Trending repositories for topic incident-response
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
OneUptime is the complete open-source observability platform.
On-Call/DevOps Assistant - Get a head start on fixing alerts with AI investigation
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
A curated list of Site Reliability and Production Engineering resources.
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
A curated list of tools for incident response
The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and cluste...
Cover various security approaches to attack techniques and also provides new discoveries about security breaches.
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, O...
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
On-Call/DevOps Assistant - Get a head start on fixing alerts with AI investigation
Docker configurations for TheHive, Cortex and 3rd party tools
A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.
Cover various security approaches to attack techniques and also provides new discoveries about security breaches.
Imago is a python tool that extract digital evidences from images.
A curated list of awesome Memory Forensics for DFIR
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, O...
OneUptime is the complete open-source observability platform.
Awesome list of keywords and artifacts for Threat Hunting sessions
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
On-Call/DevOps Assistant - Get a head start on fixing alerts with AI investigation
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
OneUptime is the complete open-source observability platform.
A curated list of Site Reliability and Production Engineering resources.
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
A curated list of tools for incident response
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and cluste...
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Cortex: a Powerful Observable Analysis and Active Response Engine
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Cover various security approaches to attack techniques and also provides new discoveries about security breaches.
On-Call/DevOps Assistant - Get a head start on fixing alerts with AI investigation
Cover various security approaches to attack techniques and also provides new discoveries about security breaches.
Awesome list of keywords and artifacts for Threat Hunting sessions
Docker configurations for TheHive, Cortex and 3rd party tools
A curated list of awesome Memory Forensics for DFIR
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Catalyst is an open source SOAR and ticket system that helps to automate alert handling and incident response processes
OneUptime is the complete open-source observability platform.
A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.
On-Call/DevOps Assistant - Get a head start on fixing alerts with AI investigation
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
OneUptime is the complete open-source observability platform.
On-Call/DevOps Assistant - Get a head start on fixing alerts with AI investigation
A curated list of tools for incident response
The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and cluste...
A curated list of Site Reliability and Production Engineering resources.
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, O...
On-Call/DevOps Assistant - Get a head start on fixing alerts with AI investigation
🤖 Cybersecurity Automation & Investigation Assistant
yara detection rules for hunting with the threathunting-keywords project
A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
A curated list of tools for incident response. With repository stars⭐ and forks🍴
A collection of awesome framework, libraries, learning tutorials, videos, webcasts, technical resources and cool stuff about Security Orchestration, Automation and Response (SOAR).
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, Domain, ASN, DNS and Threat Indicator matches.
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
A curated list of awesome Memory Forensics for DFIR
Cover various security approaches to attack techniques and also provides new discoveries about security breaches.
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
Customizable SIEM and XDR powered by Real-Time correlation and Threat Intelligence
On-Call/DevOps Assistant - Get a head start on fixing alerts with AI investigation
A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you come from where did you go) in Security Incidents and Threat Hunts
Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, Domain, ASN, DNS and Threat Indicator matches.
Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores maliciosos ...
yara detection rules for hunting with the threathunting-keywords project
Powershell script to help Speed up Threat hunting incident response processes
This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365 Unified Audit Log.
OneUptime is the complete open-source observability platform.
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
A curated list of Site Reliability and Production Engineering resources.
The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and cluste...
A curated list of tools for incident response
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
A collection of sources of documentation, as well as field best practices, to build/run a SOC
A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with...
PowerShell Digital Forensics & Incident Response Scripts.
Cover various security approaches to attack techniques and also provides new discoveries about security breaches.
Cover various security approaches to attack techniques and also provides new discoveries about security breaches.
Customizable SIEM and XDR powered by Real-Time correlation and Threat Intelligence
PowerShell Digital Forensics & Incident Response Scripts.
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response
CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.
Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores maliciosos ...
Awesome list of keywords and artifacts for Threat Hunting sessions
OneUptime is the complete open-source observability platform.
Deauthalyzer is a script designed to monitor WiFi networks and detect deauthentication attacks. It utilizes packet sniffing and analysis techniques to identify deauthentication attack packets and prov...
On-Call/DevOps Assistant - Get a head start on fixing alerts with AI investigation
A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incident responders in identifying, containing, eradicating, and reco...
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
A collection of awesome framework, libraries, learning tutorials, videos, webcasts, technical resources and cool stuff about Security Orchestration, Automation and Response (SOAR).
🕵️ OSINT Tools for gathering information and actions forensics 🕵️