11 results found Sort:

clong
DetectionLab clong
987
4.6k
mit
154
Automate the creation of a lab environment complete with security tooling and logging best practices
dfir packer sysmon ansible osquery vagrant detection terraform powershell vagrantfile detectionlab dfir-automation lab-environment information-security
Created 2017-03-25
1,222 commits to master branch, last one about a year ago
securityjoes
MasterParser securityjoes
57
671
mit
12
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
ir mdr soc dfir cyber tools infosec security reporting automation powershell cyber-security dfir-automation digital-forensic incident-response
Created 2023-12-19
161 commits to main branch, last one 5 months ago
iknowjason
PurpleCloud iknowjason
90
521
mit
24
A little tool to play with Azure Identity - Azure Active Directory lab creation tool
dfir siem azure pentest azure-lab purpleteam dfir-automation
Created 2020-06-23
305 commits to master branch, last one 19 days ago
cado-security
varc cado-security
13
251
gpl-3.0
7
Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of particular use when investigating a security incident.
aws dfir security forensics aws-lambda aws-fargate aws-forensics eks-forensics hacktoberfest cloud-security dfir-automation docker-forensics memory-forensics fargate-forensics
Created 2022-09-16
74 commits to main branch, last one about a month ago
jurelou
epagneul jurelou
34
231
unknown
9
Graph Visualization for windows event logs
evtx hunting blueteam security forensics security-tools threat-hunting dfir-automation forensics-tools
Created 2021-12-30
26 commits to master branch, last one about a year ago
Correia-jpv
fucking-awesome-incident-response Correia-jpv
30
191
apache-2.0
7
A curated list of tools for incident response. With repository stars⭐ and forks🍴
dfir list awesome incident security incidents awesome-list dfir-automation digitalforensics incident-reports digital-forensics incident-response incident-management incident-response-tooling
Created 2022-08-04
523 commits to main branch, last one a day ago
cado-security
rip_raw cado-security
16
131
apache-2.0
8
Rip Raw is a small tool to analyse the memory of compromised Linux systems.
dfir security forensics dfir-automation memory-forensics forensic-analysis
Created 2022-01-27
6 commits to main branch, last one 2 years ago
hashlookup
hashlookup-forensic-analyser hashlookup
14
125
other
4
Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https://circl.lu/services/hashlookup/
dfir nsrl hashlookup nsrllookup bloom-filter dfir-automation forensic-analysis forensics-investigations
Created 2021-10-03
94 commits to main branch, last one about a year ago
iknowjason
BlueCloud iknowjason
28
124
mit
7
Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
dfir blue-team cyberrange pentesting purpleteam cyber-range edr-testing dfir-automation
Created 2021-04-02
77 commits to master branch, last one 2 years ago
adulau
hashlookup-server adulau
7
41
agpl-3.0
4
Fast lookup server for NSRL and other hash database used in digital forensic
dfir nsrl infosec hashlookup nsrllookup dfir-automation information-security
Created 2021-07-15
69 commits to main branch, last one 2 years ago
op7ic
unix_collector op7ic
5
32
gpl-3.0
2
unix_collector is a Live Response collection script for Incident Response on UNIX-like systems using native binaries. Supports AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and...
dfir esxi unix linux posix script triage freebsd openbsd solaris blueteam security forensics live-response dfir-automation forensics-tools incident-response computer-forensics
Created 2022-03-09
135 commits to main branch, last one 4 months ago