csirt

There are 4 repositories under csirt topic.

cyb3rxp / awesome-soc
A collection of sources of documentation, as well as field best practices, to build/run a SOC
architecture cert csirt detection incident-response management mitre-attack purpleteam risk-management siem sirp soa soar soc tip ttp
1009
certtools / intelmq
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
cybersecurity threat ioc malware phishing cert csirt intelligence incident-response alerts feeds incident handling automation ihap python
Language:Python 930
Spacial / awesome-csirt
Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
awesome awesome-list csirt cve exfiltration exploits malware-analysis pentesting poc reverse-engineering secure-programming security threat-intelligence
Language:C 391
karton
CERT-Polska / karton
Distributed malware processing framework based on Python, Redis and S3.
karton cert csirt pipeline malware-analysis malware-research cybersecurity
Language:Python 365
NVISOsecurity / evtx-hunter
evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
threat-hunting evtx incident-response infosec netsec csirt
Language:Python 140
adulau / DomainClassifier
DomainClassifier is a Python (2/3) library to extract and classify Internet domains/hostnames/IP addresses from raw unstructured text files following their DNS existence, localization or attributes.
csirt data-mining location-discovery network-security python-library
Language:Python 74
D4-project / BGP-Ranking
BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN)
bgp bgp-ranking csirt csirt-activities d4-project network-monitoring network-security
Language:Python 64
CERT-Polska / training-materials
training-materials infosec csirt cert training thehive misp moloch intelmq malware incident-response investigation
Language:PHP 49
CERTCC / VINCE
VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordinated vulnerability disclosure. VINCE is a Python-based web platform.
vulnerability vulnerability-management vulnerability-identification coordination cert csirt psirt api django python
Language:Python 47
CERT-Bund / yara-exporter
Exporting MISP event attributes to yara rules usable with Thor apt scanner
misp thor yara apt scanner incident-response analysis cert csirt
Language:Python 22
CERT-Bund / IRNetTools
Incident Response Network Tools
csirt cert incident-response incident-handling network-tools automated-processing ip-address-lookup ip-address-geolocation
Language:Python 21
eremit4 / cs-discovery
Detecting Cobalt Strike Team Servers on targets through traffic telemetry.
cobalt-strike csirt threat-hunting threat-intelligence python cobaltstrike cobaltstrike-detection command-and-control
Language:Python 19
CZ-NIC / convey
CSV processing and web related data types mutual conversion
csv whois csirt e-mail spreadsheet base64 regular-expressions converting-units aggregation xlsx ods json webservice
Language:Python 17
csirt-tooling-org / csirt-tooling-best-practices
CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools
csirt csirt-tooling
Language:Shell 15
GEANT / TRANSITS
Home for TRANSITS materials
csirt training-materials
14
csirt-tooling-org / tooling-directory
Tools used by CSIRT and especially in the scope of CNW
csirt cert tooling-directory
13
Badware
JMousqueton / Badware
Ransomware for demonstration
ransomware malware csirt redteam demo powershell
Language:PowerShell 13
CertAcademico / IncidentResponseTool
Kit de herramientas para atender un incidente de Ciberseguridad y elementos claves para poder gestionar y analizar artefactos basados en una intrusión informática.
cert ciberseguridad csirt cti dfir incidentresponse navajasuiza respuesta-incidentes threathunting
12
Intevation / intelmq-mailgen
IntelMQ command line tool to process events and send out email notifications.
csirt incident-response intelmq mail-notification
Language:Python 9
CERT-Polska / karton-config-extractor
Static configuration extractor for the Karton framework
karton malware-analysis malware-research pipeline cybersecurity cert csirt
Language:Python 7
FIRSTdotorg / automation-sig-www
Automation SIG
automation csirt soc cert cybersecurity incident-response threat-hunting threat-intelligence
Language:Python 7
CERT-Polska / karton-classifier
File type classifier for the Karton framework.
karton malware-analysis malware-research pipeline cybersecurity cert csirt
Language:Python 6
CERT-Polska / karton-dashboard
A small Flask application that allows for Karton task and queue introspection.
karton malware-analysis malware-research pipeline cybersecurity cert csirt
Language:HTML 6
CERT-Polska / karton-archive-extractor
Extractor of various archive formats for Karton framework
karton malware-analysis malware-research pipeline cybersecurity cert csirt
Language:Python 5
CERT-Polska / karton-yaramatcher
File and analysis artifacts yara matcher for Karton framework
karton malware-analysis malware-research pipeline cybersecurity cert csirt yara
Language:Python 5
cudeso / ics-csirt-website
Website of https://www.ics-csirt.io/
ics scada csirt cert
Language:CSS 5
CERTUNLP / ngen
Ngen api with Django
csirt incident-management incident-response rtir security
Language:Python 4
MonaxGT / awesome-R-cyber-security
awesome-R-cyber-security
r cybersecurity security threat-intelligence threat-hunting threat analytics cert soc csirt
4
CERT-Polska / karton-asciimagic
Various decoders for ascii-encoded executables for Karton framework
karton malware-analysis pipeline cybersecurity cert csirt malware-research
Language:Python 3
CERT-Polska / karton-autoit-ripper
AutoIt script ripper for Karton framework
karton malware-analysis malware-research pipeline cybersecurity cert csirt autoit
Language:Python 3
CERT-Polska / karton-mwdb-reporter
Karton service that uploads analyzed artifacts and metadata to MWDB Core
karton malware-analysis malware-research pipeline cybersecurity cert csirt mwdb-core mwdb
Language:Python 2
CERTUNLP / ngen-frontend
React frontend for the Ngen project
csirt incident-response rtir security incident-management
Language:SCSS 2
sebix / ansible-intelmq
Ansible role to install IntelMQ (work in progress)
ansible osint automation intelmq csirt cert
2
EnvoyProject / envoyctl
cli app to control the Envoy Project app
csirt threatintel golang go
Language:Go 1
ninoseki / first-csirt-basic-course-md
Markdown version of the FIRST CSIRT Basic Course https://www.first.org/education/trainings
csirt infosec
1
Mehdi0x90 / CVE-Radar
A small program to monitor the latest published vulnerabilities and also match it with the desired brands and products and announce it to email, Discord, etc.
bug bugbounty cert csirt cve cybersecurity exploit information-security infosec monitoring nvd patch pentesting python redteam vulnerability
Language:Python 0

