PowerGRR by swisscom

PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.

updated at Aug. 26, 2023, 6:23 p.m.

21 +0

56 +0

7 +0

mutablesecurity by MutableSecurity

CLI program for automating the setup, configuration, and use of cybersecurity solutions

updated at Aug. 23, 2024, 2:58 p.m.

1 +0

43 +0

7 +0

evolve by JamesHabben

Web interface for the Volatility Memory Forensics Framework

updated at Aug. 24, 2024, 4:08 p.m.

38 +0

259 +0

42 +0

pyarascanner by nogoodconfig

A simple many-rules to many-files YARA scanner for incident response or malware zoos.

updated at Aug. 24, 2024, 4:20 p.m.

3 +0

26 +0

4 +0

Invoke-LiveResponse by mgreen27

Invoke-LiveResponse

updated at Aug. 24, 2024, 4:40 p.m.

13 +0

145 +0

29 +0

Panorama by AlmCo

Fast incident overview

updated at Aug. 24, 2024, 4:57 p.m.

3 +0

39 +0

7 +0

AutoTTP by jymcheong

Automated Tactics Techniques & Procedures

updated at Sept. 9, 2024, 2:37 a.m.

24 +0

251 +0

64 +0

PowerSponse by swisscom

PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.

updated at Sept. 10, 2024, 5:40 a.m.

16 +0

38 +0

6 +0

VolatilityBot by mkorman90

VolatilityBot – An automated memory analyzer for malware samples and memory dumps

updated at Sept. 15, 2024, 8:26 p.m.

27 +0

263 +0

59 +0

IRTriage by AJMartel

Incident Response Triage - Windows Evidence Collection for Forensic Analysis

updated at Sept. 24, 2024, 5:50 p.m.

17 +0

130 +0

23 +0

AChoir by OMENScan

Windows Live Artifacts Acquisition Script

updated at Sept. 30, 2024, 2:54 a.m.

13 +0

183 +0

29 +0

CIRTKit by opensourcesec

Tools for the Computer Incident Response Team

updated at Oct. 3, 2024, 5:12 a.m.

20 +0

142 +0

25 +0

hostintel by keithjjones

A modular Python application to collect intelligence for malicious hosts.

updated at Oct. 3, 2024, 5:12 a.m.

30 +0

262 +0

51 +0

fileintel by keithjjones

A modular Python application to pull intelligence about malicious files

updated at Oct. 3, 2024, 5:12 a.m.

17 +0

118 +0

25 +0

cuckoo-modified-api by keithjjones

A Python library to interface with a cuckoo-modified instance

updated at Oct. 3, 2024, 5:12 a.m.

6 +0

21 +0

7 +0

visualize_logs by keithjjones

A Python library and command line tools to provide interactive log visualization.

updated at Oct. 3, 2024, 5:12 a.m.

15 +0

137 +0

30 +0

lorg by jensvoid

Apache Logfile Security Analyzer

updated at Oct. 6, 2024, 11:03 p.m.

42 +0

209 +0

50 +0

morgue by etsy

post mortem tracker

updated at Oct. 7, 2024, 11:23 p.m.

74 +0

1,017 +0

133 +0

traceroute-circl by CIRCL

Traceroute improved wrapper for CSIRT and CERT operators

updated at Oct. 9, 2024, 6:38 a.m.

16 +0

37 +0

9 +0

dfirtrack by dfirtrack

DFIRTrack - The Incident Response Tracking Application

updated at Oct. 17, 2024, 7:23 a.m.

25 +0

482 +0

75 +0