hslatman / awesome-incident-response
A curated list of tools for incident response
☆19Updated 5 years ago
Alternatives and similar repositories for awesome-incident-response:
Users that are interested in awesome-incident-response are comparing it to the libraries listed below
- A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.☆25Updated 8 years ago
- A collection of tools developed by other researchers in the Computer Science area to process network traces. All the right reserved for t…☆15Updated 8 years ago
- Knowledge base of analytics designed to cover threats based on MITRE's ATT&CK.☆22Updated 6 years ago
- ☆30Updated 6 years ago
- A curated list of awesome threat detection and hunting resources☆11Updated 7 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Updated 9 years ago
- A curated list of awesome social engineering resources.☆16Updated 7 years ago
- Use DNS to hunt for threats including DGAs☆15Updated 9 years ago
- Indices for courses in SANS' Network Security Operations curriculum☆15Updated 9 years ago
- A curated list of resources (books, tutorials, courses, tools and vulnerable applications) for learning about Exploit Development☆13Updated 7 years ago
- A set of templates for documenting threat intelligence☆74Updated 12 years ago
- Expert Investigation Guides☆51Updated 4 years ago
- mindmap created for tools can be used during analysis/investigation☆27Updated 8 years ago
- An informational repo about hunting for adversaries in your IT environment.☆14Updated 8 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.☆14Updated 6 years ago
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Updated 7 years ago
- Fast incident overview☆39Updated 8 years ago
- Slides and Other Resources from my latest Talks and Presentations☆24Updated 4 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year
- A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).☆17Updated 6 years ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Updated 7 years ago
- A simple many-rules to many-files YARA scanner for incident response or malware zoos.☆26Updated 6 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Updated 6 years ago
- Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.☆21Updated 6 years ago
- irCRpull is a PowerShell script utilized to pull several system artifacts, utilizing the free tool CrowdResponse, from a live Win7+ syste…☆14Updated 10 years ago
- Mass Triage Tools☆20Updated 2 months ago
- Site for IWS book content☆18Updated 6 years ago
- Web based analysis platform for use with the AWS_IR command line tool.☆17Updated 8 years ago
- 🚗 A curated list of resources for learning about vehicle security and car hacking☆14Updated 3 years ago
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Updated 7 years ago