113 Open source projects that are alternatives of or similar to Awesome

SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.

Catalyst is an open source SOAR system that helps to automate alert handling and incident response processes

Open source incident management and response platform.

Digital Forensics Investigation Platform

Simple Live Data Collection Tool

FAME Automates Malware Evaluation

Wazuh - Puppet module

PagerDuty's Incident Response Documentation.

Cyber Incident Response Team Playbook Battle Cards

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

Wazuh - Ruleset

Incident Response collection and processing scripts with automated reporting scripts

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Infosec resource center for offensive and defensive security operations.

Maltego CaseFile entities for information security investigations, malware analysis and incident response

This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.

A repository for using osquery for incident detection and response

Cyber-investigation Analysis Standard Expression (CASE) Ontology

A role-playing game for incident management training

Legal, procedural and policies document templates for operating an IRT

A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)

A Lambda-powered Security Orchestration framework for AWS GuardDuty

Python API Client for Cortex

Parses Windows event logs files based on SANS Poster

Documentation of TheHive

A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

Docker configurations for TheHive, Cortex and 3rd party tools

Digging Deeper....

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

incident response tool for iOS devices

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

Cortex: a Powerful Observable Analysis and Active Response Engine

Extract BITS jobs from QMGR queue and store them as CSV records

Explore Indicators of Compromise Automatically

Recon Hunt Queries

A list of cyber-chef recipes and curated links

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

Incident Response - Fast suspicious file finder

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

incident response scripts

Wazuh - Project documentation

A concise, directive, specific, flexible, and free incident response plan template

OPCDE Cybersecurity Conference Materials

Wazuh - Amazon AWS Cloudformation

Wazuh - Chef cookbooks

This repository is a curated list of pro bono incident response entities.

A curated list of tools for incident response

No description or website provided.

PS / Bash / Python / Other scripts For FUN!

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Trace ScriptBlock execution for powershell v2

A curated list of Site Reliability and Production Engineering resources.

Information gathering & website reconnaissance | https://phishstats.info/

Monzo's real-time incident response and reporting tool ⚡️

Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.

An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.