Dfir

16 projects

Showing 16 of 16 projects

Awesome Incident Response

A curated list of tools and resources for digital forensics and incident response (DFIR) teams.

#digital-forensics#incident-response-tooling#awesome-list

Stars9.0k

Forks1.7k

Last commit1 year ago

Incident Response

A curated list of tools and resources for digital forensics and incident response (DFIR) teams.

#digital-forensics#security-automation#incident-response-tooling

Stars9.0k

Forks1.7k

Last commit1 year ago

Forensics

A curated list of awesome free (mostly open source) forensic analysis tools and resources for digital investigations.

#digital-forensics#open-source#ctf-challenges

Stars5.0k

Forks733

Last commit12 days ago

Awesome Forensics

A curated list of awesome free forensic analysis tools, resources, and learning materials for digital investigators.

#digital-forensics#open-source#ctf-challenges

Stars5.0k

Forks733

Last commit12 days ago

ThreatHunter-PlaybookPython

A community-driven open-source project that structures threat hunting workflows using MITRE ATT&CK, Jupyter notebooks, and AI-augmented planning.

#hunting-framework#mitre#community-driven

A simple IOC and YARA scanner for detecting malware and security threats via file names, hashes, YARA rules, and C2 connections.

#signature#hash#yara-rules

Stars3.7k

Forks622

Last commit3 months ago

ChainsawRust

A fast, standalone tool for rapid threat hunting and forensic analysis of Windows event logs and other forensic artefacts.

#digital-forensics#sigma-rules#forensic-timeline

Stars3.5k

Forks296

Last commit23 days ago

TimesketchPython

An open-source tool for collaborative forensic timeline analysis, enabling teams to organize, annotate, and investigate timelines together.

#digital-forensics#timeline#open-source

Stars3.3k

Forks651

Last commit2 days ago

LogonTracerPython

A security tool that visualizes and analyzes Windows Active Directory event logs to investigate malicious logon activity.

#python-3#security-investigation#windows-event-log

Stars3.2k

Forks486

Last commit2 days ago

Security Onion

A Linux distribution for threat hunting, enterprise security monitoring, and log management.

#enterprise-security#siem#ids

Stars3.1k

Forks521

Last commit5 years ago

HayabusaRust

A Sigma-based threat hunting and fast forensics timeline generator for Windows event logs, written in Rust.

#digital-forensics#threat#sigma-rules

Stars3.1k

Forks263

Last commit1 day ago

sysmon-modularPowerShell

A modular repository of Sysmon configuration modules for customizable endpoint detection and logging.

#modular#windows-security#endpoint-detection

Stars3.0k

Forks644

Last commit1 year ago

Windows Events Attack SamplesHTML

A collection of 200 Windows EVTX event log samples mapped to MITRE ATT&CK techniques for detection testing and threat hunting.

#digital-forensics#security-training#windows-security

A forensics intelligence platform that bridges CTI and DFIR by storing threat intelligence and enabling bulk observable searches and threat-focused analysis.

#digital-forensics#enrichment#dfir-automation

Stars2.0k

Forks316

Last commit10 days ago

APT Notes

A repository of publicly-available reports and blogs on APT (Advanced Persistent Threat) campaigns, activity, and software, organized by year.

#security-reports#data-repository#apt-research

Stars1.8k

Forks292

Last commit1 year ago

KQL Advanced Hunting Queries & Analytics RulesPython

A collection of ready-to-use KQL queries for threat hunting, detection, and analytics in Microsoft Defender for Endpoint and Azure Sentinel.

#azure-sentinel#security-analytics#vulnerability-management

Stars1.7k

Forks321

Last commit

Related Tags

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub