213 Open source projects that are alternatives of or similar to aws-security-hub-response-and-remediation

A schema and set of tools for using SQL to query cloud infrastructure.

A Lambda-powered Security Orchestration framework for AWS GuardDuty

Ansible role for Red Hat 8 STIG Baseline

Privacy as Code for DSAR Orchestration: Privacy Request automation to fulfill GDPR, CCPA, and LGPD data subject requests.

Ansible role for Ubuntu 2004 CIS Baseline

Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation

SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.

evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

A serverless Discord Bot template built for AWS Lambda based on Discord's slash commands and the slash-create library.

DFIRTrack - The Incident Response Tracking Application

Wazuh - Docker containers

Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.

Who and what to follow in the world of cyber security

Cortex Analyzers Repository

Collaborative Incident Response platform

A knowledge base of actionable Incident Response techniques

Manage, Configure and Deploy your services and AWS services and applications from your docker-compose definitions

Carve file metadata from NTFS index ($I30) attributes

Forensics artefact collection tool for systems running Microsoft Windows

This toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices

A sample project to demonstrate using Cloudformation, how to create and configure CloudWatch metric filters, alarms and a dashboard to monitor an AWS Lambda function.

Python script to decode common encoded PowerShell scripts

Wazuh - The Open Source Security Platform

Fast and efficient osquery management

Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI

Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders

a simple CLI and Ruby API for AWS CloudFormation

The CloudFormation Resource Provider Package for the AWS CodeArtifact service

ThePhish: an automated phishing email analysis tool

Live system forensic collector

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

Prototype to collect data and analyse it from a compromised macOS device.

ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation and geolocation lookup tool / Traceroute server

Microsoft Sentinel SOC Operations

🔮 Visibility Across Space and Time

Exporting MISP event attributes to yara rules usable with Thor apt scanner

Wazuh - Kibana plugin

Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification

Sandia Cyber Omni Tracker (SCOT)

Simple command line tool to check for compliance against CIS Benchmarks

A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Detecting ATT&CK techniques & tactics for Linux

The CloudFormation Resource Schema defines the shape and semantic for resources provisioned by CloudFormation. It is used by provider developers using the CloudFormation RPDK.

Deploy AWS Greengrass resources from your CloudFormation stack

Imago is a python tool that extract digital evidences from images.

A simple many-rules to many-files YARA scanner for incident response or malware zoos.

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

AWSXenos will list all the trust relationships in all the IAM roles and S3 buckets

Monitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Cloud.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

Network Security data repository for automation, reporting and compliance of firewall rules

Platform for materials scientists to contribute and disseminate their materials data through Materials Project

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Python API Client for TheHive

PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.

PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.