Topic: incident-response Goto Github

👇 Here are 497 public repositories matching this topic...

0x4d31 / awesome-threat-detection
incident-response,✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️
User: 0x4d31
Home Page: https://0x4d31.github.io/awesome-threat-detection/
awesome awesome-list threat-hunting security detection threat-detection incident-response

a-poc / blueteam-tools
incident-response,Tools and Techniques for Blue Team / Incident Response
User: a-poc
blue-team blueteam cheatsheet incident-response malware-analysis tools vulnerability-management wiki incident resources

a3sal0n / cyberthreathunting
incident-response,A collection of resources for Threat Hunters - Sponsored by Falcon Guard
User: a3sal0n
Home Page: https://falconguard.cz
threat-hunting dfir cybersecurity incident-response threat-intelligence

ahmedkhlief / apt-hunter
incident-response,APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
User: ahmedkhlief
Home Page: https://shells.systems/introducing-apt-hunter-threat-hunting-tool-via-windows-event-log/
threat-hunting purpleteam python3 windows-eventlog apt-attacks incident-response forensic-analysis windows-event-logs

atc-project / atc-react
incident-response,A knowledge base of actionable Incident Response techniques
Organization: atc-project
incident-response response-playbooks dfir thehive mitre-attack amitt

austinsonger / incident-playbook
incident-response,GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
User: austinsonger
cybersecurity playbook cybersecurity-playbook incident-response incident-management incidents mitre-attack mitre contributions-welcome contributors-welcome

bashfuscator / bashfuscator
incident-response,A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Organization: bashfuscator
Home Page: https://bashfuscator.readthedocs.io/en/latest/index.html
bash linux linux-shell obfuscation red-team blue-team evasion incident-response infosec

certsocietegenerale / fame
incident-response,FAME Automates Malware Evaluation
User: certsocietegenerale
Home Page: https://certsocietegenerale.github.io/fame/
malware malware-analysis malware-research framework infosec incident-response

certtools / intelmq
incident-response,IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Organization: certtools
Home Page: https://docs.intelmq.org/latest/
cybersecurity threat ioc malware phishing cert csirt intelligence incident-response alerts

counteractive / incident-response-plan-template
incident-response,A concise, directive, specific, flexible, and free incident response plan template
Organization: counteractive
Home Page: https://www.counteractive.net
incident-response incident incident-management infosec information-security cybersecurity

cyb3rfox / aurora-incident-response
incident-response,Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
User: cyb3rfox
incident-response incident-management incident-response-tooling

cyb3rxp / awesome-soc
incident-response,A collection of sources of documentation, as well as field best practices, to build/run a SOC
User: cyb3rxp
cert csirt detection soc siem sirp soa soar tip architecture

danieldurnea / fbi-tools
incident-response,🕵️ OSINT Tools for gathering information and actions forensics 🕵️
User: danieldurnea
forensics osint cybersecurity hacking security-automation security-tools infosec awesome-list incident-response penetration-testing

darkquasar / azurehunter
incident-response,A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
User: darkquasar
azure digital-forensics cloud-forensics cybersecurity azuresearcher azforensics threat-hunting threathunting incident-response unifiedauditlog

dastergon / awesome-sre
incident-response,A curated list of Site Reliability and Production Engineering resources.
User: dastergon
Home Page: https://sre.xyz
site-reliability-engineering production availability monitoring post-mortem reliability-engineering capacity-planning service-level-agreement scalability reliability

dastergon / postmortem-templates
incident-response,A collection of postmortem templates
User: dastergon
site-reliability-engineering site-reliability devops postmortem incident-reports post-mortem postmortem-templates incident-reporting incident-response sre

dfir-iris / iris-web
incident-response,Collaborative Incident Response platform
Organization: dfir-iris
forensic incident-response csirt-tooling python digital-forensics digital-forensics-incident-response forensic-analysis forensic-tools

dfirkuiper / kuiper
incident-response,Digital Forensics Investigation Platform
User: dfirkuiper
dfir security incident-response artifacts parser digital-forensics

drew-alleman / datasurgeon
incident-response, Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Security Numbers and a lot More From Text
User: drew-alleman
cybersecurity incident-response rust search security-tools bug-bounty email hacking ip-address pentesting

emalderson / thephish
incident-response,ThePhish: an automated phishing email analysis tool
User: emalderson
email detection malware phishing cybersecurity misp thehive thehive4 thehive4py indicators-of-compromise

intelowlproject / intelowl
incident-response,IntelOwl: manage your Threat Intelligence at scale
Organization: intelowlproject
Home Page: https://intelowlproject.github.io
security-tools python threat-intelligence ioc incident-response cyber-threat-intelligence enrichment honeynet osint osint-python

johnng007 / live-forensicator
incident-response,Powershell Script to aid Incidence Response and Live Forensics | Bash Script for MacOS Live Forensics and Incidence Response
User: johnng007
incident-response forensics forensics-investigations live-forensic log4j powershell forensicator ransomeware eventlogs eventlog-analysis

kubeshark / kubeshark
incident-response,The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters. Inspired by Wireshark, purposely built for Kubernetes
Organization: kubeshark
Home Page: https://kubeshark.co
kubernetes microservices golang rest grpc amqp kafka redis go microservice

last-byte / persistencesniper
incident-response,Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte
User: last-byte
incident-response malware-detection persistence powershell powershell-module powershell-script registry techniques windows

