incident-response

A curated list of Site Reliability and Production Engineering resources.

The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters.. Think TCPDump and Wireshark re-invented for Kubernetes

A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

A curated list of tools for incident response

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

Digging Deeper....

A list of cyber-chef recipes and curated links

Tools and Techniques for Blue Team / Incident Response

Monzo's real-time incident response and reporting tool ⚡️

Volatility 3.0 development

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Made with ❤️ by @last0x00 and @dottor_morte

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

Cortex: a Powerful Observable Analysis and Active Response Engine

A collection of postmortem templates