Awesome Security lists for SOC/CERT/CTI
-
Updated
Jul 16, 2024 - Python
Awesome Security lists for SOC/CERT/CTI
OneUptime is the complete open-source observability platform.
A collection of sources of documentation, as well as field best practices, to build/run a SOC
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Volatility 3.0 development
Write-ups for CTF-like, CyberSec training platforms (BTLO, CyberDefenders) | Repository of forensic artifacts which are useful in real world and CTF investigations
Write-ups for CTF-like, CyberSec training platforms (BTLO, CyberDefenders, Hack The Box Sherlocks)
Documenting Defensive Security Strategies
The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters. Inspired by Wireshark, purposely built for Kubernetes
IntelOwl: manage your Threat Intelligence at scale
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, Domain, ASN, DNS and Threat Indicator matches.
Collaborative Incident Response platform
Open source security data pipelines.
Wazuh - Ansible playbook
Forensic Linux VM for Apple Silicon and ARM64 compatible platforms
A curated list of tools for incident response. With repository stars⭐ and forks🍴
A cross platform forensic parser written in Rust!
Digging Deeper....
Add a description, image, and links to the incident-response topic page so that developers can more easily learn about it.
To associate your repository with the incident-response topic, visit your repo's landing page and select "manage topics."