introspectorA schema and set of tools for using SQL to query cloud infrastructure.
Stars: ✭ 61 (+5.17%)
GDPatrolA Lambda-powered Security Orchestration framework for AWS GuardDuty
Stars: ✭ 50 (-13.79%)
RHEL8-STIGAnsible role for Red Hat 8 STIG Baseline
Stars: ✭ 73 (+25.86%)
fidesopsPrivacy as Code for DSAR Orchestration: Privacy Request automation to fulfill GDPR, CCPA, and LGPD data subject requests.
Stars: ✭ 32 (-44.83%)
UBUNTU20-CISAnsible role for Ubuntu 2004 CIS Baseline
Stars: ✭ 136 (+134.48%)
CIS-Ubuntu-20.04-AnsibleAnsible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
Stars: ✭ 150 (+158.62%)
SyntheticSunSyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.
Stars: ✭ 49 (-15.52%)
evtx-hunterevtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
Stars: ✭ 122 (+110.34%)
serverless-discord-botA serverless Discord Bot template built for AWS Lambda based on Discord's slash commands and the slash-create library.
Stars: ✭ 37 (-36.21%)
DfirtrackDFIRTrack - The Incident Response Tracking Application
Stars: ✭ 232 (+300%)
Wazuh DockerWazuh - Docker containers
Stars: ✭ 213 (+267.24%)
assisted-log-enabler-for-awsAssisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.
Stars: ✭ 167 (+187.93%)
iris-webCollaborative Incident Response platform
Stars: ✭ 560 (+865.52%)
Atc ReactA knowledge base of actionable Incident Response techniques
Stars: ✭ 226 (+289.66%)
ecs composexManage, Configure and Deploy your services and AWS services and applications from your docker-compose definitions
Stars: ✭ 79 (+36.21%)
INDXRipperCarve file metadata from NTFS index ($I30) attributes
Stars: ✭ 32 (-44.83%)
Dfir OrcForensics artefact collection tool for systems running Microsoft Windows
Stars: ✭ 202 (+248.28%)
MEATThis toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices
Stars: ✭ 101 (+74.14%)
cloudwatch-dashboards-cloudformation-sampleA sample project to demonstrate using Cloudformation, how to create and configure CloudWatch metric filters, alarms and a dashboard to monitor an AWS Lambda function.
Stars: ✭ 61 (+5.17%)
PypowershellxrayPython script to decode common encoded PowerShell scripts
Stars: ✭ 192 (+231.03%)
WazuhWazuh - The Open Source Security Platform
Stars: ✭ 3,154 (+5337.93%)
OsctrlFast and efficient osquery management
Stars: ✭ 183 (+215.52%)
WefflesBuild a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
Stars: ✭ 176 (+203.45%)
Aurora Incident ResponseIncident Response Documentation made easy. Developed by Incident Responders for Incident Responders
Stars: ✭ 171 (+194.83%)
stackupa simple CLI and Ruby API for AWS CloudFormation
Stars: ✭ 89 (+53.45%)
ThePhishThePhish: an automated phishing email analysis tool
Stars: ✭ 676 (+1065.52%)
PackratLive system forensic collector
Stars: ✭ 16 (-72.41%)
ThehiveTheHive: a Scalable, Open Source and Free Security Incident Response Platform
Stars: ✭ 2,300 (+3865.52%)
prowlerProwler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Stars: ✭ 8,046 (+13772.41%)
macOS-irPrototype to collect data and analyse it from a compromised macOS device.
Stars: ✭ 16 (-72.41%)
AsnASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation and geolocation lookup tool / Traceroute server
Stars: ✭ 242 (+317.24%)
Vast🔮 Visibility Across Space and Time
Stars: ✭ 227 (+291.38%)
yara-exporterExporting MISP event attributes to yara rules usable with Thor apt scanner
Stars: ✭ 22 (-62.07%)
kube-beaconOpen Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification
Stars: ✭ 60 (+3.45%)
ScotSandia Cyber Omni Tracker (SCOT)
Stars: ✭ 206 (+255.17%)
cis benchmarks auditSimple command line tool to check for compliance against CIS Benchmarks
Stars: ✭ 182 (+213.79%)
PockintA portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️
Stars: ✭ 196 (+237.93%)
MindMaps#ThreatHunting #DFIR #Malware #Detection Mind Maps
Stars: ✭ 224 (+286.21%)
Litmus testDetecting ATT&CK techniques & tactics for Linux
Stars: ✭ 190 (+227.59%)
cloudformation-resource-schemaThe CloudFormation Resource Schema defines the shape and semantic for resources provisioned by CloudFormation. It is used by provider developers using the CloudFormation RPDK.
Stars: ✭ 77 (+32.76%)
GrassFormationDeploy AWS Greengrass resources from your CloudFormation stack
Stars: ✭ 18 (-68.97%)
Imago ForensicsImago is a python tool that extract digital evidences from images.
Stars: ✭ 175 (+201.72%)
pyarascannerA simple many-rules to many-files YARA scanner for incident response or malware zoos.
Stars: ✭ 23 (-60.34%)
Misp TaxonomiesTaxonomies used in MISP taxonomy system and can be used by other information sharing tool.
Stars: ✭ 168 (+189.66%)
AWSXenosAWSXenos will list all the trust relationships in all the IAM roles and S3 buckets
Stars: ✭ 57 (-1.72%)
CloudFrontierMonitor the internet attack surface of various public cloud environments. Currently supports AWS, GCP, Azure, DigitalOcean and Oracle Cloud.
Stars: ✭ 102 (+75.86%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (+179.31%)
OrianaOriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (+162.07%)
SleuthkitThe Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Stars: ✭ 1,948 (+3258.62%)
firewall-orchestratorNetwork Security data repository for automation, reporting and compliance of firewall rules
Stars: ✭ 14 (-75.86%)
MPContribsPlatform for materials scientists to contribute and disseminate their materials data through Materials Project
Stars: ✭ 30 (-48.28%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+3544.83%)
Thehive4pyPython API Client for TheHive
Stars: ✭ 143 (+146.55%)
PowerSponsePowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
Stars: ✭ 35 (-39.66%)
PowerGRRPowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.
Stars: ✭ 52 (-10.34%)