Karol Trociński
522e37f639
Add MalConfScan volatility plugin.
2019-10-26 10:00:23 +00:00
actualmermaid
e147176811
Update README.md
2019-10-17 11:38:36 -07:00
Herman Slatman
7cad62c65f
Add DFIR ORC
2019-09-24 10:51:24 +02:00
Bryan Bowie
18bc422371
Update README.md
...
Added in several new tools as well as removed Malwr as it is no longer available at this time.
2019-09-02 12:40:45 -04:00
Tony Phipps
174faaae58
Update README.md
2019-08-28 07:12:35 -04:00
Tony Phipps
7db1d4b1c0
Update README.md
2019-08-27 23:29:19 -04:00
Alexey Dolgikh
3945bce515
Update README.md
2019-06-03 09:53:54 +03:00
Alexey Dolgikh
e6817c1d19
Update README.md
...
Adds Kaspersky CyberTrace and Kaspersky Threat Intelligence Portal
2019-05-28 12:15:36 +03:00
Herman Slatman
1a4ab6dcf0
Fix errors after merge
2018-11-27 17:51:52 +01:00
Herman Slatman
045c36b3e9
Merge branch 'master' into hs_sysmon_search
2018-11-27 17:33:34 +01:00
Meitar M
c7366df265
Consistently use sentence casing, fix a typo, shorten verbose items.
...
This commit continues the work to conform to the Awesome List style
guidelines. In this commit, item descriptions have been checked to
ensure they use sentence casing (first letter of the description must be
capitalized), a typo ("forenisic" -> "forensic") was fixed, and several
overly long descriptions that read too much like marketing material were
shortened to a single sentence for simplicity.
2018-10-03 16:21:23 -04:00
Meitar M
6e4f1accca
Continued style guide conformance fixes.
...
This commit continues edits to make the list Awesome List conformant.
Specifically, this commit focuses on:
* Removing prepositions ("A," "An," "The," etc) from the start of items.
* Removing duplicated line item names from their descriptions.
* Expanding acronyms of line item names in the link itself.
Again, this is just one step in the process of making the list more
conformant to the Awesome List style guide and should not be considered
an exhaustive treatment.
2018-10-03 15:47:22 -04:00
Meitar M
c7dc47c239
Begin style conformance with new Awesome List guides.
...
The Awesome List style guide wants listed awesome lists to conform to a
particular style. Their style guide includes numerous items, some of
which are addressed by this commit. The items addressed herein include:
* Name of list as the top-level heading.
* Awesome badge placed to the right of the title, not underneath.
* Description of the list contents.
* All line items should end in appropriate punctuation (like a period).
This is a first pass and should not be considered an exhaustive
accounting of the style guide's recommendations.
2018-10-03 15:44:51 -04:00
Herman Slatman
a3d57c4271
Merge branch 'master' into hs_sysmon_search
2018-10-01 21:12:35 +02:00
Herman Slatman
cb5016d109
Add StreamAlert
2018-10-01 20:14:38 +02:00
Herman Slatman
2b404faf3d
Add SysmonSearch
2018-10-01 20:10:43 +02:00
CIRT Josh
e84f24cc69
Update README.md
2018-08-30 17:31:50 +01:00
CIRT Josh
1fcabb74c4
Merge pull request #1 from meirwah/master
...
Update
2018-08-30 17:28:40 +01:00
Meitar M
87ae91b21e
Add Scout2, an AWS assessment and (semi-)automated account hardening tool.
2018-08-22 14:00:32 -04:00
Meitar M
8433df3be6
Add Margarita Shotgun, a Python-based remote memory acquisition tool.
2018-08-22 14:00:12 -04:00
Herman Slatman
81805dfaeb
Add Diffy
2018-07-17 22:47:56 +02:00
Binalyze
4626070758
Update README.md
...
Added the word free.
2018-06-17 22:23:30 +03:00
Binalyze
866884f933
Update README.md
...
Added IREC into Windows Evidence Collection list.
