ThreatResponse/aws_ir external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ThreatResponse/aws_ir

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ThreatResponse/aws_ir)

Close

ThreatResponse / aws_irView on GitHubMore

• External links
• Readme badge

Python installable command line utiltity for mitigation of host and key compromises.

☆346Jul 23, 2021Updated 4 years ago

Alternatives and similar repositories for aws_ir

Users that are interested in aws_ir are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• ThreatResponse / margaritashotgun

  View on GitHub
  Remote Memory Acquisition Tool
  ☆253Sep 22, 2020Updated 5 years ago
• ThreatResponse / aws_ir_plugins

  View on GitHub
  Core incident handling plugins for aws_ir cli, incident pony, and more.
  ☆21Jul 7, 2018Updated 7 years ago
• ThreatResponse / ThreatPrep

  View on GitHub
  Python module for evaluation of AWS account best practices around incident handling readieness.
  ☆55Jun 26, 2020Updated 5 years ago
• ThreatResponse / threatresponse_web

  View on GitHub
  Web based analysis platform for use with the AWS_IR command line tool.
  ☆17Aug 4, 2016Updated 9 years ago
• awslabs / aws-security-automation

  View on GitHub
  Collection of scripts and resources for DevSecOps and Automated Incident Response Security
  ☆634Jan 14, 2026Updated 2 months ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• ThreatResponse / mad-king

  View on GitHub
  Proof of Concept Zappa Based AWS Persistence and Attack Platform
  ☆40Jun 26, 2020Updated 5 years ago
• mozilla / ssm-acquire

  View on GitHub
  A python module for orchestrating content acquisitions and analysis via amazon ssm.
  ☆58Nov 2, 2023Updated 2 years ago
• willbengtson / trailblazer-aws

  View on GitHub
  Blazing CloudTrail since 2018
  ☆138Jan 27, 2019Updated 7 years ago
• dagrz / aws_pwn

  View on GitHub
  A collection of AWS penetration testing junk
  ☆1,223Aug 30, 2023Updated 2 years ago
• easttimor / aws-incident-response

  View on GitHub
  ☆375Feb 23, 2024Updated 2 years ago
• ReversecLabs / leonidas

  View on GitHub
  Automated Attack Simulation in the Cloud, complete with detection use cases.
  ☆611Nov 28, 2024Updated last year
• Netflix-Skunkworks / diffy

  View on GitHub
  (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR)…
  ☆631Jan 11, 2024Updated 2 years ago
• awslabs / aws-automated-incident-response-and-forensics

  View on GitHub
  ☆400Sep 25, 2023Updated 2 years ago
• Netflix-Skunkworks / cloudtrail-anomaly

  View on GitHub
  ☆83Dec 5, 2019Updated 6 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• andrewkrug / fargate-ir

  View on GitHub
  Proof of concept incident response demo using SSM and AWS Fargate.
  ☆14Dec 5, 2019Updated 6 years ago
• carnal0wnage / weirdAAL

  View on GitHub
  WeirdAAL (AWS Attack Library)
  ☆838Jan 13, 2025Updated last year
• DefensePointSecurity / threat_note

  View on GitHub
  DPS' Lightweight Investigation Notebook
  ☆433Dec 31, 2023Updated 2 years ago
• nccgroup / Scout2

  View on GitHub
  Security auditing tool for AWS environments
  ☆1,723Nov 28, 2018Updated 7 years ago
• philhagen / sof-elk

  View on GitHub
  Configuration files for the SOF-ELK VM
  ☆1,724Jan 21, 2026Updated 2 months ago
• dowjones / hammer

  View on GitHub
  Dow Jones Hammer : Protect the cloud with the power of the cloud(AWS)
  ☆448Jul 17, 2023Updated 2 years ago
• certsocietegenerale / FIR

  View on GitHub
  Fast Incident Response
  ☆2,002Updated this week
• duo-labs / cloudtracker

  View on GitHub
  CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
  ☆910Dec 17, 2021Updated 4 years ago
• Netflix / security_monkey

  View on GitHub
  Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.
  ☆4,370Feb 11, 2021Updated 5 years ago
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• opensourcesec / CIRTKit

  View on GitHub
  Tools for the Computer Incident Response Team
  ☆150Apr 17, 2017Updated 8 years ago
• awslabs / aws-cloudsaga

  View on GitHub
  AWS CloudSaga - Simulate security events in AWS
  ☆474Updated this week
• palantir / alerting-detection-strategy-framework

  View on GitHub
  A framework for developing alerting and detection strategies for incident response.
  ☆855Sep 8, 2025Updated 6 months ago
• Netflix / repokid

  View on GitHub
  AWS Least Privilege for Distributed, High-Velocity Deployment
  ☆1,148Nov 24, 2025Updated 4 months ago
• Netflix-Skunkworks / aws-metadata-proxy

  View on GitHub
  AWS Metadata Proxy for protection against SSRF
  ☆68Mar 3, 2020Updated 6 years ago
• amazon-archives / aws-security-benchmark

  View on GitHub
  Open source demos, concept and guidance related to the AWS CIS Foundation framework.
  ☆620Jan 16, 2020Updated 6 years ago
• toniblyx / aws-forensic-tools

  View on GitHub
  Tools for AWS forensics
  ☆65Mar 4, 2016Updated 10 years ago
• OTRF / ThreatHunter-Playbook

  View on GitHub
  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
  ☆4,508Jan 12, 2026Updated 2 months ago
• arkadiyt / aws_public_ips

  View on GitHub
  Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services
  ☆641Apr 29, 2021Updated 4 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• rams3sh / Aaia

  View on GitHub
  AWS Identity and Access Management Visualizer and Anomaly Finder
  ☆297Jan 23, 2026Updated 2 months ago
• SecurityFTW / cs-suite

  View on GitHub
  Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
  ☆1,167Dec 8, 2022Updated 3 years ago
• RhinoSecurityLabs / ccat

  View on GitHub
  Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.
  ☆646Nov 21, 2019Updated 6 years ago
• duo-labs / cloudmapper

  View on GitHub
  CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
  ☆6,276Jul 15, 2024Updated last year
• Netflix-Skunkworks / aardvark

  View on GitHub
  Aardvark is a multi-account AWS IAM Access Advisor API
  ☆483Oct 25, 2024Updated last year
• ThreatHuntingProject / ThreatHunting

  View on GitHub
  An informational repo about hunting for adversaries in your IT environment.
  ☆1,859Nov 17, 2021Updated 4 years ago
• duo-labs / cloudtrail-partitioner

  View on GitHub
  ☆159Jul 8, 2023Updated 2 years ago