incident-response-tooling

There are 12 repositories under incident-response-tooling topic.

• meirwah / awesome-incident-response

  A curated list of tools for incident response

  incident-responsesecuritycybersecuritydfirawesome-listawesomelistincident-response-tooling
  7170
• TheHive

  TheHive-Project / TheHive

  TheHive: a Scalable, Open Source and Free Security Incident Response Platform

  mispsecurity-incidentsanalyzeriocsthehivedigital-forensicsincident-responserestapiscalainvestigationsdfirfreeopen-sourceplatformcortexagplv3orchestrationincident-managementincident-response-tooling
  Language:Scala 3235

• cyb3rfox / Aurora-Incident-Response

  Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders

  incident-responseincident-managementincident-response-tooling
  Language:JavaScript 726

• dfirtrack / dfirtrack

  DFIRTrack - The Incident Response Tracking Application

  incident-responsedigital-forensicsdfirincident-response-toolingincident-management
  Language:Python 465

• awslabs / aws-cloudsaga

  AWS CloudSaga - Simulate security events in AWS

  awsblue-teamincident-response-toolingpurple-teamred-teamingsecuritysecurity-audit
  Language:Python 427

• aws-samples / aws-health-aware

  AHA is an incident management & communication framework to provide real-time alert customers when there are active AWS event(s). For customers with AWS Organizations, customers can get aggregated active account level events of all the accounts in the Organization. Customers not using AWS Organizations still benefit alerting at the account level.

  heath-checkhealthserverlessincident-response-toolingincident-managementalerts
  Language:Python 319

• netevert / pockint

  A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️

  dfirincident-responsetkinter-guitkinter-pythonpython3infosecincident-response-toolinginfosec-19osintosint-pythonosinttoolosint-professionalspythonportable
  Language:Python 259

• BSI-Bund / RdpCacheStitcher

  RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.

  securitydfirincident-responsecybersecurityincident-response-toolingforensicsdigitalforensicsrdp
  Language:C++ 227

• Correia-jpv / fucking-awesome-incident-response

  A curated list of tools for incident response. With repository stars⭐ and forks🍴

  awesomeawesome-listdfirdfir-automationdigital-forensicsdigitalforensicsincidentincident-managementincident-reportsincident-responseincident-response-toolingincidentslistsecurity
  152

• KaanSK / shomon

  Shodan Monitoring integration for TheHive.

  shodanthehiveincident-responsesecurity-toolssecurityincident-managementincident-response-toolinggolang
  Language:Go 130
• sandfly-entropyscan

  sandflysecurity / sandfly-entropyscan

  Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes.

  blueteamblueteaminincident-responseincident-response-toolingintrusion-detectionintrusion-detection-systemlinuxmalwaremalware-analysismalware-researchsecurity
  Language:Go 129
• sysdiagnose

  EC-DIGIT-CSIRC / sysdiagnose

  Forensic toolkit for iOS sysdiagnose feature

  forensic-analysisincident-response-toolingpython
  Language:Python 107

• lawndoc / mediator

  An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.

  reverse-shellend-to-end-encryptionsecurity-toolslive-responsepentestingpentesting-toolssocket-programmingpython-scriptreverse-shellshandlerspythonpython3python-3red-teamred-teamingincident-response-toolingincident-responsepluginsplugin-system
  Language:Python 97

• emrekybs / MrHandler

  Linux Incident Response Reporting

  cyber-securityforensics-investigationsforensics-toolsincident-managementincident-responseincident-response-toolinglinuxpython
  Language:HTML 51

• MutableSecurity / mutablesecurity

  CLI program for automating the setup, configuration, and use of cybersecurity solutions

  cybersecurity-solutionssecurity-automationincident-response-tooling
  Language:Python 41

• paulveillard / cybersecurity-incident-response

  A collection of awesome tools, software, libraries, learning tutorials & videos, frameworks, best practices and technical resources about Incident Response & Management in Cybersecurity

  incident-responseincidentincident-managementincident-response-toolingcybersecurity-educationon-callpagerdutyvictoropssplunkdatadogsplunk-applicationalertsalertsmanagerincidents-reportscybersecurity-incidentscybersecurity-incident-response
  41

• HellishPn / Volatility-MM-CS

  Volatility MindMap & Cheat Sheet

  volatilityforensicsbluteamthreathuntingincident-response-toolingmindmapcheatsheet
  29

• sandflysecurity / sandfly-file-decloak

  Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.

