magoo / Vault-for-Incident-RespondersLinks
Things to know when DFIR occurs near a vault deployment.
☆43Updated 7 years ago
Alternatives and similar repositories for Vault-for-Incident-Responders
Users that are interested in Vault-for-Incident-Responders are comparing it to the libraries listed below
Sorting:
- Provide a shell like interface by utilizing osquery's distributed API☆81Updated 5 years ago
- Python module for evaluation of AWS account best practices around incident handling readieness.☆55Updated 5 years ago
- Materials for the BSides NoVA/Charleston 2018 Bro Workshop☆14Updated 2 months ago
- Exfiltrate files via DNS☆95Updated 11 years ago
- first commit☆20Updated last year
- Web based analysis platform for use with the AWS_IR command line tool.☆17Updated 9 years ago
- Osquery Mangement Server☆115Updated 5 years ago
- Core incident handling plugins for aws_ir cli, incident pony, and more.☆21Updated 7 years ago
- SANS Hunting on the Cheap☆35Updated 9 years ago
- Basic Anomaly IDS capabilities with Python and Bro☆105Updated 7 years ago
- Bro/Zeek integration with osquery☆94Updated 4 years ago
- A Terraform module for GRR: the distributed incident forensics and response framework☆51Updated 5 years ago
- Proof of Concept Zappa Based AWS Persistence and Attack Platform☆39Updated 5 years ago
- Paper and Links to Crimeware in the Modern Era☆31Updated 5 years ago
- Security Onion Elastic Stack☆46Updated 4 years ago
- Competition Infrastructure Management☆86Updated 3 years ago
- This repository is a curated list of pro bono incident response entities.☆21Updated 2 years ago
- Using osquery for Mass Incident Detection & Response☆19Updated 9 years ago
- 1-Click push forensics evidence to the cloud☆141Updated last year
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- Indicator Extractor☆140Updated 7 years ago
- Collection of Auditd Examples and Presentations☆85Updated 4 years ago
- A packer utility to create and capture DFIR Image for use AWS & Azure☆15Updated 5 years ago
- Dockerfiles for NSM tools☆84Updated 8 years ago
- threat-intelligence.eu website and repository of information about open standards, documents, methodologies and processes in threat intel…☆48Updated 3 years ago
- Honeypot log processor to create OTX Pulse entries☆28Updated last year
- A RESTful API frontend for Stenographer☆54Updated 2 years ago
- module for osquery to load Bro logs into tables☆28Updated 10 years ago
- Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.☆141Updated 2 years ago
- Monitoring tool for PasteBin-alike sites written in Python. Inspired by pastemon http://github.com/xme/pastemon☆44Updated 4 years ago