A curated list of tools for incident response
-
Updated
Jul 17, 2018
A curated list of tools for incident response
Get to the root cause of an issue, learn from it, and make sure it doesn’t happen again.
Incident management chatbot for DevOps
Cortex-Analyzers Modified - SecTeam/CERT/SOC Security orchestration tools on steroids
QRadar to Redmine(as Ticketing System) Integration with API CALLS written in Python
Yara rules
This repository allows you to create a basic incident response IVR on Twilio.
Powershell script to check log files for Log4Shell exploitation
Tool to try to retrieve the java class used as dropper for the RCE in the context of log4shell vulnerability.
Volatility MindMap & Cheat Sheet
Sample webservice illustrating the 2 endpoints needed to dynamically hook into iLert alert actions.
FIRST.org Incident Response teams' contact information scraper
Mergen is a project that facilitates the analysis of traffic by logging incoming web traffics to ASP.NET applications broadcasting with Microsoft IIS (Internet Information Services) service.
Live system forensic collector
Shodan Monitoring integration for TheHive.
Incident Response in AWS with Alexa
This is the workbench for designing and updating the "security-playbook" object template for the MISP project - https://github.com/MISP/misp-objects/blob/main/objects/security-playbook/definition.json
Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
Introduction to SOC and related terminologies.
Add a description, image, and links to the incident-response-tooling topic page so that developers can more easily learn about it.
To associate your repository with the incident-response-tooling topic, visit your repo's landing page and select "manage topics."