|5 days ago||11 months ago|
|GNU General Public License v3.0 only||MIT License|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
DFIRKuiper/Kuiper - Digital Forensics Investigation Platform
1 project | reddit.com/r/bag_o_news | 15 Mar 2021
Kuiper is a digital investigation platform that provides a capabilities for the investigation team and individuals to parse, search, visualize collected evidences (evidences could be collected by fast traige script like Hoarder). Collaborate with other team members on the same platforms.
1 project | reddit.com/r/blueteamsec | 14 Mar 2021
I saw my definition of a worst case scenario today, all because the client didn't want to spend a little bit of money a couple years ago.
1 project | reddit.com/r/sysadmin | 22 Apr 2021
I think your best bet to start today is to start looking at self-education options (all over youtube, reddit, google) and start shopping for jobs that either have big training budgets or are at a service provider/vendor that offers IR and try to move laterally within it. You'd be surprised by what you get from just shooting your shot. You could consider some really basic certs like Sec + (avoid CEH like the plague unless you're gov't.) or Blue Team Level 1. I like to watch guys like 13cubed, or the surviving digital forensics podcasts and courses. Also just stay aware of infosec news from sources like brian krebs or cyberwire daily. Some other things to think about are ashemery.com/dfir.html and https://github.com/stuxnet999/MemLabs for some good exercises. Don't feel bad for using walkthroughs your first few times. SANS 3 minutes max is also great for quick topics in DFIR
What are some alternatives?
Cortex - Cortex: a Powerful Observable Analysis and Active Response Engine
awesome-incident-response - A curated list of tools for incident response
TheHive - TheHive: a Scalable, Open Source and Free Security Incident Response Platform
LinuxForensics - Everything related to Linux Forensics
CaptfEncoder - Captfencoder is a rapid cross platform network security tool suite, providing network security related code conversion, classical cryptography, cryptography, asymmetric encryption, miscellaneous tools, and aggregating all kinds of online tools.
my-arsenal-of-aws-security-tools - List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
robot_hacking_manual - Robot Hacking Manual (RHM). From robotics to cybersecurity. Papers, notes and writeups from a journey into robot cybersecurity.
swap_digger - swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.
nsa-codebreaker-2020 - My solutions to the 2020 NSA Codebreaker Challenge