sysmon-config by SwiftOnSecurity

Sysmon configuration file template with default high-quality event tracing

created at Feb. 1, 2017, 6:49 p.m.

356 +0

4,572 +6

1,670 +2

awesome-forensics by cugu

A curated list of awesome forensic analysis tools and resources

created at March 29, 2016, 8:54 p.m.

167 +0

3,580 +9

593 +1

security-onion by Security-Onion-Solutions

Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management

created at March 24, 2015, 8:15 p.m.

302 +0

3,056 -1

518 +0

RedHunt-OS by redhuntlabs

Virtual Machine for Adversary Emulation and Threat Hunting

created at March 14, 2018, 7:31 p.m.

85 +0

1,194 -1

182 +0

IRM by certsocietegenerale

Incident Response Methodologies 2022

created at Feb. 29, 2016, 8:52 a.m.

42 +0

880 +2

135 -1

dissect by fox-it

Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (part of NCC Group).

created at July 21, 2022, 8:26 a.m.

18 +0

855 +5

59 +1

security-apis by deralexxx

A collective list of public APIs for use in security. Contributions welcome

created at Jan. 9, 2018, 7:58 p.m.

59 +0

841 +4

129 +1

awesome-event-ids by stuhli

Collection of Event ID ressources useful for Digital Forensics and Incident Response

created at Sept. 22, 2021, 3:36 p.m.

24 +0

539 -2

83 +0

gsvsoc_cirt-playbook-battle-cards by guardsight

Cyber Incident Response Team Playbook Battle Cards

created at Oct. 27, 2019, 4:28 a.m.

16 +0

333 +3

58 +0

traceroute-circl by CIRCL

Traceroute improved wrapper for CSIRT and CERT operators

created at Dec. 5, 2010, 3:08 p.m.

16 +0

36 +0

9 +0