mattnotmax / cyberchef-recipes
incident-response,A list of cyber-chef recipes and curated links
User: mattnotmax
cyberchef malware dfir incident-response data-manipulation cyberchef-recipes regular-expression

mdecrevoisier / microsoft-eventlog-mindmap
incident-response,Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
User: mdecrevoisier
active-directory azure evtx exchange incident-response mindmap windows

meirwah / awesome-incident-response
incident-response,A curated list of tools for incident response
User: meirwah
incident-response security cybersecurity dfir awesome-list awesome list incident-response-tooling

mikeroyal / open-source-security-guide
incident-response,Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
User: mikeroyal
vulnerabilities vulnerability-detection privacy-protection pentesters network-analysis intrusion-detection infosec incident-management mitre-attack detection-engineering

monzo / response
incident-response,Monzo's real-time incident response and reporting tool ⚡️
Organization: monzo
incident response incident-response incident-management incident-reports slack-bot

msuiche / opcde
incident-response,OPCDE Cybersecurity Conference Materials
User: msuiche
Home Page: https://www.opcde.com
cybersecurity incident-response vulnerability information-security

nitefood / asn
incident-response,ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server
User: nitefood
asn asn-lookup autonomous-systems ip-lookup team-cymru as-path mtr traceroute osint incident-response

oneuptime / oneuptime
incident-response,OneUptime is the complete open-source observability platform.
Organization: oneuptime
Home Page: https://oneuptime.com
devops monitoring incident-response incident-management status-page observability on-call

pagerduty / incident-response-docs
incident-response,PagerDuty's Incident Response Documentation.
Organization: pagerduty
Home Page: https://response.pagerduty.com
pagerduty incident-response documentation oncall team-security

palantir / osquery-configuration
incident-response,A repository for using osquery for incident detection and response
Organization: palantir
osquery incident-response detection information-security octo-correct-managed

patrowl / patrowlmanager
incident-response,PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Organization: patrowl
Home Page: https://www.patrowl.io
automation orchestration secops patrowl incident-response api security-tools vulnerability-management security-automation security-scanner

sleuthkit / sleuthkit
incident-response,The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Organization: sleuthkit
Home Page: http://www.sleuthkit.org/sleuthkit/
sleuthkit tct ntfs forensics incident-response

stuhli / awesome-event-ids
incident-response,Collection of Event ID ressources useful for Digital Forensics and Incident Response
User: stuhli
ir dfir digitalforensics forensics incident-response

tclahr / uac
incident-response,UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
User: tclahr
Home Page: https://tclahr.github.io/uac-docs
incident-response forensics computer-forensics triage linux aix solaris macos openbsd freebsd

tenzir / tenzir
incident-response,Open source security data pipelines.
Organization: tenzir
Home Page: https://docs.tenzir.com
incident-response threathunting siem soc security dataops investigation pcap secdataops netflow

thalesgroup-cert / watcher
incident-response,Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Organization: thalesgroup-cert
Home Page: https://thalesgroup-cert.github.io/Watcher
cybersecurity threat-hunting django reactjs rss-bridge misp thehive security incident-response threat-detection

thehive-project / cortex
incident-response,Cortex: a Powerful Observable Analysis and Active Response Engine
Organization: thehive-project
Home Page: https://thehive-project.org
analysis analyzer api cortex cyber-threat-intelligence dfir digital-forensics engine free free-software incident-response iocs observable open-source python response rest scala security-incidents thehive

thehive-project / thehive
incident-response,TheHive: a Scalable, Open Source and Free Security Incident Response Platform
Organization: thehive-project
Home Page: https://thehive-project.org
misp security-incidents analyzer iocs thehive digital-forensics incident-response rest api scala

toniblyx / my-arsenal-of-aws-security-tools
incident-response,List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
User: toniblyx
cloud auditing incident-response aws-inventory iam dfir cloudtrail aws-infrastructure aws-lambda security

upgundecha / howtheysre
incident-response,A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)
User: upgundecha
site-reliability-engineering sre chaos-engineering dev-ops devops monitoring observability alerting incident-response incident-management

velocidex / velociraptor
incident-response,Digging Deeper....
Organization: velocidex
Home Page: https://docs.velociraptor.app/
incident-response forensics-investigations inventory-management endpoint-security endpoint-protection endpoint-discovery digital-forensics

volatilityfoundation / volatility3
incident-response,Volatility 3.0 development
Organization: volatilityfoundation
Home Page: http://volatilityfoundation.org/
digital-investigation forensics incident-response malware memory python ram volatility volatility-framework

wazuh / wazuh
incident-response,Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Organization: wazuh
Home Page: https://wazuh.com/
security compliance log-analysis vulnerability-detection cybersecurity file-integrity-monitoring infosec malware-detection cloud-security container-security

wazuh / wazuh-docker
incident-response,Wazuh - Docker containers
Organization: wazuh
Home Page: https://wazuh.com
wazuh docker ossec security loganalyzer compliance monitoring intrusion-detection policy-monitoring elasticsearch

yamato-security / hayabusa
incident-response,Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Organization: yamato-security
attack cybersecurity detection dfir event forensics hayabusa hunting incident incident-response logs response rust security security-automation sigma threat threat-hunting windows yamato

yampelo / beagle
incident-response,Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
User: yampelo
security digital-forensics incident-response graph dfir forensic-analysis threat-hunting