There are 69 repositories under incident-response topic.
A curated list of Site Reliability and Production Engineering resources.
A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
A curated list of tools for incident response
Wazuh - The Open Source Security Platform
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Monzo's real-time incident response and reporting tool ⚡️
A list of cyber-chef recipes and curated links
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
A collection of postmortem templates
Cortex: a Powerful Observable Analysis and Active Response Engine
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
PagerDuty's Incident Response Documentation.
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines.
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
FAME Automates Malware Evaluation
A repository for using osquery for incident detection and response
A collection of resources for Threat Hunters - Sponsored by Falcon Guard
ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
ThePhish: an automated phishing email analysis tool
OPCDE Cybersecurity Conference Materials
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
Collaborative Incident Response platform
Digital Forensics Investigation Platform
PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
FCL (Fileless Command Lines) - Known command lines of fileless malicious executions
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
A knowledge base of actionable Incident Response techniques