There are 4 repositories under csirt topic.
A collection of sources of documentation, as well as field best practices, to build/run a SOC
Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Distributed malware processing framework based on Python, Redis and S3.
evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
DomainClassifier is a Python (2/3) library to extract and classify Internet domains/hostnames/IP addresses from raw unstructured text files following their DNS existence, localization or attributes.
BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN)
Incident Response Network Tools
Exporting MISP event attributes to yara rules usable with Thor apt scanner
Detecting Cobalt Strike Team Servers on targets through traffic telemetry.
CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools
Tools used by CSIRT and especially in the scope of CNW
IntelMQ command line tool to process events and send out email notifications.
Static configuration extractor for the Karton framework
Automation SIG
File type classifier for the Karton framework.
AutoIt script ripper for Karton framework
A small Flask application that allows for Karton task and queue introspection.
Extractor of various archive formats for Karton framework
File and analysis artifacts yara matcher for Karton framework
awesome-R-cyber-security
Various decoders for ascii-encoded executables for Karton framework
Karton service that uploads analyzed artifacts and metadata to MWDB Core
Ansible role to install IntelMQ (work in progress)
Manage your detection use cases portfolio
Markdown version of the FIRST CSIRT Basic Course https://www.first.org/education/trainings
Report Storage and Tracking of Observations and Records Efficiently
A small program to monitor the latest published vulnerabilities and also match it with the desired brands and products and announce it to email, Discord, etc.