incident-response-tooling

There are 55 repositories under incident-response-tooling topic.

meirwah/awesome-incident-response
A curated list of tools for incident response
7.8k 465 141.5k
TheHive-Project/TheHive
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
Language:Scala3.5k 171 2.4k632
cyb3rfox/Aurora-Incident-Response
Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
Language:JavaScript777 42 7681
dfirtrack/dfirtrack
DFIRTrack - The Incident Response Tracking Application
Language:Python485 25 3575
awslabs/aws-cloudsaga
AWS CloudSaga - Simulate security events in AWS
Language:Python445 14 332
aws-samples/aws-health-aware
AHA is an incident management & communication framework to provide real-time alert customers when there are active AWS event(s). For customers with AWS Organizations, customers can get aggregated active account level events of all the accounts in the Organization. Customers not using AWS Organizations still benefit alerting at the account level.
Language:Python352 23 56147
vespperhq/vespper
Open-source AI copilot that lets you chat with your observability data and code 🧙‍♂️
Language:TypeScript313 9 1840
netevert/pockint
A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️
Language:Python261 11 3345
BSI-Bund/RdpCacheStitcher
RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
Language:C++245 12 419
Correia-jpv/fucking-awesome-incident-response
A curated list of tools for incident response. With repository stars⭐ and forks🍴
205 7 031
EC-DIGIT-CSIRC/sysdiagnose
Forensic toolkit for iOS sysdiagnose feature
Language:Python170 12 10314
sandflysecurity/sandfly-entropyscan
Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes.
Language:Go146 5 421
KaanSK/shomon
Shodan Monitoring integration for TheHive.
Language:Go130 6 019
lawndoc/mediator
An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.
Language:Python98 4 1215
joeavanzato/RetrievIR
PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
Language:PowerShell93 4 214
emrekybs/MrHandler
Linux Incident Response Reporting
Language:HTML82 4 012
urldna/urldna
The DNA test for websites
Language:Python59 2 07
paulveillard/cybersecurity-incident-response
A collection of awesome tools, software, libraries, learning tutorials & videos, frameworks, best practices and technical resources about Incident Response & Management in Cybersecurity
48 4 09
MutableSecurity/mutablesecurity
CLI program for automating the setup, configuration, and use of cybersecurity solutions
Language:Python45 1 377
HellishPn/Volatility-MM-CS
Volatility MindMap & Cheat Sheet
29 2 18
sandflysecurity/sandfly-file-decloak
Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
Language:Python20 2 03
AlecRandazzo/Packrat
Live system forensic collector
Language:Go16 0 02
WesSec/VelociDeploy-o-Matic
Scripts to for ready-to-use Velociraptor instance deployment in Azure
Language:HCL13 1 03
availabl-co/cwtune
CLI for selecting and back-testing CloudWatch alarm configuration
Language:Python11 1 00
aniketdvd/webams
WebAMS is an Open Source web application for reporting and resolving incidents or tickets
Language:HTML9 5 286
DFE-Digital/slack-incident-bot
A Slack app used for incident management at Department for Education Digital
Language:Ruby9 23 111
NextSecurity/Cortex-Analyzers-Modified
Cortex-Analyzers Modified - SecTeam/CERT/SOC Security orchestration tools on steroids
Language:Python7 2 01
timobrembeck/devops-chatbot
Incident management chatbot for DevOps
Language:Java6 6 04
andygrunwald/go-incident
Go client library for accessing the Incident.io API
Language:Go5 4 82
firew33d/awesome-incident-response
A curated list of tools for incident response
5 2 01
Rayraegah/postmortem
Get to the root cause of an issue, learn from it, and make sure it doesn’t happen again.
4 2 02
ValtteriL/Detect-Log4Shell
Powershell script to check log files for Log4Shell exploitation
Language:PowerShell4 2 00
giadom/Debugging_with_API_Monitor
Debug a sample in Windows using also API Monitor.
3 1 00
righettod/log4shell-payload-grabber
Tool to try to retrieve the java class used as dropper for the RCE in the context of log4shell vulnerability.
Language:Java3 4 1
cyentific-rni/misp-security-playbook-object
This is the workbench for designing and updating the "security-playbook" object template for the MISP project - https://github.com/MISP/misp-objects/blob/main/objects/security-playbook/definition.json
2 1 01
jonasw234/systeminfo.py
systeminfo command for offline system images
Language:Python2 1 00

incident-response-tooling

meirwah/awesome-incident-response

TheHive-Project/TheHive

cyb3rfox/Aurora-Incident-Response

dfirtrack/dfirtrack

awslabs/aws-cloudsaga

aws-samples/aws-health-aware

vespperhq/vespper

netevert/pockint

BSI-Bund/RdpCacheStitcher

Correia-jpv/fucking-awesome-incident-response

EC-DIGIT-CSIRC/sysdiagnose

sandflysecurity/sandfly-entropyscan

KaanSK/shomon

lawndoc/mediator

joeavanzato/RetrievIR

emrekybs/MrHandler

urldna/urldna

paulveillard/cybersecurity-incident-response

MutableSecurity/mutablesecurity

HellishPn/Volatility-MM-CS

sandflysecurity/sandfly-file-decloak

AlecRandazzo/Packrat

WesSec/VelociDeploy-o-Matic

availabl-co/cwtune

aniketdvd/webams

DFE-Digital/slack-incident-bot

NextSecurity/Cortex-Analyzers-Modified

timobrembeck/devops-chatbot

andygrunwald/go-incident

firew33d/awesome-incident-response

Rayraegah/postmortem

ValtteriL/Detect-Log4Shell

giadom/Debugging_with_API_Monitor

righettod/log4shell-payload-grabber

cyentific-rni/misp-security-playbook-object

jonasw234/systeminfo.py