165 Open source projects that are alternatives of or similar to PowerSponse

Explore Indicators of Compromise Automatically

Wazuh - Chef cookbooks

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

A curated list of awesome things related to TheHive & Cortex

A list of cyber-chef recipes and curated links

Imago is a python tool that extract digital evidences from images.

incident response tool for iOS devices

Sandia Cyber Omni Tracker (SCOT)

Digging Deeper....

Python API Client for TheHive

SIAC is an enterprise SIEM built on open-source technology.

OPCDE Cybersecurity Conference Materials

Fast and efficient osquery management

Wazuh - Project documentation

Wazuh - Kibana plugin

PS / Bash / Python / Other scripts For FUN!

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation and geolocation lookup tool / Traceroute server

A curated list of Site Reliability and Production Engineering resources.

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

Cortex: a Powerful Observable Analysis and Active Response Engine

A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

All-in-one bundle of MISP, TheHive and Cortex

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)

Wazuh - The Open Source Security Platform

ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.

A knowledge base of actionable Incident Response techniques

Monzo's real-time incident response and reporting tool ⚡️

Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI

Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.

Cortex Analyzers Repository

A role-playing game for incident management training

Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders

An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree view.

Wazuh - Docker containers

Maltego CaseFile entities for information security investigations, malware analysis and incident response

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

PagerDuty's Incident Response Documentation.

Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.

Python API Client for Cortex

Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

Forensics artefact collection tool for systems running Microsoft Windows

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

FAME Automates Malware Evaluation

DFIRTrack - The Incident Response Tracking Application

A repository for using osquery for incident detection and response

Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads

Open source incident management and response platform.

Python script to decode common encoded PowerShell scripts

Invoke-LiveResponse

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

🔮 Visibility Across Space and Time

Detecting ATT&CK techniques & tactics for Linux

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions