"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
created at Oct. 5, 2017, 11:44 p.m.
Digital Forensics artifact repository
created at Oct. 31, 2014, 7:13 p.m.
PagerDuty's Incident Response Documentation.
created at Nov. 28, 2016, 5:58 p.m.
This is the development tree. Production downloads are at:
created at April 3, 2012, 4:36 a.m.
Web browser forensics for Google Chrome/Chromium
created at May 22, 2014, 3:25 a.m.
An information security preparedness tool to do adversarial simulation.
created at Nov. 1, 2017, 9:24 p.m.
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
created at Dec. 26, 2020, 9:52 p.m.
Virtual Machine for Adversary Emulation and Threat Hunting
created at March 14, 2018, 7:31 p.m.
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
created at July 3, 2022, 1:41 p.m.
PowerForensics provides an all in one platform for live disk forensic analysis
created at March 7, 2015, 5:12 p.m.
Binary analysis and management framework
created at Nov. 9, 2013, 6:24 p.m.
LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquiring memory either to the file system of the device or over the network. LiME is unique in that it is the first tool that allows full memory captures from Android devices. It also minimizes its interaction between user and kernel space processes during acquisition, which allows it to produce memory captures that are more forensically sound than those of other tools designed for Linux memory acquisition.
created at Sept. 23, 2014, 4:23 p.m.
Malware Configuration And Payload Extraction
created at Oct. 15, 2019, 6:16 p.m.
Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. Discussion/announcements at stenographer@googlegroups.com
created at Oct. 13, 2014, 9:26 p.m.