mirror of
https://github.com/meirwah/awesome-incident-response.git
synced 2024-10-01 01:06:19 -04:00
Alphabetized and capitalized.
This commit is contained in:
parent
662dbd9904
commit
07b81326dd
@ -124,7 +124,9 @@ A curated list of tools and resources for security incident response, aimed to h
|
|||||||
|
|
||||||
* [Crits](https://crits.github.io/) - a web-based tool which combines an analytic engine with a cyber threat database
|
* [Crits](https://crits.github.io/) - a web-based tool which combines an analytic engine with a cyber threat database
|
||||||
* [Fenrir](https://github.com/Neo23x0/Fenrir) - Fenrir is a simple IOC scanner. It allows scanning any Linux/Unix/OSX system for IOCs in plain bash. Created by the creators of THOR and LOKI
|
* [Fenrir](https://github.com/Neo23x0/Fenrir) - Fenrir is a simple IOC scanner. It allows scanning any Linux/Unix/OSX system for IOCs in plain bash. Created by the creators of THOR and LOKI
|
||||||
|
* [Fileintel](https://github.com/keithjjones/fileintel) - Pull intelligence per file hash
|
||||||
* [Hindsight](https://github.com/obsidianforensics/hindsight) - Internet history forensics for Google Chrome/Chromium
|
* [Hindsight](https://github.com/obsidianforensics/hindsight) - Internet history forensics for Google Chrome/Chromium
|
||||||
|
* [Hostintel](https://github.com/keithjjones/hostintel) - Pull intelligence per host
|
||||||
* [Kansa](https://github.com/davehull/Kansa/) - Kansa is a modular incident response framework in Powershell
|
* [Kansa](https://github.com/davehull/Kansa/) - Kansa is a modular incident response framework in Powershell
|
||||||
* [rastrea2r](https://github.com/aboutsecurity/rastrea2r) - allows one to scan disks and memory for IOCs using YARA on Windows, Linux and OS X
|
* [rastrea2r](https://github.com/aboutsecurity/rastrea2r) - allows one to scan disks and memory for IOCs using YARA on Windows, Linux and OS X
|
||||||
* [RaQet](https://raqet.github.io/) - RaQet is an unconventional remote acquisition and triaging tool that allows triage a disk of a remote computer (client) that is restarted with a purposely built forensic operating system
|
* [RaQet](https://raqet.github.io/) - RaQet is an unconventional remote acquisition and triaging tool that allows triage a disk of a remote computer (client) that is restarted with a purposely built forensic operating system
|
||||||
@ -133,8 +135,6 @@ A curated list of tools and resources for security incident response, aimed to h
|
|||||||
* [Stenographer](https://github.com/google/stenographer) - Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. It stores as much history as it possible, managing disk usage, and deleting when disk limits are hit. It's ideal for capturing the traffic just before and during an incident, without the need explicit need to store all of the network traffic
|
* [Stenographer](https://github.com/google/stenographer) - Stenographer is a packet capture solution which aims to quickly spool all packets to disk, then provide simple, fast access to subsets of those packets. It stores as much history as it possible, managing disk usage, and deleting when disk limits are hit. It's ideal for capturing the traffic just before and during an incident, without the need explicit need to store all of the network traffic
|
||||||
* [traceroute-circl](https://github.com/CIRCL/traceroute-circl) - traceroute-circl is an extended traceroute to support the activities of CSIRT (or CERT) operators. Usually CSIRT team have to handle incidents based on IP addresses received. Created by Computer Emergency Responce Center Luxembourg
|
* [traceroute-circl](https://github.com/CIRCL/traceroute-circl) - traceroute-circl is an extended traceroute to support the activities of CSIRT (or CERT) operators. Usually CSIRT team have to handle incidents based on IP addresses received. Created by Computer Emergency Responce Center Luxembourg
|
||||||
* [X-Ray 2.0](https://www.raymond.cc/blog/xray/) - A Windows utility (poorly maintained or no longer maintained) to submit virus samples to AV vendors
|
* [X-Ray 2.0](https://www.raymond.cc/blog/xray/) - A Windows utility (poorly maintained or no longer maintained) to submit virus samples to AV vendors
|
||||||
* [hostintel](https://github.com/keithjjones/hostintel) - Pull intelligence per host
|
|
||||||
* [fileintel](https://github.com/keithjjones/fileintel) - Pull intelligence per file hash
|
|
||||||
|
|
||||||
|
|
||||||
### Playbooks
|
### Playbooks
|
||||||
|
Loading…
Reference in New Issue
Block a user