ThreatResponse's repositories
margaritashotgun
Remote Memory Acquisition Tool
ThreatPrep
Python module for evaluation of AWS account best practices around incident handling readieness.
aws_ir_plugins
Core incident handling plugins for aws_ir cli, incident pony, and more.
poor-webhook
An example of a vulnerable slack bot that runs in AWS lambda.
lime-compiler
WIP compiler for lime kernel modules
packer-threatresponse_workstation
Packer build of the ThreatResponse AMI
docker-elk
The ELK stack powered by Docker and Compose.
python-lambda-inspector
A profiler for the lambda sandbox.
serverless-observatory
A zappa project for scoring output of threatresponse serverless profilers.
ssm-acquire
A python module for orchestrating content acquisitions and analysis via amazon ssm.
defense-against-the-dark-arts
Defense against the dark arts blog series code.
serverless-vulnerable-azure
A vulnerable app for Azure functions
cloudtrailbeat
AWS CloudTrail in ElasticSearch
node-lambda-inspector
A profiler for the lambda sandbox.
threatresponse.cloud
middleman generated site
ansible-edda
Edda ansible playbooks for ThreatResponse supported AMI.
aws_ir-api
A chalice API gateway wrapper around aws_ir. **Highly experimental**
auth0-rules
Reference rules for integration for auth0.
csharp-lambda-inspector
A profiler for the lambda sandbox.
federated_access_proxy
BeyondCorp-style federated access proxy
packer-gold
Packer file and lite touch ansible playbook to set up an ansible-container host.
packer-limecompiler
Packer file to build the lime-compiler AMI