magoo / Vault-for-Incident-Responders
Things to know when DFIR occurs near a vault deployment.
☆43Updated 6 years ago
Alternatives and similar repositories for Vault-for-Incident-Responders:
Users that are interested in Vault-for-Incident-Responders are comparing it to the libraries listed below
- Python module for evaluation of AWS account best practices around incident handling readieness.☆55Updated 4 years ago
- first commit☆20Updated last year
- Osquery Mangement Server☆114Updated 4 years ago
- Exfiltrate files via DNS☆96Updated 11 years ago
- Web based analysis platform for use with the AWS_IR command line tool.☆17Updated 8 years ago
- Homographs: brutefind homographs within a font☆18Updated 8 years ago
- Core incident handling plugins for aws_ir cli, incident pony, and more.☆21Updated 6 years ago
- Duo MFA auditing tool to test users' likelihood of approving unexpected push notifications☆13Updated 7 years ago
- threat-intelligence.eu website and repository of information about open standards, documents, methodologies and processes in threat intel…☆48Updated 2 years ago
- Launchd daemon that reports major OSX modifications through growl☆16Updated 10 years ago
- Find ssh keys with no passwords and try them against a bunch of hosts.☆46Updated 9 years ago
- It's like a polaroid, but for domains☆24Updated 10 years ago
- Materials for the BSides NoVA/Charleston 2018 Bro Workshop☆14Updated last month
- A Terraform module for GRR: the distributed incident forensics and response framework☆51Updated 4 years ago
- module for osquery to load Bro logs into tables☆28Updated 9 years ago
- Bringing DevOps to Forensics☆34Updated 10 years ago
- Proof of Concept Zappa Based AWS Persistence and Attack Platform☆39Updated 4 years ago
- Traceroute improved wrapper for CSIRT and CERT operators☆38Updated 6 months ago
- Honeypot log processor to create OTX Pulse entries☆28Updated last year
- pollen - A command-line tool for interacting with TheHive☆35Updated 5 years ago
- Salesforce Policy Deviation Checker☆30Updated 4 years ago
- A packer utility to create and capture DFIR Image for use AWS & Azure☆15Updated 5 years ago
- Repository for Security Workshop content☆20Updated 7 years ago
- An active domain name query tool to help keep track of domain name movements...☆15Updated 4 years ago
- Bro/Zeek integration with osquery☆94Updated 4 years ago
- Looks for GitHub org users without 2FA turned on☆9Updated 8 years ago
- Repository for Endpoint Security Testing☆35Updated 6 years ago
- Python bindings for Yeti's API☆18Updated last year
- [DEPRECATED] A quickstart demo for Kolide tools☆52Updated 6 years ago
- Paper and Links to Crimeware in the Modern Era☆31Updated 5 years ago