2018-06-17 22:22:30 +03:00
Meir Wahnon
097454d7b8
Merge pull request #107 from hslatman/hs_adversary_emulation
...
Add Adversary Emulation section
2018-05-12 09:51:21 -07:00
nogoodconfig
6c38544120
Added PyaraScanner
2018-05-03 15:30:52 +01:00
nogoodconfig
c3320ee0d3
Added PyaraScanner
2018-05-03 15:30:01 +01:00
megan201296
52282a826c
Update README.md
...
Removed `s` in `https://augmentd.co/ `. augmentd only uses `http`
2018-04-24 17:01:30 -05:00
Logically Secure Ltd
d1b3ae2a58
Update README.md
...
Added CyberCPR as Incident Management tool
2018-04-12 17:53:15 +04:00
dogoncouch
b0ef858927
Add logdissect log analysis tool (CLI/Python API)
2018-03-27 14:18:54 -04:00
Herman Slatman
534f7837f4
Add several Adversary Emulation tools
2018-03-24 12:14:31 +01:00
Herman Slatman
e93c03bfb2
Add Caldera
2018-03-24 12:02:13 +01:00
Herman Slatman
99443b07ea
Merge branch 'master' of https://github.com/meirwah/awesome-incident-response into hs_adversary_emulation
2018-03-24 11:59:56 +01:00
Herman Slatman
682ae1a62a
Add Adversary Emulation section
2018-03-24 11:55:46 +01:00
Meir Wahnon
f6ba87baf7
Merge pull request #103 from deralexxx/patch-1
...
API list
2018-02-20 22:53:50 -08:00
Alexander J
700ed12699
Update README.md
2018-02-20 22:24:07 +01:00
Alexander J
cbe381c8f5
Update README.md
...
updated
2018-02-20 21:13:47 +01:00
chadmando
d88c1b898f
Fix Books section DFIR Intro link
...
Scott Roberts DFIR Intro link is broken, pointed to his Medium post on the same topic
2018-02-19 09:56:16 -06:00
Meir Wahnon
17d24c69de
adding helk
...
adding helk
2018-01-17 17:56:55 +02:00
Alexander J
8be7413c8c
Update README.md
2018-01-16 13:11:00 +01:00
Alexander J
69977b1bf4
Update README.md
2018-01-14 17:38:06 +01:00
Alexander J
ba892960f3
API list
...
Hope that is good enough for the awesome list.
2018-01-14 17:36:48 +01:00
Yogesh Khatri (@swiftforensics)
e5637704ba
Added mac_apt under OSX category
2018-01-07 00:11:05 -05:00
Theta Gamma
2bed4f7cb2
Update README.md
2017-11-15 11:40:55 +01:00
Theta Gamma
4d615bbeaf
Update README.md
...
FIDO is deprecated at Netflix and this repository is no longer maintained. -> removed
added CCF-VM to linux-distributions
2017-11-15 11:36:12 +01:00
sabandosoleda
8fedf97fa6
fixed alphabetical order
2017-11-04 18:35:36 +01:00
sabandosoleda
5ed90e2758
Add Bitscout
...
Please add Bitscout as a trustable remote forensics and acquisition livecd builder tool! Thank you
2017-11-04 16:52:43 +01:00
Brie Carranza
2a5218dade
Add morgue by etsy
2017-10-24 17:02:40 -04:00
Herman Slatman
56e4f3bcc5
Add DumpsterFire
...
And move sqhunter to turn the list into alphabetical order again
2017-10-20 14:27:00 +02:00
Herman Slatman
a4d0fc1216
Add Kolide Fleet
...
Removed the old, out-dated Kolide entry
2017-10-19 08:16:07 +02:00
Tomas Hertus
a2fa9c460c
Add Metadefender Cloud
2017-06-28 10:11:41 -07:00
Adel Ka
8972536973
sqhunter tool added
2017-06-28 15:07:55 +10:00
Herman Slatman
418e88965a
Add imagemounter
2017-05-28 13:35:11 +02:00
Herman Slatman
0472cd5c94
Add Cyphon
2017-05-20 22:22:43 +02:00
Meir Wahnon
cf07ef546a
adding Panorama
...
adding Panorama
2017-05-20 10:27:24 -07:00
Meir Wahnon
c879934de2
add VolDiff
...
add VolDiff to memory
2017-05-12 16:37:01 +03:00
Meir Wahnon
1cb26921a4
Adding IRM
...
