teamdfir / sift-packer-legacyLinks
Packer.io Scripts to build the SIFT VM(s)
☆11Updated 5 years ago
Alternatives and similar repositories for sift-packer-legacy
Users that are interested in sift-packer-legacy are comparing it to the libraries listed below
Sorting:
- Core incident handling plugins for aws_ir cli, incident pony, and more.☆21Updated 7 years ago
- Dockerfiles for containerized osquery☆13Updated 8 years ago
- ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing☆54Updated last week
- Tools for AWS forensics☆63Updated 9 years ago
- A platform to create, catalog and deploy tests for tools such as Gauntlt, AttackIQ and Metasploit.☆16Updated 9 years ago
- Python module for evaluation of AWS account best practices around incident handling readieness.☆55Updated 5 years ago
- Docker files for Security Onion☆42Updated 4 years ago
- A Lambda-powered Security Orchestration framework for AWS GuardDuty☆53Updated 5 years ago
- This script is used to generate some basic detections of the aws security services☆71Updated 3 years ago
- DEPRECATED: A set of utilities for converting and working with compliance data for viewing in the heimdall applications☆35Updated 3 years ago
- Pre-configured environment that supports the development and running of OpenDXL solutions☆13Updated 4 years ago
- Build Automated Machine Images for MISP☆29Updated 2 years ago
- generate lookalike domains using a few simple techniques (homoglyphs, alt TLDs, prefix/suffix)☆33Updated last year
- Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!☆18Updated 11 years ago
- Proof of concept incident response demo using SSM and AWS Fargate.☆14Updated 5 years ago
- Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, S…☆16Updated 4 years ago
- Automation of VPC Traffic Mirror Sessions in AWS☆35Updated 10 months ago
- A collection of notebooks built for defensive and offensive operations.☆77Updated 4 years ago
- Leverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.☆95Updated last year
- Maltego entity pack encompassing the entire STIX 1.2 data model and a targeted subset of the CybOX 2.1 data model☆11Updated 9 years ago
- Install and configure user mode auditd tools☆34Updated 2 years ago
- [DEPRECATED] A quickstart demo for Kolide tools☆52Updated 7 years ago
- A simple Docker container that serves the MITRE ATT&CK Navigator web app☆27Updated 2 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Updated 5 years ago
- ☆25Updated 6 years ago
- Finding Valuable Needles in Global Source Code Haystacks with Automation☆17Updated 4 years ago
- Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility.☆32Updated 2 years ago
- Things to know when DFIR occurs near a vault deployment.☆43Updated 7 years ago
- Decision trees generated via Graphviz to inform pragmatic threat modelling.☆11Updated 4 years ago
- AWS managed IAM policies☆16Updated 3 years ago