Commit Graph

279 Commits

Author SHA1 Message Date
Andreas Hunkeler
92f687ae4c
Add CyLR to evidence collection 2020-04-06 11:42:12 +02:00
Andreas Hunkeler
a1a723cd8f
Add Invoke-LiveResponse to Windows live collection 2020-04-06 11:39:43 +02:00
Andreas Hunkeler
214ab6cb1f
Add IRTriage Windows evidence collection tool 2020-04-06 11:36:57 +02:00
Andreas Hunkeler
3a838c67ee
Add PowerSponse as containment tool 2020-04-06 11:33:34 +02:00
Andreas Hunkeler
075d3802af
Add PowerGRR API client as addition to GRR 2020-04-06 11:29:45 +02:00
Philip Tully
d1b2c47647 fixes formatting 2020-03-11 13:14:10 -04:00
Philip Tully
d72ca2cc60 Adds StringSifter 2020-03-11 13:11:37 -04:00
Meir Wahnon
0556ba2c58
update slack community link 2020-01-18 09:51:30 +02:00
Bart
fdef171a92
Update README.md
Add CAPE sandbox.
2019-11-03 14:07:12 +01:00
thefear100
0dc6f6b027
Update README.md 2019-10-31 12:55:35 -07:00
thefear100
6f1131cc0c
Update README.md 2019-10-31 12:55:12 -07:00
thefear100
0ca9d52209
Update README.md 2019-10-30 11:24:20 -07:00
Karol Trociński
2fdb66e00f
Update README.md 2019-10-26 10:07:40 +00:00
Karol Trociński
522e37f639
Add MalConfScan volatility plugin. 2019-10-26 10:00:23 +00:00
actualmermaid
e147176811
Update README.md 2019-10-17 11:38:36 -07:00
Herman Slatman
7cad62c65f
Add DFIR ORC 2019-09-24 10:51:24 +02:00
Bryan Bowie
18bc422371
Update README.md
Added in several new tools as well as removed Malwr as it is no longer available at this time.
2019-09-02 12:40:45 -04:00
Tony Phipps
174faaae58
Update README.md 2019-08-28 07:12:35 -04:00
Tony Phipps
7db1d4b1c0
Update README.md 2019-08-27 23:29:19 -04:00
Alexey Dolgikh
3945bce515
Update README.md 2019-06-03 09:53:54 +03:00
Alexey Dolgikh
e6817c1d19
Update README.md
Adds Kaspersky CyberTrace and Kaspersky Threat Intelligence Portal
2019-05-28 12:15:36 +03:00
Herman Slatman
1a4ab6dcf0
Fix errors after merge 2018-11-27 17:51:52 +01:00
Herman Slatman
045c36b3e9
Merge branch 'master' into hs_sysmon_search 2018-11-27 17:33:34 +01:00
Meitar M
c7366df265
Consistently use sentence casing, fix a typo, shorten verbose items.
This commit continues the work to conform to the Awesome List style
guidelines. In this commit, item descriptions have been checked to
ensure they use sentence casing (first letter of the description must be
capitalized), a typo ("forenisic" -> "forensic") was fixed, and several
overly long descriptions that read too much like marketing material were
shortened to a single sentence for simplicity.
2018-10-03 16:21:23 -04:00
Meitar M
6e4f1accca Continued style guide conformance fixes.
This commit continues edits to make the list Awesome List conformant.
Specifically, this commit focuses on:

* Removing prepositions ("A," "An," "The," etc) from the start of items.
* Removing duplicated line item names from their descriptions.
* Expanding acronyms of line item names in the link itself.

Again, this is just one step in the process of making the list more
conformant to the Awesome List style guide and should not be considered
an exhaustive treatment.
2018-10-03 15:47:22 -04:00
Meitar M
c7dc47c239 Begin style conformance with new Awesome List guides.
The Awesome List style guide wants listed awesome lists to conform to a
particular style. Their style guide includes numerous items, some of
which are addressed by this commit. The items addressed herein include:

* Name of list as the top-level heading.
* Awesome badge placed to the right of the title, not underneath.
* Description of the list contents.
* All line items should end in appropriate punctuation (like a period).

