incident-response

A curated list of Site Reliability and Production Engineering resources.

A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

A curated list of tools for incident response

Wazuh - The Open Source Security Platform

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

Digging Deeper....

Monzo's real-time incident response and reporting tool ⚡️

A list of cyber-chef recipes and curated links

Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

A collection of postmortem templates

Cortex: a Powerful Observable Analysis and Active Response Engine

GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

PagerDuty's Incident Response Documentation.

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines.

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.