SyntheticSunSyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.
Stars: ✭ 49 (-44.32%)
catalystCatalyst is an open source SOAR system that helps to automate alert handling and incident response processes
Stars: ✭ 91 (+3.41%)
CyphonOpen source incident management and response platform.
Stars: ✭ 543 (+517.05%)
KuiperDigital Forensics Investigation Platform
Stars: ✭ 257 (+192.05%)
FameFAME Automates Malware Evaluation
Stars: ✭ 663 (+653.41%)
FclFCL (Fileless Command Lines) - Known command lines of fileless malicious executions
Stars: ✭ 409 (+364.77%)
LinuxCatScaleIncident Response collection and processing scripts with automated reporting scripts
Stars: ✭ 143 (+62.5%)
InfosecHouseInfosec resource center for offensive and defensive security operations.
Stars: ✭ 61 (-30.68%)
Analyst CasefileMaltego CaseFile entities for information security investigations, malware analysis and incident response
Stars: ✭ 41 (-53.41%)
aws-customer-playbook-frameworkThis repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.
Stars: ✭ 43 (-51.14%)
Osquery ConfigurationA repository for using osquery for incident detection and response
Stars: ✭ 618 (+602.27%)
CASECyber-investigation Analysis Standard Expression (CASE) Ontology
Stars: ✭ 46 (-47.73%)
complianceLegal, procedural and policies document templates for operating an IRT
Stars: ✭ 57 (-35.23%)
HowtheysreA curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)
Stars: ✭ 6,962 (+7811.36%)
GDPatrolA Lambda-powered Security Orchestration framework for AWS GuardDuty
Stars: ✭ 50 (-43.18%)
Cortex4pyPython API Client for Cortex
Stars: ✭ 22 (-75%)
EvilizeParses Windows event logs files based on SANS Poster
Stars: ✭ 24 (-72.73%)
ThehivedocsDocumentation of TheHive
Stars: ✭ 353 (+301.14%)
Ir RescueA Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
Stars: ✭ 311 (+253.41%)
Docker-TemplatesDocker configurations for TheHive, Cortex and 3rd party tools
Stars: ✭ 71 (-19.32%)
Apt HunterAPT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
Stars: ✭ 297 (+237.5%)
Ios Triageincident response tool for iOS devices
Stars: ✭ 42 (-52.27%)
ThreatpinchlookupDocumentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Stars: ✭ 257 (+192.05%)
CortexCortex: a Powerful Observable Analysis and Active Response Engine
Stars: ✭ 676 (+668.18%)
bits parserExtract BITS jobs from QMGR queue and store them as CSV records
Stars: ✭ 64 (-27.27%)
Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (-17.05%)
rhqRecon Hunt Queries
Stars: ✭ 66 (-25%)
Cyberchef RecipesA list of cyber-chef recipes and curated links
Stars: ✭ 619 (+603.41%)
YAFRAYAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-75%)
BeagleBeagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (+1009.09%)
fastfinderIncident Response - Fast suspicious file finder
Stars: ✭ 116 (+31.82%)
IntelmqIntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Stars: ✭ 611 (+594.32%)
ir scriptsincident response scripts
Stars: ✭ 17 (-80.68%)
OpcdeOPCDE Cybersecurity Conference Materials
Stars: ✭ 538 (+511.36%)
Wazuh ChefWazuh - Chef cookbooks
Stars: ✭ 9 (-89.77%)
ScriptingPS / Bash / Python / Other scripts For FUN!
Stars: ✭ 47 (-46.59%)
MemProcFS-AnalyzerMemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
Stars: ✭ 89 (+1.14%)
PatrowlmanagerPatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Stars: ✭ 363 (+312.5%)
PSTraceTrace ScriptBlock execution for powershell v2
Stars: ✭ 38 (-56.82%)
Awesome SreA curated list of Site Reliability and Production Engineering resources.
Stars: ✭ 7,687 (+8635.23%)
UrlextractorInformation gathering & website reconnaissance | https://phishstats.info/
Stars: ✭ 341 (+287.5%)
ResponseMonzo's real-time incident response and reporting tool ⚡️
Stars: ✭ 1,252 (+1322.73%)
Yara EndpointYara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Stars: ✭ 75 (-14.77%)
HistoricprocesstreeAn Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
Stars: ✭ 46 (-47.73%)
BashfuscatorA fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Stars: ✭ 690 (+684.09%)
WatcherWatcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Stars: ✭ 324 (+268.18%)