Commit Graph

301 Commits

Author SHA1 Message Date
Herman Slatman
2b404faf3d
Add SysmonSearch 2018-10-01 20:10:43 +02:00
CIRT Josh
e84f24cc69
Update README.md 2018-08-30 17:31:50 +01:00
CIRT Josh
1fcabb74c4
Merge pull request #1 from meirwah/master
Update
2018-08-30 17:28:40 +01:00
Meitar M
87ae91b21e
Add Scout2, an AWS assessment and (semi-)automated account hardening tool. 2018-08-22 14:00:32 -04:00
Meitar M
8433df3be6
Add Margarita Shotgun, a Python-based remote memory acquisition tool. 2018-08-22 14:00:12 -04:00
Herman Slatman
81805dfaeb
Add Diffy 2018-07-17 22:47:56 +02:00
Binalyze
4626070758
Update README.md
Added the word free.
2018-06-17 22:23:30 +03:00
Binalyze
866884f933
Update README.md
Added IREC into Windows Evidence Collection list.
2018-06-17 22:22:30 +03:00
Meir Wahnon
097454d7b8
Merge pull request #107 from hslatman/hs_adversary_emulation
Add Adversary Emulation section
2018-05-12 09:51:21 -07:00
nogoodconfig
6c38544120 Added PyaraScanner 2018-05-03 15:30:52 +01:00
nogoodconfig
c3320ee0d3 Added PyaraScanner 2018-05-03 15:30:01 +01:00
megan201296
52282a826c
Update README.md
Removed `s` in `https://augmentd.co/`. augmentd only uses `http`
2018-04-24 17:01:30 -05:00
Logically Secure Ltd
d1b3ae2a58
Update README.md
Added CyberCPR as Incident Management tool
2018-04-12 17:53:15 +04:00
dogoncouch
b0ef858927 Add logdissect log analysis tool (CLI/Python API) 2018-03-27 14:18:54 -04:00
Herman Slatman
534f7837f4
Add several Adversary Emulation tools 2018-03-24 12:14:31 +01:00
Herman Slatman
e93c03bfb2
Add Caldera 2018-03-24 12:02:13 +01:00
Herman Slatman
99443b07ea
Merge branch 'master' of https://github.com/meirwah/awesome-incident-response into hs_adversary_emulation 2018-03-24 11:59:56 +01:00
Herman Slatman
682ae1a62a
Add Adversary Emulation section 2018-03-24 11:55:46 +01:00
Meir Wahnon
f6ba87baf7
Merge pull request #103 from deralexxx/patch-1
API list
2018-02-20 22:53:50 -08:00
Alexander J
700ed12699
Update README.md 2018-02-20 22:24:07 +01:00
Alexander J
cbe381c8f5
Update README.md
updated
2018-02-20 21:13:47 +01:00
chadmando
d88c1b898f
Fix Books section DFIR Intro link
Scott Roberts DFIR Intro link is broken, pointed to his Medium post on the same topic
2018-02-19 09:56:16 -06:00
Meir Wahnon
17d24c69de
adding helk
adding helk
2018-01-17 17:56:55 +02:00
Alexander J
8be7413c8c
Update README.md 2018-01-16 13:11:00 +01:00
Alexander J
69977b1bf4
Update README.md 2018-01-14 17:38:06 +01:00
Alexander J
ba892960f3
API list
Hope that is good enough for the awesome list.
