dastergon / awesome-sre

3.4k

A curated list of Site Reliability and Production Engineering resources.

Updated Apr 29, 2019

meirwah / awesome-incident-response

2.6k

A curated list of tools for incident response

incident-response security cybersecurity dfir awesome-list awesome list

Updated Nov 27, 2018

toniblyx / my-arsenal-of-aws-security-tools

1.5k

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

cloud auditing incident-response aws-inventory iam dfir cloudtrail aws-infrastructure aws-lambda security security-tools

Shell Updated May 1, 2019

sleuthkit / sleuthkit

1.3k

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investiga…

sleuthkit tct ntfs forensics incident-response

C Updated May 3, 2019

TheHive-Project / TheHive

1.1k

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Good first issues

Stats API

docs question

#787 opened 6 months ago by kellenhopwood

1

API _search examples

docs

#598 opened 11 months ago by xme

8

HTML Updated Apr 30, 2019

wazuh / wazuh

896

Wazuh - Host and endpoint security

wazuh ossec security loganalyzer compliance monitoring intrusion-detection policy-monitoring elasticsearch openscap security-hardening ids pci-dss file-integrity-management security-awareness log-analysis vulnerability-detection incident-response

C Updated May 3, 2019

PagerDuty / incident-response-docs

672

PagerDuty's Incident Response Documentation.

pagerduty incident-response documentation oncall

HTML Updated Jan 28, 2019

yampelo / beagle

617

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

security digital-forensics incident-response graph dfir forensic-analysis threat-hunting

Python Updated May 1, 2019

certsocietegenerale / fame

518

FAME Automates Malware Evaluation

malware malware-analysis malware-research framework infosec incident-response

Python Updated Mar 28, 2019

certtools / intelmq

449

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing prot…

cybersecurity threat ioc malware phishing cert csirt intelligence incident-response alerts feeds incident handling automation ihap python

Good first issues

Split in modify

documentation component: bots

#1370 opened 3 months ago by kalyparker

2

[13] Manpages for all binaries

documentation packaging

#696 opened over 2 years ago by sebix

1

Very long BOTS file

documentation

#668 opened over 2 years ago by sykaeh

14

Python Updated Apr 13, 2019

comaeio / OPCDE

426

OPCDE Cybersecurity Conference Materials

cybersecurity incident-response vulnerability information-security

C++ Updated Apr 25, 2019

dunbarcyber / cyphon

421

Open source incident management and response platform.

incident-management incident-response social-media data-aggregation security-tools alerting

Python Updated May 1, 2019

Bashfuscator / Bashfuscator

383

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue …

bash linux linux-shell obfuscation red-team blue-team evasion incident-response infosec

Good first issues

Create Unit Tests to Test Mutator Combinations

good first issue

#16 opened 4 months ago by capnspacehook

Python Updated Jan 31, 2019

palantir / osquery-configuration

378

A repository for using osquery for incident detection and response

osquery incident-response detection information-security

Updated Jan 4, 2019

chenerlich / FCL

338

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

malware-analysis file-less command-line malware malware-detection fcl incident-response threat-hunting

Updated Feb 23, 2019

TheHive-Project / Cortex

322

Cortex: a Powerful Observable Analysis and Active Response Engine

response dfir analysis analyzer thehive engine scala python rest api security-incidents digital-forensics iocs observable free free-software open-source incident-response cyber-threat-intelligence

Scala Updated May 3, 2019

monzo / response

233

Monzo's real-time incident response and reporting tool ⚡️

incident response incident-response incident-management incident-reports slack-bot

JavaScript Updated May 4, 2019

eschultze / URLextractor

207

Information gathering & website reconnaissance | https://phishstats.info/

information-gathering information-extraction whois abuse shodan virustotal phishing malware malicious-domains domain incident-response osint

Shell Updated Jun 1, 2018

diogo-fernan / ir-rescue

196

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

cybersecurity incident-response sysinternals nirsoft windows unix batch bash malware forensics dfir

Batchfile Updated Feb 13, 2019

cloudtracer / ThreatPinchLookup

190

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

HTML Updated Sep 8, 2018

sandialabs / scot

188

Sandia Cyber Omni Tracker (SCOT)

perl javascript cyber-security incident-response threat-intelligence

JavaScript Updated Apr 24, 2019

wazuh / wazuh-ruleset

188

Wazuh - Ruleset

wazuh ossec security loganalyzer compliance monitoring intrusion-detection policy-monitoring elasticsearch openscap security-hardening ids pci-dss file-integrity-management security-awareness log-analysis vulnerability-detection incident-response

Python Updated May 3, 2019

JohnLaTwC / PyPowerShellXray

170

Python script to decode common encoded PowerShell scripts

powershell shellcode dfir security security-tools forensics forensic-analysis incident-response

Python Updated Jun 13, 2018

TheHive-Project / TheHiveDocs

151

Documentation of TheHive

misp security-incidents iocs thehive cortex administration-guide analyzer rest api incident-response digital-forensics analyst dfir free free-software documentation open-source platform

Python Updated May 2, 2019

Patrowl / PatrowlManager

146

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

automation orchestration secops patrowl incident-response api security-tools vulnerability-management security-automation security-scanner vulnerability-scanners vulnerability-detection threat-intelligence threat-hunting ioc thehive cortext

Good first issues

Feedback

good first issue

#28 opened 6 months ago by antonmalae

1

HTML Updated Apr 24, 2019

stuhli / dfirtrack

126

DFIRTrack - The Incident Response Tracking Application

incident-response digital-forensics dfir incident-response-tooling incident-management

HTML Updated May 2, 2019

TheHive-Project / Cortex-Analyzers

119

Cortex Analyzers Repository

thehive analyzer cortex free free-software open-source observable ioc json incident-response digital-forensics dfir cyber-threat-intelligence python enrichment

Python Updated Apr 29, 2019

jepayneMSFT / WEFFLES

118

Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI

incident-response threat-hunting windows-eventlog

PowerShell Updated Dec 11, 2017

mvelazc0 / Oriana

109

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals an…

threat-hunting incident-response dfir

Python Updated Apr 13, 2019

MISP / misp-taxonomies

105

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

information-exchange classification security taxonomy misp-taxonomies incident-classification government-classification-markings enisa-threat-taxonomy incident-taxonomy incident-response misp-taxonomy machine-tags adversary malware incident

Python Updated Apr 27, 2019

incident-response

Repositories 137

Good first issues

Good first issues

Good first issues

Good first issues

Related topics