incident-response
There are 646 repositories under incident-response topic.
wazuh/wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
dastergon/awesome-sre
A curated list of Site Reliability and Production Engineering resources.
kubeshark/kubeshark
The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters. Inspired by Wireshark, purposely built for Kubernetes
upgundecha/howtheysre
A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)
toniblyx/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
meirwah/awesome-incident-response
A curated list of tools for incident response
OneUptime/oneuptime
Complete open-source monitoring and observability platform.
0x4D31/awesome-threat-detection
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
intelowlproject/IntelOwl
IntelOwl: manage your Threat Intelligence at scale
TheHive-Project/TheHive
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
volatilityfoundation/volatility3
Volatility 3.0 development
Velocidex/velociraptor
Digging Deeper....
A-poc/BlueTeam-Tools
Tools and Techniques for Blue Team / Incident Response
TracecatHQ/tracecat
All-in-one automation platform (workflows, tables, cases) for security and IT teams. Open source Splunk SOAR / PAN XSOAR / Tines alternative.
sleuthkit/sleuthkit
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Yamato-Security/hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
mattnotmax/cyberchef-recipes
A list of cyber-chef recipes and curated links
danieldurnea/FBI-tools
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
last-byte/PersistenceSniper
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte
Bashfuscator/Bashfuscator
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
nitefood/asn
ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server
monzo/response
Monzo's real-time incident response and reporting tool ⚡️
austinsonger/Incident-Playbook
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
cyb3rxp/awesome-soc
A collection of sources of documentation, as well as field best practices, to build/run a SOC
TheHive-Project/Cortex
Cortex: a Powerful Observable Analysis and Active Response Engine
dastergon/postmortem-templates
A collection of postmortem templates
yampelo/beagle
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
ahmedkhlief/APT-Hunter
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
emalderson/ThePhish
ThePhish: an automated phishing email analysis tool
dfir-iris/iris-web
Collaborative Incident Response platform
tclahr/uac
UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of Unix-like systems, including AIX, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris.
mthcht/awesome-lists
Awesome Security lists for SOC/CERT/CTI
mdecrevoisier/Microsoft-eventlog-mindmap
Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
certtools/intelmq
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
PagerDuty/incident-response-docs
PagerDuty's Incident Response Documentation.
mikeroyal/Open-Source-Security-Guide
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.