Incident Response
Showing 18 of 54 projects
A powerful, easily deployable network traffic analysis tool suite for PCAP files, Zeek logs, and Suricata alerts.
A PowerShell module for Blue Teams, Incident Responders, and System Administrators to hunt persistence techniques implanted in Windows machines.
A Python-based engine for automatic creation of super timelines from computer system logs and files for digital forensic analysis.
An agile cybersecurity incident management platform for tracking, reporting, and responding to security incidents.
An agile cybersecurity incident management platform for tracking, reporting, and responding to security incidents.
An open-source memory forensic framework for extracting and analyzing digital artifacts from Windows, Linux, and OSX memory images.
A Loadable Kernel Module (LKM) for acquiring volatile memory from Linux and Android devices, supporting local disk or network output.
A forensics intelligence platform that bridges CTI and DFIR by storing threat intelligence and enabling bulk observable searches and threat-focused analysis.
A forensic evidence collection and analysis toolkit for macOS, gathering system data to investigate potential infections.
A forensic evidence collection and analysis toolkit for macOS, gathering system data to detect and investigate malware infections.
A high-performance packet capture solution that buffers all network traffic to disk for fast retrieval of specific subsets.
A Python tool that generates YARA rules for malware detection by filtering out strings and opcodes that appear in goodware.
A repository of publicly-available reports and blogs on APT (Advanced Persistent Threat) campaigns, activity, and software, organized by year.
A collection of ready-to-use KQL queries for threat hunting, detection, and analytics in Microsoft Defender for Endpoint and Azure Sentinel.
A modular PowerShell framework for enterprise incident response and breach hunting using remote data collection.
A modular PowerShell framework for enterprise incident response and breach hunting using remote data collection.
A collection of real-world malware samples, analysis exercises, and training resources for cybersecurity education and research.
An open-source repository of security detections, analytic stories, and response playbooks mapped to MITRE ATT&CK for Splunk Enterprise Security.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.