From 3a838c67ee1287f07f8c4882e9fc5cc9faf87ad6 Mon Sep 17 00:00:00 2001 From: Andreas Hunkeler Date: Mon, 6 Apr 2020 11:33:34 +0200 Subject: [PATCH] Add PowerSponse as containment tool --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 03b386c..3b397df 100644 --- a/README.md +++ b/README.md @@ -175,6 +175,7 @@ Digital Forensics and Incident Response (DFIR) teams are groups of people in an * [Hostintel](https://github.com/keithjjones/hostintel) - Pull intelligence per host. * [imagemounter](https://github.com/ralphje/imagemounter) - Command line utility and Python package to ease the (un)mounting of forensic disk images. * [Kansa](https://github.com/davehull/Kansa/) - Modular incident response framework in Powershell. +* [PowerSponse](https://github.com/swisscom/PowerSponse) - PowerSponse is a PowerShell module focused on targeted containment and remediation during security incident response. * [PyaraScanner](https://github.com/nogoodconfig/pyarascanner) - Very simple multithreaded many-rules to many-files YARA scanning Python script for malware zoos and IR. * [rastrea2r](https://github.com/aboutsecurity/rastrea2r) - Allows one to scan disks and memory for IOCs using YARA on Windows, Linux and OS X. * [RaQet](https://raqet.github.io/) - Unconventional remote acquisition and triaging tool that allows triage a disk of a remote computer (client) that is restarted with a purposely built forensic operating system.