Tools for the Computer Incident Response Team
☆150Apr 17, 2017Updated 8 years ago
Alternatives and similar repositories for CIRTKit
Users that are interested in CIRTKit are comparing it to the libraries listed below
Sorting:
- Multithreaded threat Intelligence gathering built with Python3☆178Jan 23, 2018Updated 8 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Carbonblack Live Response from the comfort of your own terminal☆20Jan 20, 2016Updated 10 years ago
- DPS' Lightweight Investigation Notebook☆433Dec 31, 2023Updated 2 years ago
- Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer☆41Jul 29, 2020Updated 5 years ago
- Incident Response Triage - Windows Evidence Collection for Forensic Analysis☆136Apr 21, 2016Updated 9 years ago
- Digital forensic acquisition tool for Windows based incident response.☆347May 7, 2024Updated last year
- DFIRTrack - The Incident Response Tracking Application☆532Jan 13, 2026Updated last month
- Cyber Intel Management☆51Jan 25, 2018Updated 8 years ago
- PowerShell No Agent Hunting☆111Apr 23, 2018Updated 7 years ago
- LNK to JSON☆14Mar 7, 2019Updated 6 years ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 6 years ago
- ThreatTracker is a Python script designed to monitor and generate alerts on given sets of indicators of compromise (IOCs) indexed by a se…☆70Mar 9, 2015Updated 10 years ago
- Python tool and library to help analyze files during malware triage and analysis.☆78Jul 2, 2020Updated 5 years ago
- A Python library for being a CND Batman....☆35Oct 29, 2015Updated 10 years ago
- Test Blue Team detections without running any attack.☆272May 2, 2024Updated last year
- Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident re…☆32Aug 29, 2016Updated 9 years ago
- CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across al…☆658Aug 19, 2019Updated 6 years ago
- Auxiliary scripts for Incident Response with ELK☆11Oct 7, 2015Updated 10 years ago
- Allows you to quickly query a Windows machine for RAM artifacts☆218Jul 17, 2020Updated 5 years ago
- CIF v3 -- the fastest way to consume threat intelligence☆184Apr 20, 2023Updated 2 years ago
- Invoke-LiveResponse☆150Feb 22, 2022Updated 4 years ago
- PyMal is a python based interactive Malware Analysis Framework. It is built on the top of three pure python programes Pefile, Pydbg and V…☆44Jul 10, 2016Updated 9 years ago
- A modular Python application to pull intelligence about malicious files☆123Dec 4, 2020Updated 5 years ago
- Some IR notes☆73Jul 23, 2016Updated 9 years ago
- A modular Python application to collect intelligence for malicious hosts.☆274Apr 13, 2021Updated 4 years ago
- Query and report user logons relations from MS Windows Security Events☆243Aug 9, 2018Updated 7 years ago
- "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security …☆1,036May 27, 2020Updated 5 years ago
- VolatilityBot – An automated memory analyzer for malware samples and memory dumps☆270Jun 15, 2021Updated 4 years ago
- Dump of organized knowledge on DFIR☆138Oct 4, 2021Updated 4 years ago
- ReviveIT (revit) is a proof of concept file recovery tool (carver)☆13Dec 3, 2020Updated 5 years ago
- Signature engine for all your logs☆172Nov 13, 2023Updated 2 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Feb 20, 2020Updated 6 years ago
- Fix acquired .evt - Windows Event Log files (Forensics)☆18Mar 29, 2016Updated 9 years ago
- AMIRA: Automated Malware Incident Response & Analysis☆151Feb 3, 2026Updated 3 weeks ago
- Python module for evaluation of AWS account best practices around incident handling readieness.☆55Jun 26, 2020Updated 5 years ago
- Automated handling of data feeds for security teams☆147Dec 31, 2025Updated 2 months ago
- Swordphish Phishing Awareness Tool☆225Sep 22, 2024Updated last year
- "Evolving AppCompat/AmCache data analysis beyond grep"☆209Sep 15, 2021Updated 4 years ago