This is a first pass and should not be considered an exhaustive
accounting of the style guide's recommendations.
2018-10-03 15:44:51 -04:00
Herman Slatman
a3d57c4271
Merge branch 'master' into hs_sysmon_search 2018-10-01 21:12:35 +02:00
Herman Slatman
cb5016d109
Add StreamAlert 2018-10-01 20:14:38 +02:00
Herman Slatman
2b404faf3d
Add SysmonSearch 2018-10-01 20:10:43 +02:00
CIRT Josh
e84f24cc69
Update README.md 2018-08-30 17:31:50 +01:00
CIRT Josh
1fcabb74c4
Merge pull request #1 from meirwah/master
Update
2018-08-30 17:28:40 +01:00
Meitar M
87ae91b21e
Add Scout2, an AWS assessment and (semi-)automated account hardening tool. 2018-08-22 14:00:32 -04:00
Meitar M
8433df3be6
Add Margarita Shotgun, a Python-based remote memory acquisition tool. 2018-08-22 14:00:12 -04:00
Herman Slatman
81805dfaeb
Add Diffy 2018-07-17 22:47:56 +02:00
Binalyze
4626070758
Update README.md
Added the word free.
2018-06-17 22:23:30 +03:00
Binalyze
866884f933
Update README.md
Added IREC into Windows Evidence Collection list.
2018-06-17 22:22:30 +03:00
Meir Wahnon
097454d7b8
Merge pull request #107 from hslatman/hs_adversary_emulation
Add Adversary Emulation section
2018-05-12 09:51:21 -07:00
nogoodconfig
6c38544120 Added PyaraScanner 2018-05-03 15:30:52 +01:00
nogoodconfig
c3320ee0d3 Added PyaraScanner 2018-05-03 15:30:01 +01:00
megan201296
52282a826c
Update README.md
Removed `s` in `https://augmentd.co/`. augmentd only uses `http`
2018-04-24 17:01:30 -05:00
Logically Secure Ltd
d1b3ae2a58
Update README.md
Added CyberCPR as Incident Management tool
2018-04-12 17:53:15 +04:00
dogoncouch
b0ef858927 Add logdissect log analysis tool (CLI/Python API) 2018-03-27 14:18:54 -04:00
Herman Slatman
534f7837f4
Add several Adversary Emulation tools 2018-03-24 12:14:31 +01:00
Herman Slatman
e93c03bfb2
Add Caldera 2018-03-24 12:02:13 +01:00
Herman Slatman
99443b07ea
Merge branch 'master' of https://github.com/meirwah/awesome-incident-response into hs_adversary_emulation 2018-03-24 11:59:56 +01:00
Herman Slatman
682ae1a62a
Add Adversary Emulation section 2018-03-24 11:55:46 +01:00
Meir Wahnon
f6ba87baf7
Merge pull request #103 from deralexxx/patch-1
API list
2018-02-20 22:53:50 -08:00
Alexander J
700ed12699
Update README.md 2018-02-20 22:24:07 +01:00
Alexander J
cbe381c8f5
Update README.md
updated
2018-02-20 21:13:47 +01:00
chadmando
d88c1b898f
Fix Books section DFIR Intro link
Scott Roberts DFIR Intro link is broken, pointed to his Medium post on the same topic
2018-02-19 09:56:16 -06:00
Meir Wahnon
17d24c69de
adding helk
adding helk
2018-01-17 17:56:55 +02:00
Alexander J
8be7413c8c
Update README.md 2018-01-16 13:11:00 +01:00
Alexander J
69977b1bf4
Update README.md 2018-01-14 17:38:06 +01:00
Alexander J
ba892960f3
API list
Hope that is good enough for the awesome list.
2018-01-14 17:36:48 +01:00
Yogesh Khatri (@swiftforensics)
e5637704ba
Added mac_apt under OSX category 2018-01-07 00:11:05 -05:00
Theta Gamma
2bed4f7cb2
Update README.md 2017-11-15 11:40:55 +01:00
Theta Gamma
4d615bbeaf
Update README.md
FIDO is deprecated at Netflix and this repository is no longer maintained. -> removed
added CCF-VM to linux-distributions
2017-11-15 11:36:12 +01:00
sabandosoleda
8fedf97fa6
fixed alphabetical order 2017-11-04 18:35:36 +01:00
sabandosoleda
5ed90e2758
Add Bitscout
Please add Bitscout as a trustable remote forensics and acquisition livecd builder tool! Thank you
2017-11-04 16:52:43 +01:00
Brie Carranza
2a5218dade Add morgue by etsy 2017-10-24 17:02:40 -04:00
