Repository navigation
incident-response-tooling
- Website
- Wikipedia
A curated list of tools for incident response
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
DFIRTrack - The Incident Response Tracking Application
AWS CloudSaga - Simulate security events in AWS
A simple-to-use IR (incident response) case management tool for tracking and documenting investigations.
AHA is an incident management & communication framework to provide real-time alert customers when there are active AWS event(s). For customers with AWS Organizations, customers can get aggregated active account level events of all the accounts in the Organization. Customers not using AWS Organizations still benefit alerting at the account level.
Open-source AI copilot that lets you chat with your observability data and code 🧙♂️
RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.
A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️
A curated list of tools for incident response. With repository stars⭐ and forks🍴
Forensic toolkit for iOS sysdiagnose feature
Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes.
Shodan Monitoring integration for TheHive.
PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.
Linux Incident Response Reporting
The DNA test for websites
A collection of awesome tools, software, libraries, learning tutorials & videos, frameworks, best practices and technical resources about Incident Response & Management in Cybersecurity
CLI program for automating the setup, configuration, and use of cybersecurity solutions