aws-samples / jupyter-notebook-for-incident-responseView external linksLinks
A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incident responders in identifying, containing, eradicating, and recovering from an incident.
☆152Nov 15, 2023Updated 2 years ago
Alternatives and similar repositories for jupyter-notebook-for-incident-response
Users that are interested in jupyter-notebook-for-incident-response are comparing it to the libraries listed below
Sorting:
- ☆401Sep 25, 2023Updated 2 years ago
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆198Jan 6, 2026Updated last month
- Active C&C Detector☆155Oct 5, 2023Updated 2 years ago
- This is a collection of threat detection rules / rules engines that I have come across.☆296May 5, 2024Updated last year
- This repository provide a json file for all Windows security Event IDs with lot of useful informations (Categories, GPO, Volume, Recomman…☆11Mar 2, 2023Updated 2 years ago
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77May 21, 2024Updated last year
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆127Dec 5, 2023Updated 2 years ago
- Convert cloudtrail data to MITRE ATT&CK Sightings☆82Jul 25, 2022Updated 3 years ago
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆289Feb 5, 2024Updated 2 years ago
- Practical Windows Forensics Training☆740Updated this week
- A PowerShell script that checks for dangerous ACLs on system hives and shadows☆28Jul 21, 2021Updated 4 years ago
- ☆14Aug 21, 2022Updated 3 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆207Jul 21, 2022Updated 3 years ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆117Nov 28, 2023Updated 2 years ago
- A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!☆17Aug 31, 2024Updated last year
- This repository provides sample templates for security playbooks against various scenarios when using Amazon Web Services.☆648Updated this week
- ☆50Jan 30, 2026Updated 2 weeks ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆633Aug 4, 2025Updated 6 months ago
- cloudgrep is grep for cloud storage☆326Feb 26, 2025Updated 11 months ago
- Summaries, transcripts, key points, and other useful insights from fwd:cloudsec 2025 talks for those of us who don't have time to watch e…☆85Jul 4, 2025Updated 7 months ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆645Nov 7, 2025Updated 3 months ago
- Network sinkhole for isolated malware analysis☆40Mar 5, 2018Updated 7 years ago
- Documentation and scripts to properly enable Windows event logs.☆672Oct 3, 2025Updated 4 months ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆960Oct 5, 2023Updated 2 years ago
- ☆1,049Aug 22, 2025Updated 5 months ago
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,204Dec 29, 2025Updated last month
- A tool to modify timestamps in a packet capture to a user selected date☆31Aug 11, 2021Updated 4 years ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆101Jan 12, 2024Updated 2 years ago
- practical toolkit for cybersecurity and IT professionals. It features a detailed Linux cheatsheet for incident response☆408Dec 29, 2023Updated 2 years ago
- A collection of companies that disclose adversary TTPs after they have been breached☆289Nov 11, 2025Updated 3 months ago
- ��☆22Jan 31, 2023Updated 3 years ago
- Granular, Actionable Adversary Emulation for the Cloud☆2,252Feb 6, 2026Updated last week
- Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant.☆132Updated this week
- Repository of attack and defensive information for Business Email Compromise investigations☆275May 10, 2025Updated 9 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆162Apr 6, 2025Updated 10 months ago
- Collection of Jupyter Notebooks by @fr0gger_☆191Dec 16, 2025Updated 2 months ago
- Threat Box Assessment Tool☆19Aug 15, 2021Updated 4 years ago
- A community event for security researchers to share their favorite notebooks☆108Feb 15, 2024Updated 2 years ago