Awesome-Mirrors/awesome-incident-response
1
0
Fork 0
mirror of https://github.com/meirwah/awesome-incident-response.git synced 2024-06-28 15:22:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #74 from keithjjones/master

Browse Source 
Added two keithjjones tools.
This commit is contained in:
Meir Wahnon 2016-10-19 12:31:40 +03:00 committed by GitHub
commit aef5ea6342
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -124,7 +124,9 @@ A curated list of tools and resources for security incident response, aimed to h
* [Crits](https://crits.github.io/) - a web-based tool which combines an analytic engine with a cyber threat database
* [Fenrir](https://github.com/Neo23x0/Fenrir) - Fenrir is a simple IOC scanner. It allows scanning any Linux/Unix/OSX system for IOCs in plain bash. Created by the creators of THOR and LOKI
* [Fileintel](https://github.com/keithjjones/fileintel) - Pull intelligence per file hash
* [Hindsight](https://github.com/obsidianforensics/hindsight) - Internet history forensics for Google Chrome/Chromium
* [Hostintel](https://github.com/keithjjones/hostintel) - Pull intelligence per host
* [Kansa](https://github.com/davehull/Kansa/) - Kansa is a modular incident response framework in Powershell
* [rastrea2r](https://github.com/aboutsecurity/rastrea2r) - allows one to scan disks and memory for IOCs using YARA on Windows, Linux and OS X
* [RaQet](https://raqet.github.io/) - RaQet is an unconventional remote acquisition and triaging tool that allows triage a disk of a remote computer (client) that is restarted with a purposely built forensic operating system
@ -134,6 +136,7 @@ A curated list of tools and resources for security incident response, aimed to h
* [traceroute-circl](https://github.com/CIRCL/traceroute-circl) - traceroute-circl is an extended traceroute to support the activities of CSIRT (or CERT) operators. Usually CSIRT team have to handle incidents based on IP addresses received. Created by Computer Emergency Responce Center Luxembourg
* [X-Ray 2.0](https://www.raymond.cc/blog/xray/) - A Windows utility (poorly maintained or no longer maintained) to submit virus samples to AV vendors
### Playbooks
* [Demisto Playbooks Collection](https://www.demisto.com/category/playbooks/) - Playbooks collection
@ -148,6 +151,7 @@ A curated list of tools and resources for security incident response, aimed to h
* [Cuckoo](https://github.com/cuckoobox) - Open Source Highly configurable sandboxing tool
* [Cuckoo-modified](https://github.com/spender-sandbox/cuckoo-modified) - Heavily modified Cuckoo fork developed by community
* [Cuckoo-modified-api](https://github.com/keithjjones/cuckoo-modified-api) - A Python library to control a cuckoo-modified sandbox
* [Hybrid-Analysis](https://www.hybrid-analysis.com/) - Hybrid-Analysis is a free powerful online sandbox by Payload Security
* [Malwr](https://malwr.com) - Malwr is a free online malware analysis service and community, which is powered by the Cuckoo Sandbox
* [Mastiff](https://github.com/KoreLogicSecurity/mastiff) - MASTIFF is a static analysis framework that automates the process of extracting key characteristics from a number of different file formats