Ioc ExplorerExplore Indicators of Compromise Automatically
Stars: ✭ 73 (+108.57%)
Wazuh ChefWazuh - Chef cookbooks
Stars: ✭ 9 (-74.29%)
PatrowlenginesPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (+362.86%)
AwesomeA curated list of awesome things related to TheHive & Cortex
Stars: ✭ 88 (+151.43%)
Cyberchef RecipesA list of cyber-chef recipes and curated links
Stars: ✭ 619 (+1668.57%)
Imago ForensicsImago is a python tool that extract digital evidences from images.
Stars: ✭ 175 (+400%)
Ios Triageincident response tool for iOS devices
Stars: ✭ 42 (+20%)
ScotSandia Cyber Omni Tracker (SCOT)
Stars: ✭ 206 (+488.57%)
Thehive4pyPython API Client for TheHive
Stars: ✭ 143 (+308.57%)
SiacSIAC is an enterprise SIEM built on open-source technology.
Stars: ✭ 100 (+185.71%)
OpcdeOPCDE Cybersecurity Conference Materials
Stars: ✭ 538 (+1437.14%)
OsctrlFast and efficient osquery management
Stars: ✭ 183 (+422.86%)
ScriptingPS / Bash / Python / Other scripts For FUN!
Stars: ✭ 47 (+34.29%)
Misp TaxonomiesTaxonomies used in MISP taxonomy system and can be used by other information sharing tool.
Stars: ✭ 168 (+380%)
BeagleBeagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Stars: ✭ 976 (+2688.57%)
AsnASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation and geolocation lookup tool / Traceroute server
Stars: ✭ 242 (+591.43%)
Awesome SreA curated list of Site Reliability and Production Engineering resources.
Stars: ✭ 7,687 (+21862.86%)
SleuthkitThe Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Stars: ✭ 1,948 (+5465.71%)
CortexCortex: a Powerful Observable Analysis and Active Response Engine
Stars: ✭ 676 (+1831.43%)
PockintA portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️
Stars: ✭ 196 (+460%)
IntelmqIntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Stars: ✭ 611 (+1645.71%)
MthcAll-in-one bundle of MISP, TheHive and Cortex
Stars: ✭ 134 (+282.86%)
PatrowldocsPatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (+200%)
HowtheysreA curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)
Stars: ✭ 6,962 (+19791.43%)
WazuhWazuh - The Open Source Security Platform
Stars: ✭ 3,154 (+8911.43%)
ThreathuntThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
Stars: ✭ 92 (+162.86%)
Atc ReactA knowledge base of actionable Incident Response techniques
Stars: ✭ 226 (+545.71%)
ResponseMonzo's real-time incident response and reporting tool ⚡️
Stars: ✭ 1,252 (+3477.14%)
WefflesBuild a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
Stars: ✭ 176 (+402.86%)
Yara EndpointYara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Stars: ✭ 75 (+114.29%)
Aurora Incident ResponseIncident Response Documentation made easy. Developed by Incident Responders for Incident Responders
Stars: ✭ 171 (+388.57%)
HistoricprocesstreeAn Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.
Stars: ✭ 46 (+31.43%)
Wazuh DockerWazuh - Docker containers
Stars: ✭ 213 (+508.57%)
Analyst CasefileMaltego CaseFile entities for information security investigations, malware analysis and incident response
Stars: ✭ 41 (+17.14%)
ThehiveTheHive: a Scalable, Open Source and Free Security Incident Response Platform
Stars: ✭ 2,300 (+6471.43%)
assisted-log-enabler-for-awsAssisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.
Stars: ✭ 167 (+377.14%)
Cortex4pyPython API Client for Cortex
Stars: ✭ 22 (-37.14%)
OrianaOriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (+334.29%)
BashfuscatorA fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Stars: ✭ 690 (+1871.43%)
Dfir OrcForensics artefact collection tool for systems running Microsoft Windows
Stars: ✭ 202 (+477.14%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+5940%)
FameFAME Automates Malware Evaluation
Stars: ✭ 663 (+1794.29%)
DfirtrackDFIRTrack - The Incident Response Tracking Application
Stars: ✭ 232 (+562.86%)
Osquery ConfigurationA repository for using osquery for incident detection and response
Stars: ✭ 618 (+1665.71%)
Edr Testing ScriptTest the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
Stars: ✭ 136 (+288.57%)
CyphonOpen source incident management and response platform.
Stars: ✭ 543 (+1451.43%)
PypowershellxrayPython script to decode common encoded PowerShell scripts
Stars: ✭ 192 (+448.57%)
CCXDiggerThe CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.
Stars: ✭ 45 (+28.57%)
evtx-hunterevtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
Stars: ✭ 122 (+248.57%)
Vast🔮 Visibility Across Space and Time
Stars: ✭ 227 (+548.57%)
Litmus testDetecting ATT&CK techniques & tactics for Linux
Stars: ✭ 190 (+442.86%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (+208.57%)