Python API Client for TheHive

Educational, CTF-styled labs for individuals interested in Memory Forensics

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Cortex: a Powerful Observable Analysis and Active Response Engine

Catalyst is an open source SOAR system that helps to automate alert handling and incident response processes

Documentation of TheHive

DFIRTrack - The Incident Response Tracking Application

A curated list of awesome forensic analysis tools and resources

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

Carve file metadata from NTFS index ($I30) attributes

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

Digital Forensics Investigation Platform

Everything related to Linux Forensics

Cortex Analyzers Repository

🚨 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system

📇 Digital Forensics Artifact Repository (forensicanalysis edition)

Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

A list of cyber-chef recipes and curated links