incident-response-tooling

There are 57 repositories under incident-response-tooling topic.

meirwah/awesome-incident-response
A curated list of tools for incident response
8.4k 470 161.6k
TheHive-Project/TheHive
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
Language:Scala3.8k 172 2.4k668
cyb3rfox/Aurora-Incident-Response
Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
Language:JavaScript940 47 76115
dfirtrack/dfirtrack
DFIRTrack - The Incident Response Tracking Application
Language:Python521 25 3586
awslabs/aws-cloudsaga
AWS CloudSaga - Simulate security events in AWS
Language:Python468 13 335
aws-samples/aws-health-aware
AHA is an incident management & communication framework to provide real-time alert customers when there are active AWS event(s). For customers with AWS Organizations, customers can get aggregated active account level events of all the accounts in the Organization. Customers not using AWS Organizations still benefit alerting at the account level.
Language:Python364 23 61153
vespperhq/vespper
Open-source AI copilot that lets you chat with your observability data and code 🧙‍♂️
Language:TypeScript354 11 1843
BSI-Bund/RdpCacheStitcher
RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
Language:C++287 11 521
netevert/pockint
A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️
Language:Python282 11 3347
Correia-jpv/fucking-awesome-incident-response
A curated list of tools for incident response. With repository stars⭐ and forks🍴
248 6 037
EC-DIGIT-CSIRC/sysdiagnose
Forensic toolkit for iOS sysdiagnose feature
Language:Python190 12 11020
sandflysecurity/sandfly-entropyscan
Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes.
Language:Go153 5 422
kaansk/shomon
Shodan Monitoring integration for TheHive.
Language:Go130 5 019
joeavanzato/RetrievIR
PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
Language:PowerShell100 4 214
lawndoc/mediator
An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.
Language:Python99 4 1215
emrekybs/MrHandler
Linux Incident Response Reporting
Language:HTML85 4 014
urldna/urldna
The DNA test for websites
Language:Python74 3 110
paulveillard/cybersecurity-incident-response
A collection of awesome tools, software, libraries, learning tutorials & videos, frameworks, best practices and technical resources about Incident Response & Management in Cybersecurity
57 4 011
MutableSecurity/mutablesecurity
CLI program for automating the setup, configuration, and use of cybersecurity solutions
Language:Python47 1 376
HellishPn/Volatility-MM-CS
Volatility MindMap & Cheat Sheet
29 2 18
sandflysecurity/sandfly-file-decloak
Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
Language:Python23 2 05
AlecRandazzo/Packrat
Live system forensic collector
Language:Go16 0 03
WesSec/VelociDeploy-o-Matic
Scripts to for ready-to-use Velociraptor instance deployment in Azure
Language:HCL13 1 03
availabl-co/cwtune
CLI for selecting and back-testing CloudWatch alarm configuration
Language:Python10 1 00
aniketdvd/webams
WebAMS is an Open Source web application for reporting and resolving incidents or tickets
Language:HTML9 5 286
DFE-Digital/slack-incident-bot
A Slack app used for incident management at Department for Education Digital
Language:Ruby9 21 111
NextSecurity/Cortex-Analyzers-Modified
Cortex-Analyzers Modified - SecTeam/CERT/SOC Security orchestration tools on steroids
Language:Python7 1 01
timobrembeck/devops-chatbot
Incident management chatbot for DevOps
Language:Java7 6 04
andygrunwald/go-incident
Go client library for accessing the Incident.io API
Language:Go5 4 83
firew33d/awesome-incident-response
A curated list of tools for incident response
5 2 01
giadom/Debugging_with_API_Monitor
Debug a sample in Windows using also API Monitor.
4 1 00
Rayraegah/postmortem
Get to the root cause of an issue, learn from it, and make sure it doesn’t happen again.
4 1 02
ValtteriL/Detect-Log4Shell
Powershell script to check log files for Log4Shell exploitation
Language:PowerShell4 2 00
righettod/log4shell-payload-grabber
Tool to try to retrieve the java class used as dropper for the RCE in the context of log4shell vulnerability.
Language:Java3 4 1
cyentific-rni/misp-security-playbook-object
This is the workbench for designing and updating the "security-playbook" object template for the MISP project - https://github.com/MISP/misp-objects/blob/main/objects/security-playbook/definition.json
2 1 01
yvesstan/SIEM_Solution-Research-Project
Focus on an openource SIEM to proactively monitor, detect , analyze and respond to real world attacks.
2 1 00

incident-response-tooling

meirwah/awesome-incident-response

TheHive-Project/TheHive

cyb3rfox/Aurora-Incident-Response

dfirtrack/dfirtrack

awslabs/aws-cloudsaga

aws-samples/aws-health-aware

vespperhq/vespper

BSI-Bund/RdpCacheStitcher

netevert/pockint

Correia-jpv/fucking-awesome-incident-response

EC-DIGIT-CSIRC/sysdiagnose

sandflysecurity/sandfly-entropyscan

kaansk/shomon

joeavanzato/RetrievIR

lawndoc/mediator

emrekybs/MrHandler

urldna/urldna

paulveillard/cybersecurity-incident-response

MutableSecurity/mutablesecurity

HellishPn/Volatility-MM-CS

sandflysecurity/sandfly-file-decloak

AlecRandazzo/Packrat

WesSec/VelociDeploy-o-Matic

availabl-co/cwtune

aniketdvd/webams

DFE-Digital/slack-incident-bot

NextSecurity/Cortex-Analyzers-Modified

timobrembeck/devops-chatbot

andygrunwald/go-incident

firew33d/awesome-incident-response

giadom/Debugging_with_API_Monitor

Rayraegah/postmortem

ValtteriL/Detect-Log4Shell

righettod/log4shell-payload-grabber

cyentific-rni/misp-security-playbook-object

yvesstan/SIEM_Solution-Research-Project