2018-01-14 17:36:48 +01:00
Yogesh Khatri (@swiftforensics)
e5637704ba
Added mac_apt under OSX category 2018-01-07 00:11:05 -05:00
Theta Gamma
2bed4f7cb2
Update README.md 2017-11-15 11:40:55 +01:00
Theta Gamma
4d615bbeaf
Update README.md
FIDO is deprecated at Netflix and this repository is no longer maintained. -> removed
added CCF-VM to linux-distributions
2017-11-15 11:36:12 +01:00
sabandosoleda
8fedf97fa6
fixed alphabetical order 2017-11-04 18:35:36 +01:00
sabandosoleda
5ed90e2758
Add Bitscout
Please add Bitscout as a trustable remote forensics and acquisition livecd builder tool! Thank you
2017-11-04 16:52:43 +01:00
Brie Carranza
2a5218dade Add morgue by etsy 2017-10-24 17:02:40 -04:00
Herman Slatman
56e4f3bcc5 Add DumpsterFire
And move sqhunter to turn the list into alphabetical order again
2017-10-20 14:27:00 +02:00
Herman Slatman
a4d0fc1216 Add Kolide Fleet
Removed the old, out-dated Kolide entry
2017-10-19 08:16:07 +02:00
Tomas Hertus
a2fa9c460c Add Metadefender Cloud 2017-06-28 10:11:41 -07:00
Adel Ka
8972536973 sqhunter tool added 2017-06-28 15:07:55 +10:00
Herman Slatman
418e88965a Add imagemounter 2017-05-28 13:35:11 +02:00
Herman Slatman
0472cd5c94 Add Cyphon 2017-05-20 22:22:43 +02:00
Meir Wahnon
cf07ef546a adding Panorama
adding Panorama
2017-05-20 10:27:24 -07:00
Meir Wahnon
c879934de2 add VolDiff
add VolDiff to memory
2017-05-12 16:37:01 +03:00
Meir Wahnon
1cb26921a4 Adding IRM
Adding IRM
2017-04-04 11:51:51 +03:00
Meir Wahnon
f1959c15d6 Add Contents header
Add Contents header
2017-04-01 11:12:13 +03:00
Diogo Fernandes
de396576b3 Added domfind 2017-03-29 18:36:13 +02:00
Herman Slatman
441c4f717f Add augmentd 2017-03-25 18:33:33 +01:00
Meir Wahnon
31f72656fe Add Demisto to incident mgmt section
Add Demisto free edition to incident mgmt section
2017-03-18 14:00:33 +02:00
Diogo Fernandes
e41ab7de89 Added ir-rescue 2017-02-11 23:30:48 +01:00
Saad Kadhi
b8906e9fab add Cortex from TheHive Project 2017-02-04 18:16:58 +01:00
Meir Wahnon
6be9b47df4 Merge pull request #80 from K2/master
Added inVtero.net
2017-01-27 17:54:40 +02:00
Herman Slatman
5ffcbf346f Add PagerDuty Incident Response Documentation 2017-01-21 09:42:28 +01:00
ktwo/ShaneK2
f79dc0c08d Added inVtero.net
Link to my new memory analysis platform ;)
2017-01-20 18:57:32 -08:00
chumstick
c71116c3c5 Fixed Formatting to Conform to Guidelines 2016-11-16 13:57:21 -05:00
chumstick
4f7352617b Added "Fidelis ThreatScanner" to Windows tools 2016-11-16 13:54:42 -05:00
Keith J. Jones
68a26a79e0 Merge branch 'master' of https://github.com/meirwah/awesome-incident-response into visualize_logs 2016-11-12 11:44:22 -05:00
Keith J. Jones
cda1ca8605 Added cuckoo log to project description. 2016-11-12 11:44:17 -05:00
Herman Slatman
c22a83df11 Add LMG 2016-11-10 01:29:48 +01:00
Herman Slatman
ccb093b0b1 Add VolatilityBot 2016-11-10 01:24:56 +01:00
Herman Slatman
bc1c24d754 Add TheHive 2016-11-10 01:20:25 +01:00
Meir Wahnon
7af1241d54 Merge pull request #76 from keithjjones/visualize_logs
Added Visualize_Logs
2016-11-06 20:33:43 +00:00
Meir Wahnon
500ac758dd Merge pull request #75 from bcarrier/master
Added Cyber Triage.
2016-10-24 10:24:53 +03:00
Keith J. Jones
7743a82fa6 Added Visualize_Logs. 2016-10-23 14:46:05 -04:00
Keith J. Jones
518772feb6 Added cuckoo-modified-api 2016-10-04 16:10:39 -04:00
Brian Carrier
3e462aac5e Added Cyber Triage. 2016-09-27 23:27:29 -04:00
Keith J. Jones
07b81326dd Alphabetized and capitalized. 2016-08-31 10:44:50 -04:00
Keith J. Jones
662dbd9904 Added two keithjjones tools. 2016-08-31 10:37:53 -04:00
Meir Wahnon
e42e2ecec3 Adding Zentral
Adding Zentral to  All in one Tools
2016-07-18 19:50:48 +03:00
Herman Slatman
