There are 60 repositories under dfir topic.
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
A curated list of tools for incident response
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Automate the creation of a lab environment complete with security tooling and logging best practices
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
A curated list of awesome forensic analysis tools and resources
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
IntelOwl: manage your Threat Intelligence at scale
Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
Investigate malicious Windows logon by visualizing and analyzing Windows event log
Rapidly Search and Hunt through Windows Forensic Artefacts
A repository of sysmon configuration modules
YARA signature and IOC database for my scanners and tools
Windows Events Attack Samples
A list of cyber-chef recipes and curated links
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Your Everyday Threat Intelligence
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Educational, CTF-styled labs for individuals interested in Memory Forensics
You didn't think I'd go and leave the blue team out, right?
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Cortex: a Powerful Observable Analysis and Active Response Engine
A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
Web browser forensics for Google Chrome/Chromium
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
A collection of resources for Threat Hunters - Sponsored by Falcon Guard