mirror of
https://github.com/meirwah/awesome-incident-response.git
synced 2024-10-01 01:06:19 -04:00
Change of category title + link
This commit is contained in:
parent
f9f0316d19
commit
14054aba6c
@ -10,7 +10,7 @@ A curated list of tools and resources for security incident response, aimed to h
|
|||||||
- [Timeline tools](#timeline-tools)
|
- [Timeline tools](#timeline-tools)
|
||||||
- [All in one tools](#all-in-one-tools)
|
- [All in one tools](#all-in-one-tools)
|
||||||
- [Incident Management](#incident-management)
|
- [Incident Management](#incident-management)
|
||||||
- [Data Collection](#data-collection)
|
- [Windows Evidence Collection](#windows-evidence-collection)
|
||||||
- [Other tools](#other-tools)
|
- [Other tools](#other-tools)
|
||||||
- [Videos](#videos)
|
- [Videos](#videos)
|
||||||
|
|
||||||
@ -58,7 +58,7 @@ A curated list of tools and resources for security incident response, aimed to h
|
|||||||
* [SCOT](http://getscot.sandia.gov/) - Sandia Cyber Omni Tracker (SCOT) is an Incident Response collaboration and knowledge capture tool focused on flexibility and ease of use. Our goal is to add value to the incident response process without burdening the user.
|
* [SCOT](http://getscot.sandia.gov/) - Sandia Cyber Omni Tracker (SCOT) is an Incident Response collaboration and knowledge capture tool focused on flexibility and ease of use. Our goal is to add value to the incident response process without burdening the user.
|
||||||
* [RTIR](https://www.bestpractical.com/rtir/) - Request Tracker for Incident Response (RTIR) is the premier open source incident handling system targeted for computer security teams. We worked with over a dozen CERT and CSIRT teams around the world to help you handle the ever-increasing volume of incident reports. RTIR builds on all the features of Request Tracker.
|
* [RTIR](https://www.bestpractical.com/rtir/) - Request Tracker for Incident Response (RTIR) is the premier open source incident handling system targeted for computer security teams. We worked with over a dozen CERT and CSIRT teams around the world to help you handle the ever-increasing volume of incident reports. RTIR builds on all the features of Request Tracker.
|
||||||
|
|
||||||
### Data Collection
|
### Windows Evidence Collection
|
||||||
* [FECT](https://github.com/jipegit/FECT) - Fast Evidence Collector Toolkit (FECT) is a light incident response toolkit to collect evidences on a suspicious Windows computer. Basically it is intended to be used by non-tech savvy people working with a journeyman Incident Handler.
|
* [FECT](https://github.com/jipegit/FECT) - Fast Evidence Collector Toolkit (FECT) is a light incident response toolkit to collect evidences on a suspicious Windows computer. Basically it is intended to be used by non-tech savvy people working with a journeyman Incident Handler.
|
||||||
* [PSRecon](https://github.com/gfoss/PSRecon/) - PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team. The data can be pushed to a share, sent over email, or retained locally.
|
* [PSRecon](https://github.com/gfoss/PSRecon/) - PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and sends the data off to the security team. The data can be pushed to a share, sent over email, or retained locally.
|
||||||
* [FastIR Collector](https://github.com/SekoiaLab/Fastir_Collector) - FastIR Collector is a tool that collects different artefacts on live Windows systems and records the results in csv files. With the analyses of these artefacts, an early compromise can be detected.
|
* [FastIR Collector](https://github.com/SekoiaLab/Fastir_Collector) - FastIR Collector is a tool that collects different artefacts on live Windows systems and records the results in csv files. With the analyses of these artefacts, an early compromise can be detected.
|
||||||
|
Loading…
Reference in New Issue
Block a user