(DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.
☆631Jan 11, 2024Updated 2 years ago
Alternatives and similar repositories for diffy
Users that are interested in diffy are comparing it to the libraries listed below
Sorting:
- Marking instances dirty since 2018☆47Apr 25, 2019Updated 6 years ago
- AWS Least Privilege for Distributed, High-Velocity Deployment☆1,148Nov 24, 2025Updated 3 months ago
- Proof of concept incident response demo using SSM and AWS Fargate.☆14Dec 5, 2019Updated 6 years ago
- Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.☆4,369Feb 11, 2021Updated 5 years ago
- Automation and Scaling of Digital Forensics Tools☆787Updated this week
- Python installable command line utiltity for mitigation of host and key compromises.☆347Jul 23, 2021Updated 4 years ago
- BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.☆1,445Dec 12, 2023Updated 2 years ago
- Remote Memory Acquisition Tool☆253Sep 22, 2020Updated 5 years ago
- Aardvark is a multi-account AWS IAM Access Advisor API☆483Oct 25, 2024Updated last year
- CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.☆908Dec 17, 2021Updated 4 years ago
- Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.☆1,340Dec 13, 2022Updated 3 years ago
- ☆83Dec 5, 2019Updated 6 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,501Jan 12, 2026Updated 2 months ago
- GRR Rapid Response: remote live forensics for incident response☆5,046Feb 16, 2026Updated last month
- Collaborative forensic timeline analysis☆3,290Updated this week
- DFIRTrack - The Incident Response Tracking Application☆534Jan 13, 2026Updated 2 months ago
- An information security preparedness tool to do adversarial simulation.☆1,137Apr 1, 2019Updated 6 years ago
- A Linux Auditd rule set mapped to MITRE's Attack Framework☆822Jul 8, 2020Updated 5 years ago
- A desktop application that checks security-related settings and makes recommendations for improvements without requiring central device m…☆464Sep 6, 2023Updated 2 years ago
- List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.☆9,414Oct 16, 2025Updated 5 months ago
- PowerForensics provides an all in one platform for live disk forensic analysis☆1,427Nov 16, 2023Updated 2 years ago
- ☆159Jul 8, 2023Updated 2 years ago
- Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powere…☆3,760Mar 14, 2026Updated last week
- ☆375Feb 23, 2024Updated 2 years ago
- Fast Incident Response☆1,999Mar 5, 2026Updated 2 weeks ago
- Enforce ownership and data security within AWS☆446Oct 7, 2020Updated 5 years ago
- StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environme…☆2,886Oct 23, 2023Updated 2 years ago
- CloudMapper helps you analyze your Amazon Web Services (AWS) environments.☆6,273Jul 15, 2024Updated last year
- Forensics acquisition framework designed to be extensible and secure☆125Jun 21, 2019Updated 6 years ago
- A repository for using osquery for incident detection and response☆882Sep 8, 2025Updated 6 months ago
- Your Everyday Threat Intelligence☆1,959Updated this week
- Parse and Process AWS IAM Policies, Statements, ARNs, and wildcards.☆447Jun 21, 2024Updated last year
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆608Nov 28, 2024Updated last year
- AWS IAM linting library☆1,111Jan 7, 2026Updated 2 months ago
- Collection of scripts and resources for DevSecOps and Automated Incident Response Security☆635Jan 14, 2026Updated 2 months ago
- Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)☆448Jul 17, 2023Updated 2 years ago
- TheHive is a Collaborative Case Management Platform, now distributed as a commercial version☆3,895Jul 25, 2025Updated 7 months ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆5,097Updated this week
- A tool for quickly evaluating IAM permissions in AWS.☆1,544Aug 2, 2024Updated last year