AnttiKurittu / incident-report-template
Generic DFIR report template
☆26Updated 3 months ago
Alternatives and similar repositories for incident-report-template:
Users that are interested in incident-report-template are comparing it to the libraries listed below
- A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incide…☆147Updated last year
- A tool that allows you to document and assess any security automation in your SOC☆46Updated 5 months ago
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆72Updated last week
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆101Updated 5 months ago
- Security Scripts and Sources for daily usage.☆56Updated 2 weeks ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆85Updated 5 months ago
- ☆117Updated last year
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆51Updated 5 months ago
- A collection of various SIEM rules relating to malware family groups.☆65Updated 9 months ago
- Anvilogic Forge☆95Updated last week
- LotL RMM☆152Updated last week
- Welcome to the Cloud Security Toolkit repository, your all-in-one destination for cutting-edge cloud security resources! Whether you're d…☆22Updated last week
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆70Updated 10 months ago
- MISP Playbooks☆189Updated last month
- pocket guide for core detection engineering concepts☆28Updated last year
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆161Updated last month
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆91Updated last year
- A preconfigured Velociraptor triage collector☆46Updated last week
- A collection of companies that disclose adversary TTPs after they have been breached☆244Updated 11 months ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆118Updated last year
- ☆29Updated 3 weeks ago
- ☆87Updated last month
- Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leve…☆27Updated 6 months ago
- Mapping of open-source detection rules and atomic tests.☆159Updated 2 months ago
- MISP to Sentinel integration☆63Updated this week
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆87Updated last year
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆37Updated 2 weeks ago
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆187Updated 6 months ago
- Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.☆51Updated 2 months ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals (not systemd-journald), generates…☆60Updated last week