Adding IRM
2017-04-04 11:51:51 +03:00
Meir Wahnon
f1959c15d6
Add Contents header
...
Add Contents header
2017-04-01 11:12:13 +03:00
Diogo Fernandes
de396576b3
Added domfind
2017-03-29 18:36:13 +02:00
Herman Slatman
441c4f717f
Add augmentd
2017-03-25 18:33:33 +01:00
Meir Wahnon
31f72656fe
Add Demisto to incident mgmt section
...
Add Demisto free edition to incident mgmt section
2017-03-18 14:00:33 +02:00
Diogo Fernandes
e41ab7de89
Added ir-rescue
2017-02-11 23:30:48 +01:00
Saad Kadhi
b8906e9fab
add Cortex from TheHive Project
2017-02-04 18:16:58 +01:00
Meir Wahnon
6be9b47df4
Merge pull request #80 from K2/master
...
Added inVtero.net
2017-01-27 17:54:40 +02:00
Herman Slatman
5ffcbf346f
Add PagerDuty Incident Response Documentation
2017-01-21 09:42:28 +01:00
ktwo/ShaneK2
f79dc0c08d
Added inVtero.net
...
Link to my new memory analysis platform ;)
2017-01-20 18:57:32 -08:00
chumstick
c71116c3c5
Fixed Formatting to Conform to Guidelines
2016-11-16 13:57:21 -05:00
chumstick
4f7352617b
Added "Fidelis ThreatScanner" to Windows tools
2016-11-16 13:54:42 -05:00
Keith J. Jones
68a26a79e0
Merge branch 'master' of https://github.com/meirwah/awesome-incident-response into visualize_logs
2016-11-12 11:44:22 -05:00
Keith J. Jones
cda1ca8605
Added cuckoo log to project description.
2016-11-12 11:44:17 -05:00
Herman Slatman
c22a83df11
Add LMG
2016-11-10 01:29:48 +01:00
Herman Slatman
ccb093b0b1
Add VolatilityBot
2016-11-10 01:24:56 +01:00
Herman Slatman
bc1c24d754
Add TheHive
2016-11-10 01:20:25 +01:00
Meir Wahnon
7af1241d54
Merge pull request #76 from keithjjones/visualize_logs
...
Added Visualize_Logs
2016-11-06 20:33:43 +00:00
Meir Wahnon
500ac758dd
Merge pull request #75 from bcarrier/master
...
Added Cyber Triage.
2016-10-24 10:24:53 +03:00
Keith J. Jones
7743a82fa6
Added Visualize_Logs.
2016-10-23 14:46:05 -04:00
Keith J. Jones
518772feb6
Added cuckoo-modified-api
2016-10-04 16:10:39 -04:00
Brian Carrier
3e462aac5e
Added Cyber Triage.
2016-09-27 23:27:29 -04:00
Keith J. Jones
07b81326dd
Alphabetized and capitalized.
2016-08-31 10:44:50 -04:00
Keith J. Jones
662dbd9904
Added two keithjjones tools.
2016-08-31 10:37:53 -04:00
Meir Wahnon
e42e2ecec3
Adding Zentral
...
