There are 96 repositories under incident-response topic.
A curated list of Site Reliability and Production Engineering resources.
A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
A curated list of tools for incident response
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
IntelOwl: manage your Threat Intelligence at scale
Digging Deeper....
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Tools and Techniques for Blue Team / Incident Response
Volatility 3.0 development
A list of cyber-chef recipes and curated links
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
Cortex: a Powerful Observable Analysis and Active Response Engine
A collection of postmortem templates
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
ThePhish: an automated phishing email analysis tool
A collection of sources of documentation, as well as field best practices, to build/run a SOC
PagerDuty's Incident Response Documentation.
Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
FAME Automates Malware Evaluation
A repository for using osquery for incident detection and response
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.