a5ebd3e291 Remove period 2016-07-12 14:42:11 +02:00
Herman Slatman
f249e0dbf4 PALADIN added 2016-07-12 14:36:10 +02:00
Herman Slatman
9e767898bd Added Magnet RAM Capture 2016-07-12 14:30:38 +02:00
Herman Slatman
8567ec5e97 Added ACQUIRE 2016-07-12 14:27:08 +02:00
Herman Slatman
3a4fff6617 Added Falcon Orchestrator 2016-07-12 14:20:50 +02:00
Herman Slatman
abb133510d Added RaQet 2016-07-12 13:08:53 +02:00
Herman Slatman
b589680044 Added CimSweep 2016-07-12 13:01:53 +02:00
Herman Slatman
39374aa51a Added nightHawk 2016-07-12 12:58:40 +02:00
MikeDawg
a39de0c7ba Added NST, and fixed a couple EOLs 2016-07-08 09:15:06 -06:00
MikeDawg
4d3ed91f0b Alphabetical order FTW 2016-06-30 11:50:07 -06:00
MikeDawg
d302552f03 Added X-Ray 2.0 2016-06-30 11:01:55 -06:00
Meir Wahnon
327602e8a6 remove DNS miner
fixes #67
2016-06-16 17:00:27 +03:00
Nedim Šabić
402349cc95 Add Fibratus 2016-06-07 16:18:06 +02:00
Herman Slatman
2f13ee5a59 Added Doorman 2016-06-01 21:51:21 +02:00
Meir Wahnon
37c0ba12e6 Adding LiME
fixes #63
2016-05-26 10:20:47 +03:00
Herman Slatman
a34ee4f49a SearchGiant added 2016-05-20 11:16:12 +02:00
Herman Slatman
5c05e15330 Kolide added 2016-05-09 09:50:23 +02:00
Meir Wahnon
3bb912af8b update playbooks link
to https://www.incidentresponse.com/playbooks/
fixes #59
2016-04-22 08:58:32 +03:00
Herman Slatman
620e5ab909 Rastrea2r added 2016-04-19 14:44:44 +02:00
Herman Slatman
0f6415af9b Add link. Stupid me. 2016-03-22 17:11:05 +01:00
Herman Slatman
694ea2faa4 ADIA added 2016-03-22 09:21:10 +01:00
Meir Wahnon
3d68cca1c3 Merge pull request #56 from mthlvt/master
Lorg tool added
2016-03-21 08:35:42 +02:00
Mat
3c69b3a9a9 Lorg tool added
added a new tool called Lorg: a tool for advanced HTTPD logfile security analysis and forensics
2016-03-21 11:36:18 +09:00
Meir Wahnon
1eb9cf6e28 Merge pull request #54 from meirwah/CDQR
adding Cold Disk Quick Response tool
2016-02-29 09:22:52 +02:00
Herman Slatman
f17a3be290 small addition to Lima Charlied entry 2016-02-26 23:20:45 +01:00
Herman Slatman
86bb4b11e9 CIRTkit added 2016-02-26 23:18:06 +01:00
Meir Wahnon
86e28d1612 adding Cold Disk Quick Response tool 2016-02-24 22:25:14 +02:00
Meir Wahnon
b5eeec36b1 reverting... 2016-02-24 19:50:41 +02:00
Meir Wahnon
a89acf7aa6 website for PMDump seems to have issues
switching to http://www.securityfocus.com/tools/2466
2016-02-24 19:49:54 +02:00
Meir Wahnon
2a3a0e3c98 add binaryforay tools 2016-02-23 22:53:34 +02:00
Interleaved
a8c4173d4a Fix typo in IR workflow gallery item 2016-02-21 10:25:07 +01:00
Interleaved
594f5d9a4c Add new playbooks item for IR workflow gallery 2016-02-21 10:18:49 +01:00
Meir Wahnon
600f5debf4 add playbooks section 2016-02-17 18:54:39 +02:00
ahhh
d808307223 Update README.md
fix minor spelling error
2016-02-16 16:44:18 -08:00
Meir Wahnon
e0ab1523e4 small change 2016-02-15 15:41:35 +02:00
Meir Wahnon
a45659f71b remove unneeded comma 2016-02-15 15:40:04 +02:00
Meir Wahnon
ee7b5d8759 Adding KonckKnock
to OSX section
2016-02-15 15:38:47 +02:00
Meir Wahnon
cffffd65be Adding PowerForensics
to Windows Evidence Collection
2016-02-04 09:48:18 +02:00
Herman Slatman
1b43cabd08 Another (local) conflict resolved 2016-01-27 13:51:18 +01:00
Herman Slatman
c8bdf8bab9 Merge conflict resolved 2016-01-27 13:49:51 +01:00
Herman Slatman
c3655a5516 Removed some dots 2016-01-27 13:19:02 +01:00
Herman Slatman
ee0db994b1 Removed some dots 2016-01-27 13:16:37 +01:00
Herman Slatman
dd9b8ff64d small typos 2016-01-27 12:28:07 +01:00
Herman Slatman
feaf021164 Adding Linux evidence collection entry 2016-01-27 12:25:53 +01:00
Herman Slatman
7977ac9c78 FastIR for Linux added 2016-01-27 12:25:02 +01:00
Meir Wahnon
7d009f4273 Adding Crits
To other section
