incident-response

The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters. Inspired by Wireshark, purposely built for Kubernetes

Updated May 23, 2024
Go

sleuthkit / sleuthkit

Star

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

incident-response forensics ntfs sleuthkit tct

Updated May 23, 2024
C

dfir-iris / iris-web

Sponsor

Star

Collaborative Incident Response platform

python incident-response digital-forensics forensic-analysis forensic csirt-tooling digital-forensics-incident-response forensic-tools

Updated May 23, 2024
JavaScript

topotal / waroom-roadmap

Star

This is the public roadmap for Waroom. We hope that by publishing the features we will add and their priorities, it will help you in your future planning. Customers can send feedback and inquiries through this repository.

incident-response incident incident-management waroom

Updated May 23, 2024

thalesgroup-cert / Watcher

Star

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

Updated May 23, 2024
Python

adrianlois / DFIR-Detection-Engineering

Star

Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores maliciosos para la evasión de sistemas de protección y monitorización.

windows linux security incident-response tips tricks malware forensics dfir cybersecurity macosx digital-forensics artefacts forense detection-engineering deteccion artefactos evidencias anti-forense

Updated May 23, 2024

Yamato-Security / hayabusa

Star

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Updated May 23, 2024
Rust

Admyral-Security / admyral

Star

🤖 Cybersecurity Automation & Investigation Assistant

Updated May 23, 2024
TypeScript

tenzir / tenzir

Sponsor

Star

Open source security data pipelines.

security netflow pcap incident-response pipelines dataops suricata siem sigma soc zeek investigation threathunting secdataops

Updated May 23, 2024
C++

intelowlproject / IntelOwl

Sponsor

Star

IntelOwl: manage your Threat Intelligence at scale

Updated May 23, 2024
Python

evild3ad / Microsoft-Analyzer-Suite

Star

A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID

powershell incident-response azure-active-directory microsoft-graph microsoft-365 microsoft-entra

Updated May 23, 2024
PowerShell

puffyCid / artemis

Star

A cross platform forensic parser written in Rust!

rust incident-response dfir digital-forensics

Updated May 23, 2024
Rust

tclahr / uac

Star

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.