Herman Slatman
56e4f3bcc5 Add DumpsterFire
And move sqhunter to turn the list into alphabetical order again
2017-10-20 14:27:00 +02:00
Herman Slatman
a4d0fc1216 Add Kolide Fleet
Removed the old, out-dated Kolide entry
2017-10-19 08:16:07 +02:00
Tomas Hertus
a2fa9c460c Add Metadefender Cloud 2017-06-28 10:11:41 -07:00
Adel Ka
8972536973 sqhunter tool added 2017-06-28 15:07:55 +10:00
Herman Slatman
418e88965a Add imagemounter 2017-05-28 13:35:11 +02:00
Herman Slatman
0472cd5c94 Add Cyphon 2017-05-20 22:22:43 +02:00
Meir Wahnon
cf07ef546a adding Panorama
adding Panorama
2017-05-20 10:27:24 -07:00
Meir Wahnon
c879934de2 add VolDiff
add VolDiff to memory
2017-05-12 16:37:01 +03:00
Meir Wahnon
1cb26921a4 Adding IRM
Adding IRM
2017-04-04 11:51:51 +03:00
Meir Wahnon
f1959c15d6 Add Contents header
Add Contents header
2017-04-01 11:12:13 +03:00
Diogo Fernandes
de396576b3 Added domfind 2017-03-29 18:36:13 +02:00
Herman Slatman
441c4f717f Add augmentd 2017-03-25 18:33:33 +01:00
Meir Wahnon
31f72656fe Add Demisto to incident mgmt section
Add Demisto free edition to incident mgmt section
2017-03-18 14:00:33 +02:00
Diogo Fernandes
e41ab7de89 Added ir-rescue 2017-02-11 23:30:48 +01:00
Saad Kadhi
b8906e9fab add Cortex from TheHive Project 2017-02-04 18:16:58 +01:00
Meir Wahnon
6be9b47df4 Merge pull request #80 from K2/master
Added inVtero.net
2017-01-27 17:54:40 +02:00
Herman Slatman
5ffcbf346f Add PagerDuty Incident Response Documentation 2017-01-21 09:42:28 +01:00
ktwo/ShaneK2
f79dc0c08d Added inVtero.net
Link to my new memory analysis platform ;)
2017-01-20 18:57:32 -08:00
chumstick
c71116c3c5 Fixed Formatting to Conform to Guidelines 2016-11-16 13:57:21 -05:00
chumstick
4f7352617b Added "Fidelis ThreatScanner" to Windows tools 2016-11-16 13:54:42 -05:00
Keith J. Jones
68a26a79e0 Merge branch 'master' of https://github.com/meirwah/awesome-incident-response into visualize_logs 2016-11-12 11:44:22 -05:00
Keith J. Jones
cda1ca8605 Added cuckoo log to project description. 2016-11-12 11:44:17 -05:00
Herman Slatman
c22a83df11 Add LMG 2016-11-10 01:29:48 +01:00
Herman Slatman
ccb093b0b1 Add VolatilityBot 2016-11-10 01:24:56 +01:00
Herman Slatman
bc1c24d754 Add TheHive 2016-11-10 01:20:25 +01:00
Meir Wahnon
7af1241d54 Merge pull request #76 from keithjjones/visualize_logs
Added Visualize_Logs
2016-11-06 20:33:43 +00:00
Meir Wahnon
500ac758dd Merge pull request #75 from bcarrier/master
Added Cyber Triage.
2016-10-24 10:24:53 +03:00
Keith J. Jones
7743a82fa6 Added Visualize_Logs. 2016-10-23 14:46:05 -04:00
Keith J. Jones
518772feb6 Added cuckoo-modified-api 2016-10-04 16:10:39 -04:00
Brian Carrier
3e462aac5e Added Cyber Triage. 2016-09-27 23:27:29 -04:00
Keith J. Jones
07b81326dd Alphabetized and capitalized. 2016-08-31 10:44:50 -04:00
Keith J. Jones
662dbd9904 Added two keithjjones tools. 2016-08-31 10:37:53 -04:00
Meir Wahnon
e42e2ecec3 Adding Zentral
Adding Zentral to  All in one Tools
2016-07-18 19:50:48 +03:00
Herman Slatman
a5ebd3e291 Remove period 2016-07-12 14:42:11 +02:00
Herman Slatman
f249e0dbf4 PALADIN added 2016-07-12 14:36:10 +02:00
Herman Slatman
9e767898bd Added Magnet RAM Capture 2016-07-12 14:30:38 +02:00
Herman Slatman
8567ec5e97 Added ACQUIRE 2016-07-12 14:27:08 +02:00
Herman Slatman
3a4fff6617 Added Falcon Orchestrator 2016-07-12 14:20:50 +02:00
Herman Slatman
abb133510d Added RaQet 2016-07-12 13:08:53 +02:00
Herman Slatman
b589680044 Added CimSweep 2016-07-12 13:01:53 +02:00