dfir-iris / iris-web

Related projects ⓘ

Alternatives and complementary repositories for iris-web

• cyb3rfox / Aurora-Incident-Response
  Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
  ☆768Updated last year
• SecurityBrewery / catalyst
  ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident…
  ☆351Updated 2 weeks ago
• atc-project / atc-react
  A knowledge base of actionable Incident Response techniques
  ☆613Updated 2 years ago
• DFIRKuiper / Kuiper
  Digital Forensics Investigation Platform
  ☆769Updated last month
• V1D1AN / S1EM
  This project is a SIEM with SIRP and Threat Intel, all in one.
  ☆412Updated this week
• wagga40 / Zircolite
  A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
  ☆681Updated this week
• socfortress / Wazuh-Rules
  Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!
  ☆601Updated 2 months ago
• thalesgroup-cert / Watcher
  Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
  ☆865Updated 2 weeks ago
• TheHive-Project / Cortex
  Cortex: a Powerful Observable Analysis and Active Response Engine
  ☆1,346Updated 3 weeks ago
• splunk / security_content
  Splunk Security Content
  ☆1,295Updated this week
• mdecrevoisier / EVTX-to-MITRE-Attack
  Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
  ☆529Updated 2 months ago
• atc-project / atomic-threat-coverage
  Actionable analytics designed to combat threats
  ☆972Updated 2 years ago
• TonyPhipps / SIEM
  SIEM Tactics, Techiques, and Procedures
  ☆587Updated last month
• redcanaryco / invoke-atomicredteam
  Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red…
  ☆849Updated 3 weeks ago
• correlatedsecurity / Awesome-SOAR
  A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.
  ☆812Updated 2 months ago
• certsocietegenerale / IRM
  Incident Response Methodologies 2022
  ☆978Updated 9 months ago
• ScarredMonk / SysmonSimulator
  Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…
  ☆833Updated 2 years ago
• stuhli / awesome-event-ids
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆588Updated 5 months ago
• splunk / attack_data
  A repository of curated datasets from various attacks
  ☆588Updated this week
• elastic / detection-rules
  ☆1,970Updated this week
• dfirtrack / dfirtrack
  DFIRTrack - The Incident Response Tracking Application
  ☆482Updated 2 months ago
• guardsight / gsvsoc_cirt-playbook-battle-cards
  Cyber Incident Response Team Playbook Battle Cards
  ☆359Updated 6 months ago
• olafhartong / ThreatHunting
  A Splunk app mapped to MITRE ATT&CK to guide your threat hunts
  ☆1,139Updated last year
• Patrowl / PatrowlManager
  PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
  ☆625Updated this week
• rabobank-cdc / DeTTECT
  Detect Tactics, Techniques & Combat Threats
  ☆2,067Updated this week
• OpenCTI-Platform / connectors
  OpenCTI Connectors
  ☆384Updated this week
• FalconForceTeam / FalconFriday
  Hunting queries and detections
  ☆731Updated 2 months ago
• tclahr / uac
  UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of …
  ☆801Updated this week
• BlackPerl-DFIR / SOC-OpenSource
  This is a Project Designed for Security Analysts and all SOC audiences who wants to play with implementation and explore the Modern SOC a…
  ☆629Updated 2 months ago