  blueteamincident-responseincident-response-toolingintrusion-detectionlinuxmalwaremalware-detectionrootkitrootkit-hunterrootkit-kernel
  Language:Python 17

• AlecRandazzo / Packrat

  Live system forensic collector

  edr-toolsetsdfirforensicsforensics-investigationsincident-response-toolingincident-response
  Language:Go 16

• WesSec / VelociDeploy-o-Matic

  Scripts to for ready-to-use Velociraptor instance deployment in Azure

  ansibleazureincident-responseincident-response-toolingterraformvelociraptor
  Language:HCL 11

• availabl-co / cwtune

  CLI for selecting and back-testing CloudWatch alarm configuration

  awscloudwatchincident-response-toolingobservabilityclicloud-managementdeveloper-toolslinuxmacospythonshellterminalwindows
  Language:Python 10

• aniketdvd / webams

  WebAMS is an Open Source web application for reporting and resolving incidents or tickets

  nodejsitilticketing-systemticket-managementjavascriptwebapplicationissue-trackerissue-tracking-systemincident-managementincident-response-tooling
  Language:HTML 9

• DFE-Digital / slack-incident-bot

  A Slack app used for incident management at Department for Education Digital

  slackbotrubyrailsincident-managementincident-responseincidentslack-botruby-on-railsincident-response-toolingincident-handlingslack-apislack-commands
  Language:Ruby 7

• NextSecurity / Cortex-Analyzers-Modified

  Cortex-Analyzers Modified - SecTeam/CERT/SOC Security orchestration tools on steroids

  security-automationsecurity-orchestrationnextsecuritycyber-security-teamsecurity-toolsdfirdfir-automationcyber-threat-intelligencedigital-forensicsforensics-investigationsforensicsiocioc-frameworksecopsblue-teamsoarcybersecurity-incidentsincident-responseincident-response-tooling
  Language:Python 6

• timobrembeck / devops-chatbot

  Incident management chatbot for DevOps

  chatbotchatbotdevopsdevops-toolsdevops-servicesdevops-workflowdevops-pipelineawsaws-lambdaaws-lexincident-managementincident-response-toolingincident-escalationincident-reportsincident-responseincidentincidents
  Language:Java 6

• andygrunwald / go-incident

  Go client library for accessing the Incident.io API

  apiclient-librarygogolanghacktoberfestincident-managementincident-response-toolingincidentio
  Language:Go 5

• firew33d / awesome-incident-response

  A curated list of tools for incident response

  incident-responseincident-managementincident-response-tooling
  5

• Rayraegah / postmortem

  Get to the root cause of an issue, learn from it, and make sure it doesn’t happen again.

  postmortem-templatesincident-managementincident-response-tooling
  4

• righettod / log4shell-payload-grabber

  Tool to try to retrieve the java class used as dropper for the RCE in the context of log4shell vulnerability.

  incident-response-toolingjava-8log4shell
  Language:Java 3

• ValtteriL / Detect-Log4Shell

  Powershell script to check log files for Log4Shell exploitation

  incident-response-toolinglog-analysislog4jlog4shell
  Language:PowerShell 3

• cyentific-rni / misp-security-playbook-object

  This is the workbench for designing and updating the "security-playbook" object template for the MISP project - https://github.com/MISP/misp-objects/blob/main/objects/security-playbook/definition.json

  mispcyber-threat-intelligenceincident-response-toolingmisp-objectsorchestration-workflowssecurity-playbooks
  2

• jonasw234 / systeminfo.py

  systeminfo command for offline system images

  blueteamingforensicsincident-response-toolingwindows
  Language:Python 2

• b401 / goHive5

  goHive5 is an unofficial API client library for TheHive5

  incident-responseincident-response-toolingthehive-projectthehive5
  Language:Go 1

• giadom / Debugging_with_API_Monitor

  Debug a sample in Windows using also API Monitor.

  apiapi-monitorapi-monitoringdebuggingdebugging-toolsdynamic-analysisfiltersmalware-analysissamplewindowsanalysisdebuggerreverse-engineeringsave-the-dayincident-responseincident-response-tooling
  1

• SOC-101 / SOC-Introduction

  Introduction to SOC and related terminologies.

  sochardeningincident-responseincident-response-toolingsiemsoarblue-teamscyber-threat-intelligencesecurity-operations
  1

• zam89 / VT_Domain_Checker

  Check domain in question to VT

  incident-handlingincident-responseincident-response-toolingincidentresponsepythonpython-3python3virustotalvirustotal-python
  Language:Python 1