Adding Zentral to All in one Tools
2016-07-18 19:50:48 +03:00
Herman Slatman
a5ebd3e291
Remove period
2016-07-12 14:42:11 +02:00
Herman Slatman
f249e0dbf4
PALADIN added
2016-07-12 14:36:10 +02:00
Herman Slatman
9e767898bd
Added Magnet RAM Capture
2016-07-12 14:30:38 +02:00
Herman Slatman
8567ec5e97
Added ACQUIRE
2016-07-12 14:27:08 +02:00
Herman Slatman
3a4fff6617
Added Falcon Orchestrator
2016-07-12 14:20:50 +02:00
Herman Slatman
abb133510d
Added RaQet
2016-07-12 13:08:53 +02:00
Herman Slatman
b589680044
Added CimSweep
2016-07-12 13:01:53 +02:00
Herman Slatman
39374aa51a
Added nightHawk
2016-07-12 12:58:40 +02:00
MikeDawg
a39de0c7ba
Added NST, and fixed a couple EOLs
2016-07-08 09:15:06 -06:00
MikeDawg
4d3ed91f0b
Alphabetical order FTW
2016-06-30 11:50:07 -06:00
MikeDawg
d302552f03
Added X-Ray 2.0
2016-06-30 11:01:55 -06:00
Meir Wahnon
327602e8a6
remove DNS miner
...
fixes #67
2016-06-16 17:00:27 +03:00
Nedim Šabić
402349cc95
Add Fibratus
2016-06-07 16:18:06 +02:00
Herman Slatman
2f13ee5a59
Added Doorman
2016-06-01 21:51:21 +02:00
Meir Wahnon
37c0ba12e6
Adding LiME
...
fixes #63
2016-05-26 10:20:47 +03:00
Herman Slatman
a34ee4f49a
SearchGiant added
2016-05-20 11:16:12 +02:00
Herman Slatman
5c05e15330
Kolide added
2016-05-09 09:50:23 +02:00
Meir Wahnon
3bb912af8b
update playbooks link
...
to https://www.incidentresponse.com/playbooks/
fixes #59
2016-04-22 08:58:32 +03:00
Herman Slatman
620e5ab909
Rastrea2r added
2016-04-19 14:44:44 +02:00
Herman Slatman
0f6415af9b
Add link. Stupid me.
2016-03-22 17:11:05 +01:00
Herman Slatman
694ea2faa4
ADIA added
2016-03-22 09:21:10 +01:00
Meir Wahnon
3d68cca1c3
Merge pull request #56 from mthlvt/master
...
Lorg tool added
2016-03-21 08:35:42 +02:00
Mat
3c69b3a9a9
Lorg tool added
...
added a new tool called Lorg: a tool for advanced HTTPD logfile security analysis and forensics
2016-03-21 11:36:18 +09:00
Meir Wahnon
1eb9cf6e28
Merge pull request #54 from meirwah/CDQR
...
adding Cold Disk Quick Response tool
2016-02-29 09:22:52 +02:00
Herman Slatman
f17a3be290
small addition to Lima Charlied entry
2016-02-26 23:20:45 +01:00
Herman Slatman
86bb4b11e9
CIRTkit added
2016-02-26 23:18:06 +01:00
Meir Wahnon
86e28d1612
adding Cold Disk Quick Response tool
2016-02-24 22:25:14 +02:00
Meir Wahnon
b5eeec36b1
reverting...
2016-02-24 19:50:41 +02:00
Meir Wahnon
a89acf7aa6
website for PMDump seems to have issues
...
switching to http://www.securityfocus.com/tools/2466
2016-02-24 19:49:54 +02:00
Meir Wahnon
2a3a0e3c98
add binaryforay tools
2016-02-23 22:53:34 +02:00
Interleaved
a8c4173d4a
Fix typo in IR workflow gallery item
2016-02-21 10:25:07 +01:00
Interleaved
594f5d9a4c
Add new playbooks item for IR workflow gallery
2016-02-21 10:18:49 +01:00
Meir Wahnon
600f5debf4
add playbooks section
2016-02-17 18:54:39 +02:00
ahhh
d808307223
Update README.md
...
fix minor spelling error
2016-02-16 16:44:18 -08:00
Meir Wahnon
e0ab1523e4
small change
2016-02-15 15:41:35 +02:00
Meir Wahnon
a45659f71b
remove unneeded comma
2016-02-15 15:40:04 +02:00
Meir Wahnon
ee7b5d8759
Adding KonckKnock
...
to OSX section
2016-02-15 15:38:47 +02:00
Meir Wahnon
cffffd65be
Adding PowerForensics
...
