Incident Response
Showing 32 of 176 projects
A Python script that uses Volatility to analyze malware memory footprints by comparing Windows memory images before and after infection.
A Ruby framework for automated malware and botnet analysis using sandboxed virtual machines and network traffic dissection.
A scripting framework for standardizing and automating Windows live forensic artifact acquisition using common utilities.
A Python tool for offline detection of Windows persistence mechanisms in forensic collections like KAPE dumps or mounted disk images.
A curated collection of information and tools for detecting, analyzing, and hunting malware persistence mechanisms across operating systems.
An Active Defense PowerShell framework for detecting and responding to phishing attacks in Office 365 environments.
A simple, self-contained modular host-based IOC scanner built around the YARA pattern matching engine.
A live forensics tool for Linux that collects system artifacts and logs them to CSV files for compromise detection.
A command-line tool for parsing, searching, and analyzing Windows Registry hives with batch processing and forensic capabilities.
A curated list of security card games and tabletop exercises for training and discussion.
A framework for analyzing and defending against supply chain attacks targeting Software Development Lifecycle infrastructure.
An open-source malware analysis pipeline system that automates sample collection, processing, and JSON-based artifact storage.
An autonomous open-source security agent for Linux that detects, scores, and automatically responds to threats using eBPF, AI, and collaborative defense.
A unified console for digital forensics and incident response (DFIR) built on the Viper Framework.
A unified console for digital forensics and incident response built on the Viper Framework.
A PowerShell-based live response and forensic collection tool for targeted incident response on Windows systems.
Outlook add-in that enables users to report suspicious emails to security teams with one click.
A modular Python tool that collects threat intelligence from multiple sources for files identified by their hash.
A tool to quickly gather forensic artifacts from disk images or live systems into lightweight containers for digital forensic triage.
An open-source repository of cybersecurity detection rules and threat identifiers for security teams to enhance threat detection capabilities.
A command-line tool for digital forensics that checks file MD5 hashes against the NSRL Reference Data Set to identify known software files.
A modular malware and IOC ingestion framework that collects, enriches, and exports threat intelligence from multiple feeds.
A honeypot that emulates USB storage devices to detect and capture malware that spreads via USB propagation.
A PowerShell tool for auditing and configuring Windows event log settings to improve security visibility and detection capabilities.
A toolkit for analyzing credential phishing sites by automating screenshot capture, file scraping, form interaction, and PDF URL extraction.
A tool for Exchange administrators to detect malicious client-side rules, VBScript forms, and custom homepages used in attacks.
A knowledge base documenting digital forensics artifacts to help investigators understand evidence sources and their forensic significance.
Analyzes web traffic via Squid proxy to detect command and control servers and malicious sites using Spamhaus data.
A collection of Splunk SPL queries for detecting vulnerability exploits, malware, and MITRE ATT&CK TTPs in security logs.
A Heroku-based web honeypot for creating and monitoring fake HTTP endpoints (honeytokens) to detect attackers and malicious activity.
A security incident response card game that trains defenders through fictional scenarios and activity-based gameplay.
A modular web application honeypot framework written in Go and Gin for detecting web attacks through deceptive applications.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.