113 Open source projects that are alternatives of or similar to Aurora Incident Response

OPCDE Cybersecurity Conference Materials

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

incident response tool for iOS devices

A list of cyber-chef recipes and curated links

Recon Hunt Queries

Explore Indicators of Compromise Automatically

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

Wazuh - Chef cookbooks

Cortex: a Powerful Observable Analysis and Active Response Engine

Incident Response - Fast suspicious file finder

Wazuh - Project documentation

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

All-in-one bundle of MISP, TheHive and Cortex

A curated list of tools for incident response

PS / Bash / Python / Other scripts For FUN!

Information gathering & website reconnaissance | https://phishstats.info/

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

Extract BITS jobs from QMGR queue and store them as CSV records

SIAC is an enterprise SIEM built on open-source technology.

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

A curated list of Site Reliability and Production Engineering resources.

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Cyber-investigation Analysis Standard Expression (CASE) Ontology

Monzo's real-time incident response and reporting tool ⚡️

FAME Automates Malware Evaluation

Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

A repository for using osquery for incident detection and response

Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.

Open source incident management and response platform.

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)

A role-playing game for incident management training

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

Invoke-LiveResponse

Documentation of TheHive

An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Wazuh - Ruleset

Maltego CaseFile entities for information security investigations, malware analysis and incident response

Digital Forensics Investigation Platform

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Infosec resource center for offensive and defensive security operations.

PagerDuty's Incident Response Documentation.

SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.

Python API Client for Cortex

Wazuh - Puppet module

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Python API Client for TheHive

A curated list of awesome things related to TheHive & Cortex

Digging Deeper....