2016-01-26 09:47:44 +02:00
ReadmeCritic
0e0c029d4e Update README URLs based on HTTP redirects 2016-01-20 12:29:56 -08:00
Meir Wahnon
5b6fd16115 fix DFIR intro 2016-01-13 20:55:34 +02:00
Meir Wahnon
f0d7b27673 Remove dots at end of line + add intro section 2016-01-13 20:52:49 +02:00
Meir Wahnon
075d2a5796 fix empty raw 2016-01-09 14:21:54 +02:00
Meir Wahnon
fe443b7452 Add Evidence collectors section
for multi platform
2016-01-09 14:16:04 +02:00
Meir Wahnon
b60bd66747 Merge pull request #40 from hslatman/hs_20160108
Fenrir + bulk_extractor
2016-01-09 14:11:22 +02:00
Herman Slatman
a6e31beea3 Stenographer buffered PCAP capture solution added 2016-01-09 11:22:43 +01:00
Herman Slatman
fb442c4a5a bulk_extractor added 2016-01-08 18:58:38 +01:00
Herman Slatman
7198f75f19 Fenrir IOC scanner added 2016-01-08 18:46:00 +01:00
Meir Wahnon
ada4d000f6 Adding Belkasoft Evidence Center 2016-01-07 23:39:50 +02:00
Meir Wahnon
afbf73468a Adding Limacharlie 2016-01-04 09:26:40 +02:00
Herman Slatman
b94e155720 2nd link removed + 'typo' 2015-12-23 10:46:17 +01:00
Herman Slatman
b5c7ececb8 Merging DEFT and DEFT Zero 2015-12-23 10:32:56 +01:00
Herman Slatman
1a8cd130ee DEFT Zero (light DEFT) added 2015-12-21 13:38:55 +01:00
Herman Slatman
91111f0a8e DEFT Linux Distro added 2015-12-21 13:33:41 +01:00
Herman Slatman
50f5574a56 CAINE Live added 2015-12-21 13:30:04 +01:00
Herman Slatman
2b7f5a0bc5 SIFT Workstation added 2015-12-18 13:19:04 +01:00
Meir Wahnon
877119aa70 Merge pull request #36 from hslatman/hs_category_linux_distro
Move Security Onion to Linux Distributions Category + slight descript…
2015-12-17 13:43:02 +02:00
Herman Slatman
39cbfa075d Move Security Onion to Linux Distributions Category + slight description change 2015-12-14 21:44:57 +01:00
MikeDawg
a96753db32 Update Readme.md - Added Triage-IR
Added Triage-IR
2015-12-14 11:40:10 -07:00
Herman Slatman
2c8cb30576 threat_note name changed to real name + slightly more descriptive description 2015-12-14 10:12:48 +01:00
Herman Slatman
b1079e3be9 Envdb added 2015-12-14 10:09:57 +01:00
Herman Slatman
70e14eef1c BriMor Labs Live Response Collection added 2015-12-14 10:07:03 +01:00
Meir Wahnon
dcdbedb963 Remove DumpIT - seems the project is not maintained anymore 2015-12-13 15:04:20 +02:00
Meir Wahnon
fa6043b92d Add threat-note tool 2015-12-12 23:49:52 +02:00
Craig Davison
68813319cc Fix VirusTotal link 2015-12-12 17:38:37 +00:00
Craig Davison
9a88b11d2d Update URLs based on redirects 2015-12-12 17:38:17 +00:00
Rishi Bhargava
4e94b16a2f Editing the Slack community with signup form link and the community link 2015-12-11 22:34:41 -08:00
Scott J Roberts
1f98863a33 osxcollector because it's awesome 2015-12-11 13:24:51 -05:00
CSIRT hackery, Incident Response & Forensics
5c83458abb Added few services and tools 2015-12-10 21:12:28 +03:00
Herman Slatman
32068004e3 Crowd Response direct download replace by generic landing page 2015-12-06 12:26:14 +01:00
Herman Slatman
89e40b8b25 Crowd Response by CrowdStrike Added 2015-12-05 23:24:57 +01:00
Herman Slatman
7f935ab731 Extended Tracert by CIRCL added 2015-12-03 11:56:50 +01:00
Herman Slatman
9206f8ef6d DNS Miner 2015-12-01 18:59:57 +01:00
Meir Wahnon
dc194f6b64 Add Communities part 2015-12-01 11:28:14 +02:00
Herman Slatman
4c6189b2f0 IOC Finder added 2015-11-28 14:29:38 +01:00
Herman Slatman
d7df2064ac Memoryze for Mac 2015-11-26 09:32:30 +01:00
Herman Slatman
bc50301d82 Memoryze added 2015-11-26 09:32:04 +01:00
Meir Wahnon
4e5377ae63 Merge pull request #19 from mikesxrs/Adding-multiple-sections
Adding content to Win forensics and other tools; Adding sections for OSX forensics,Sandboxing/reversing and Books
2015-11-26 09:05:31 +02:00