List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
-
Updated
Jan 19, 2024 - Shell
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
Wazuh - Docker containers
Information gathering & website reconnaissance | https://phishstats.info/
practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response
Incident Response collection and processing scripts with automated reporting scripts
Docker configurations for TheHive, Cortex and 3rd party tools
Wazuh - Tools for packages creation
Blazescan is a linux webserver malware scanning and incident response tool, with built in support for cPanel servers, but will run on any linux based server.
Harness the power of Splunk for your investigations
Wazuh - Amazon AWS Cloudformation
A triage data collection script for macOS
Create an incident response triage toolkit for use with Windows or Linux.
The scrip will help you to find some values info for the user that you need as DFIR
Wazuh - Release for Bosh.io
Break-In Analyzer - A script that analyze auth.log, secure, utmp/wtmp for possible SSH break-in attempts
Scripts used during Incident response security competition
A dockerized log server, that has plug and play capabilities.
TriageX - Linux Triage Tool Is a BASH shell script designed to collect evidences in an incident with Linux machines. The script uses native Linux commands to run.
Add a description, image, and links to the incident-response topic page so that developers can more easily learn about it.
To associate your repository with the incident-response topic, visit your repo's landing page and select "manage topics."