier
DomainClassifier is a Python (2/3) library to extract and classify Internet domains/hostnames/IP addresses from raw unstructured text files following their DNS existence, localization or attributes.
D4-project/BGP-Ranking
BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN)
CERTCC/VINCE
VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordinated vulnerability disclosure. VINCE is a Python-based web platform.
CERT-Bund/IRNetTools
Incident Response Network Tools
CERT-Bund/yara-exporter
Exporting MISP event attributes to yara rules usable with Thor apt scanner
eremit4/cs-discovery
Detecting Cobalt Strike Team Servers on targets through traffic telemetry.
CZ-NIC/convey
CSV processing and web related data types mutual conversion
csirt-tooling-org/csirt-tooling-best-practices
CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools
GEANT/TRANSITS
Home for TRANSITS materials
csirt-tooling-org/tooling-directory
Tools used by CSIRT and especially in the scope of CNW
JMousqueton/Badware
Ransomware for demonstration
Intevation/intelmq-mailgen
IntelMQ command line tool to process events and send out email notifications.
CERT-Polska/karton-config-extractor
Static configuration extractor for the Karton framework
FIRSTdotorg/automation-sig-www
Automation SIG
CERT-Polska/karton-autoit-ripper
AutoIt script ripper for Karton framework
CERT-Polska/karton-classifier
File type classifier for the Karton framework.
CERT-Polska/karton-dashboard
A small Flask application that allows for Karton task and queue introspection.
CERTUNLP/ngen
Ngen api with Django
CERT-Polska/karton-archive-extractor
Extractor of various archive formats for Karton framework
CERT-Polska/karton-yaramatcher
File and analysis artifacts yara matcher for Karton framework
cudeso/ics-csirt-website
Website of https://www.ics-csirt.io/
MonaxGT/awesome-R-cyber-security
awesome-R-cyber-security
CERT-Polska/karton-asciimagic
Various decoders for ascii-encoded executables for Karton framework
CERT-Polska/karton-mwdb-reporter
Karton service that uploads analyzed artifacts and metadata to MWDB Core
CERTUNLP/ngen-frontend
React frontend for the Ngen project
sebix/ansible-intelmq
Ansible role to install IntelMQ (work in progress)
EnvoyProject/envoyctl
cli app to control the Envoy Project app
ninoseki/first-csirt-basic-course-md
Markdown version of the FIRST CSIRT Basic Course https://www.first.org/education/trainings
scandale-project/RSTORE
Report Storage and Tracking of Observations and Records Efficiently
colvert-project/colvert
A tool to manage your detection use cases portfolio