DfirtrackDFIRTrack - The Incident Response Tracking Application
Stars: ✭ 232 (+908.7%)
Mutual labels: incident-response, dfir
Atc ReactA knowledge base of actionable Incident Response techniques
Stars: ✭ 226 (+882.61%)
Mutual labels: incident-response, dfir
Invoke LiveresponseInvoke-LiveResponse
Stars: ✭ 115 (+400%)
Mutual labels: incident-response, dfir
PypowershellxrayPython script to decode common encoded PowerShell scripts
Stars: ✭ 192 (+734.78%)
Mutual labels: incident-response, dfir
Vast🔮 Visibility Across Space and Time
Stars: ✭ 227 (+886.96%)
Mutual labels: incident-response, dfir
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (+300%)
Mutual labels: incident-response, dfir
Thehive4pyPython API Client for TheHive
Stars: ✭ 143 (+521.74%)
Mutual labels: incident-response, dfir
HistoricprocesstreeAn Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
Stars: ✭ 46 (+100%)
Mutual labels: incident-response, dfir
Imago ForensicsImago is a python tool that extract digital evidences from images.
Stars: ✭ 175 (+660.87%)
Mutual labels: incident-response, dfir
ThehiveTheHive: a Scalable, Open Source and Free Security Incident Response Platform
Stars: ✭ 2,300 (+9900%)
Mutual labels: incident-response, dfir
PockintA portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️
Stars: ✭ 196 (+752.17%)
Mutual labels: incident-response, dfir
Cortex AnalyzersCortex Analyzers Repository
Stars: ✭ 246 (+969.57%)
Mutual labels: incident-response, dfir
Yara EndpointYara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Stars: ✭ 75 (+226.09%)
Mutual labels: incident-response, yara
CCXDiggerThe CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.
Stars: ✭ 45 (+95.65%)
Mutual labels: incident-response, dfir
ScriptingPS / Bash / Python / Other scripts For FUN!
Stars: ✭ 47 (+104.35%)
Mutual labels: incident-response, dfir
MthcAll-in-one bundle of MISP, TheHive and Cortex
Stars: ✭ 134 (+482.61%)
Mutual labels: incident-response, dfir
Cortex4pyPython API Client for Cortex
Stars: ✭ 22 (-4.35%)
Mutual labels: incident-response, dfir
BeagleBeagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (+4143.48%)
Mutual labels: incident-response, dfir
OrianaOriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (+560.87%)
Mutual labels: incident-response, dfir
PackratLive system forensic collector
Stars: ✭ 16 (-30.43%)
Mutual labels: incident-response, dfir