to Windows Evidence Collection
2016-02-04 09:48:18 +02:00
Herman Slatman
1b43cabd08
Another (local) conflict resolved
2016-01-27 13:51:18 +01:00
Herman Slatman
c8bdf8bab9
Merge conflict resolved
2016-01-27 13:49:51 +01:00
Herman Slatman
c3655a5516
Removed some dots
2016-01-27 13:19:02 +01:00
Herman Slatman
ee0db994b1
Removed some dots
2016-01-27 13:16:37 +01:00
Herman Slatman
dd9b8ff64d
small typos
2016-01-27 12:28:07 +01:00
Herman Slatman
feaf021164
Adding Linux evidence collection entry
2016-01-27 12:25:53 +01:00
Herman Slatman
7977ac9c78
FastIR for Linux added
2016-01-27 12:25:02 +01:00
Meir Wahnon
7d009f4273
Adding Crits
...
To other section
2016-01-26 09:47:44 +02:00
ReadmeCritic
0e0c029d4e
Update README URLs based on HTTP redirects
2016-01-20 12:29:56 -08:00
Meir Wahnon
5b6fd16115
fix DFIR intro
2016-01-13 20:55:34 +02:00
Meir Wahnon
f0d7b27673
Remove dots at end of line + add intro section
2016-01-13 20:52:49 +02:00
Meir Wahnon
075d2a5796
fix empty raw
2016-01-09 14:21:54 +02:00
Meir Wahnon
fe443b7452
Add Evidence collectors section
...
for multi platform
2016-01-09 14:16:04 +02:00
Meir Wahnon
b60bd66747
Merge pull request #40 from hslatman/hs_20160108
...
Fenrir + bulk_extractor
2016-01-09 14:11:22 +02:00
Herman Slatman
a6e31beea3
Stenographer buffered PCAP capture solution added
2016-01-09 11:22:43 +01:00
Herman Slatman
fb442c4a5a
bulk_extractor added
2016-01-08 18:58:38 +01:00
Herman Slatman
7198f75f19
Fenrir IOC scanner added
2016-01-08 18:46:00 +01:00
Meir Wahnon
ada4d000f6
Adding Belkasoft Evidence Center
2016-01-07 23:39:50 +02:00
Meir Wahnon
afbf73468a
Adding Limacharlie
2016-01-04 09:26:40 +02:00
Herman Slatman
b94e155720
2nd link removed + 'typo'
2015-12-23 10:46:17 +01:00
Herman Slatman
b5c7ececb8
Merging DEFT and DEFT Zero
2015-12-23 10:32:56 +01:00
Herman Slatman
1a8cd130ee
DEFT Zero (light DEFT) added
2015-12-21 13:38:55 +01:00
Herman Slatman
91111f0a8e
DEFT Linux Distro added
2015-12-21 13:33:41 +01:00
Herman Slatman
50f5574a56
CAINE Live added
2015-12-21 13:30:04 +01:00
Herman Slatman
2b7f5a0bc5
SIFT Workstation added
2015-12-18 13:19:04 +01:00
Meir Wahnon
877119aa70
Merge pull request #36 from hslatman/hs_category_linux_distro
...
Move Security Onion to Linux Distributions Category + slight descript…
2015-12-17 13:43:02 +02:00
Herman Slatman
39cbfa075d
Move Security Onion to Linux Distributions Category + slight description change
2015-12-14 21:44:57 +01:00
MikeDawg
a96753db32
Update Readme.md - Added Triage-IR
...
Added Triage-IR
2015-12-14 11:40:10 -07:00
Herman Slatman
2c8cb30576
threat_note name changed to real name + slightly more descriptive description
2015-12-14 10:12:48 +01:00
Herman Slatman
b1079e3be9
Envdb added
2015-12-14 10:09:57 +01:00
Herman Slatman
70e14eef1c
BriMor Labs Live Response Collection added
2015-12-14 10:07:03 +01:00
Meir Wahnon
dcdbedb963
Remove DumpIT - seems the project is not maintained anymore
2015-12-13 15:04:20 +02:00