csirt

cyb3rxp / awesome-soc

certtools / intelmq

Spacial / awesome-csirt

CERT-Polska / karton

NVISOsecurity / evtx-hunter

adulau / DomainClassifier

D4-project / BGP-Ranking

CERT-Polska / training-materials

CERTCC / VINCE

CERT-Bund / yara-exporter

CERT-Bund / IRNetTools

eremit4 / cs-discovery

CZ-NIC / convey

csirt-tooling-org / csirt-tooling-best-practices

GEANT / TRANSITS

csirt-tooling-org / tooling-directory

JMousqueton / Badware

CertAcademico / IncidentResponseTool

Intevation / intelmq-mailgen

CERT-Polska / karton-config-extractor

FIRSTdotorg / automation-sig-www

CERT-Polska / karton-classifier

CERT-Polska / karton-dashboard

CERT-Polska / karton-archive-extractor

CERT-Polska / karton-yaramatcher

cudeso / ics-csirt-website

CERTUNLP / ngen

MonaxGT / awesome-R-cyber-security

CERT-Polska / karton-asciimagic

CERT-Polska / karton-autoit-ripper

CERT-Polska / karton-mwdb-reporter

CERTUNLP / ngen-frontend

sebix / ansible-intelmq

EnvoyProject / envoyctl

ninoseki / first-csirt-basic-course-md

Mehdi0x90 / CVE-Radar