A curated list of tools for incident response

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders

DFIRTrack - The Incident Response Tracking Application

AWS CloudSaga - Simulate security events in AWS

AHA is an incident management & communication framework to provide real-time alert customers when there are active AWS event(s). For customers with AWS Organizations, customers can get aggregated active account level events of all the accounts in the Organization. Customers not using AWS Organizations still benefit alerting at the account level.

A portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️

Open-source AI copilot that lets you chat with your observability data and code 🧙‍♂️ Get relevant context & root cause analysis in seconds about production incidents and make on-call engineers 10x better 🏎️

RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.

A curated list of tools for incident response. With repository stars⭐ and forks🍴

Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes.

Forensic toolkit for iOS sysdiagnose feature

Shodan Monitoring integration for TheHive.

An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.

PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.

Linux Incident Response Reporting

A collection of awesome tools, software, libraries, learning tutorials & videos, frameworks, best practices and technical resources about Incident Response & Management in Cybersecurity

CLI program for automating the setup, configuration, and use of cybersecurity solutions

The DNA test for websites

Volatility MindMap & Cheat Sheet